microsoft/hve-core

Public

mirrored from https://github.com/microsoft/hve-coreAvailable

CodeCommitsIssuesPull requestsActionsInsightsSecurity
docs/227-add-governance

Branches

Tags

  • No tags available.
0Branches0Tags
Go to file
Add file
Code

Clone

HTTPS

Download ZIP

.github/workflows/main.yml

95lines · modecode

1name: Main Branch CI
2
3on:
4 push:
5 branches:
6 - main
7
8 workflow_dispatch:
9
10# Minimal permissions for security
11permissions:
12 contents: read
13
14jobs:
15 spell-check:
16 name: Spell Check
17 uses: ./.github/workflows/spell-check.yml
18 permissions:
19 contents: read
20 with:
21 soft-fail: false
22
23 markdown-lint:
24 name: Markdown Lint
25 uses: ./.github/workflows/markdown-lint.yml
26 permissions:
27 contents: read
28 with:
29 soft-fail: false
30
31 table-format:
32 name: Table Format Check
33 uses: ./.github/workflows/table-format.yml
34 permissions:
35 contents: read
36 with:
37 soft-fail: false
38
39 dependency-pinning-scan:
40 name: Dependency Pinning Scan
41 uses: ./.github/workflows/dependency-pinning-scan.yml
42 permissions:
43 contents: read
44 security-events: write
45 with:
46 soft-fail: false
47 upload-sarif: true
48 upload-artifact: true
49
50 extension-package:
51 name: Package VS Code Extension
52 needs:
53 - spell-check
54 - markdown-lint
55 - table-format
56 - dependency-pinning-scan
57 uses: ./.github/workflows/extension-package.yml
58 with:
59 dev-patch-number: ${{ github.run_number }}
60 permissions:
61 contents: read
62
63 release-please:
64 name: Release Please
65 needs:
66 - spell-check
67 - markdown-lint
68 - table-format
69 - dependency-pinning-scan
70 - extension-package
71 runs-on: ubuntu-latest
72 outputs:
73 release_created: ${{ steps.release.outputs.release_created }}
74 tag_name: ${{ steps.release.outputs.tag_name }}
75 version: ${{ steps.release.outputs.version }}
76 major: ${{ steps.release.outputs.major }}
77 minor: ${{ steps.release.outputs.minor }}
78 patch: ${{ steps.release.outputs.patch }}
79 permissions:
80 contents: read
81 steps:
82 - name: Generate GitHub App Token
83 id: app-token
84 uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.0.0
85 with:
86 app-id: ${{ vars.RELEASE_APP_ID }}
87 private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }}
88
89 - name: Run release-please
90 id: release
91 uses: googleapis/release-please-action@16a9c90856f42705d54a6fda1823352bdc62cf38 # v4.4.0
92 with:
93 token: ${{ steps.app-token.outputs.token }}
94 config-file: release-please-config.json
95 manifest-file: .release-please-manifest.json