mirror of
https://github.com/kata-containers/kata-containers.git
synced 2025-09-16 06:18:58 +00:00
b4545da15d
The default suggestion for top-level permissions was `contents: read`, but scorecard notes anything other than empty, so try updating it and see if there are any issues. I think it's only needed if we run workflows from other repos. Signed-off-by: stevenhorsman <steven@uk.ibm.com>
49 lines
1.2 KiB
YAML
49 lines
1.2 KiB
YAML
on:
|
|
pull_request:
|
|
types:
|
|
- opened
|
|
- synchronize
|
|
- reopened
|
|
- labeled # a workflow runs only when the 'ok-to-test' label is added
|
|
|
|
permissions: {}
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
name: Static checks self-hosted
|
|
jobs:
|
|
skipper:
|
|
if: ${{ contains(github.event.pull_request.labels.*.name, 'ok-to-test') }}
|
|
uses: ./.github/workflows/gatekeeper-skipper.yaml
|
|
with:
|
|
commit-hash: ${{ github.event.pull_request.head.sha }}
|
|
target-branch: ${{ github.event.pull_request.base.ref }}
|
|
|
|
build-checks:
|
|
needs: skipper
|
|
if: ${{ needs.skipper.outputs.skip_static != 'yes' }}
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
instance:
|
|
- "ubuntu-22.04-arm"
|
|
- "s390x"
|
|
- "ppc64le"
|
|
uses: ./.github/workflows/build-checks.yaml
|
|
with:
|
|
instance: ${{ matrix.instance }}
|
|
|
|
build-checks-preview:
|
|
needs: skipper
|
|
if: ${{ needs.skipper.outputs.skip_static != 'yes' }}
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
instance:
|
|
- "riscv-builder"
|
|
uses: ./.github/workflows/build-checks-preview-riscv64.yaml
|
|
with:
|
|
instance: ${{ matrix.instance }}
|