Skip to content

Commit

Permalink
Merge pull request #30 from onemedical/SEC-1417/pr-security-workflow
Browse files Browse the repository at this point in the history
Add PR Security pipeline workflow
  • Loading branch information
Svetlanko authored Feb 21, 2023
2 parents 30592f3 + 2d868bc commit 7bf660e
Showing 1 changed file with 32 additions and 0 deletions.
32 changes: 32 additions & 0 deletions .github/workflows/pr-security.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
---
# onemedical/<repo>/.github/workflows/pr-security.yaml
#
# This is the workflow for distribution to repositories across the organization.
# It will call the reusable PR security workflow, and run scans against each PR.
name: PR Security


# yamllint disable-line rule:truthy
on:
pull_request:
branches: [main, master]


permissions:
# Required for workflows in private repositories.
contents: read

# Required for SARIF results upload to GHAS.
security-events: write
actions: read


jobs:
# Run the reusable workflow.
run-workflow:
name: Run Workflow
# yamllint disable-line rule:line-length
uses: onemedical/github-reusable-workflows/.github/workflows/reusable-pr-security.yaml@main
# The detect-secrets tool is used in some repositories, and generates false
# positives like the one below. Add comment to ignore.
secrets: inherit # pragma: allowlist secret

0 comments on commit 7bf660e

Please sign in to comment.