From fbf400ff7213c7990f1fa40888d271a8ffcc88b1 Mon Sep 17 00:00:00 2001 From: Kat Stevens Date: Tue, 5 Nov 2024 11:27:57 +0000 Subject: [PATCH 1/3] PP-12687: Add dedicated PR workflow Aiming for consistency with app repos. --- .github/workflows/{run-tests.yml => _run-tests.yml} | 3 +-- .github/workflows/pr.yml | 11 +++++++++++ .github/workflows/static.yml | 2 +- 3 files changed, 13 insertions(+), 3 deletions(-) rename .github/workflows/{run-tests.yml => _run-tests.yml} (96%) create mode 100644 .github/workflows/pr.yml diff --git a/.github/workflows/run-tests.yml b/.github/workflows/_run-tests.yml similarity index 96% rename from .github/workflows/run-tests.yml rename to .github/workflows/_run-tests.yml index 709eda9..fb0a721 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/_run-tests.yml @@ -1,7 +1,6 @@ name: Run tests and static build on: - pull_request: workflow_call: workflow_dispatch: @@ -9,7 +8,7 @@ permissions: contents: read jobs: - run-tests: + tests: name: Unit tests and static build runs-on: ubuntu-latest steps: diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml new file mode 100644 index 0000000..4c7873b --- /dev/null +++ b/.github/workflows/pr.yml @@ -0,0 +1,11 @@ +name: PR + +on: + pull_request: + +permissions: + contents: read + +jobs: + tests: + uses: ./.github/workflows/_run-tests.yml diff --git a/.github/workflows/static.yml b/.github/workflows/static.yml index fbf41e5..df29ed9 100644 --- a/.github/workflows/static.yml +++ b/.github/workflows/static.yml @@ -18,7 +18,7 @@ concurrency: jobs: run-tests: name: Unit tests and static build - uses: ./.github/workflows/run-tests.yml + uses: ./.github/workflows/_run-tests.yml static: name: Deploy and release Pay product pages needs: run-tests From 2c43aa25b08d273f05eae40c0ca0edd1c2d152ce Mon Sep 17 00:00:00 2001 From: Kat Stevens Date: Tue, 5 Nov 2024 11:31:37 +0000 Subject: [PATCH 2/3] PP-12687: Add detect secrets shared workflow --- .github/workflows/_run-tests.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/_run-tests.yml b/.github/workflows/_run-tests.yml index fb0a721..1a1f172 100644 --- a/.github/workflows/_run-tests.yml +++ b/.github/workflows/_run-tests.yml @@ -8,6 +8,14 @@ permissions: contents: read jobs: + detect-secrets: + runs-on: ubuntu-latest + steps: + - name: Git checkout + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b + - name: Detect secrets + uses: alphagov/pay-ci/actions/detect-secrets@master + tests: name: Unit tests and static build runs-on: ubuntu-latest From d2a0071ec013e01b65123950e813feff87b44145 Mon Sep 17 00:00:00 2001 From: Kat Stevens Date: Tue, 5 Nov 2024 11:41:57 +0000 Subject: [PATCH 3/3] PP-12687: Add Dependency Review shared workflow --- .github/workflows/pr.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 4c7873b..8b61c54 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -9,3 +9,7 @@ permissions: jobs: tests: uses: ./.github/workflows/_run-tests.yml + + dependency-review: + name: Dependency Review scan + uses: alphagov/pay-ci/.github/workflows/_run-dependency-review.yml@master