-
Notifications
You must be signed in to change notification settings - Fork 655
40 lines (32 loc) · 1.24 KB
/
coc_violation_analysis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# SPDX-License-Identifier: Apache-2.0
name: CoC violation analysis
run-name: Running CoC violation analysis (#${{ github.event.workflow_run.pull_requests[0].number }})
on:
workflow_run:
workflows:
- Lint
types:
- completed
env:
LC_ALL: en_US.UTF-8
defaults:
run:
shell: bash
permissions:
contents: read
jobs:
annotator-insights:
runs-on: ubuntu-latest
if: ${{ github.event.workflow_run.conclusion == 'success' }}
name: Run annotator insights
steps:
- name: "Harden Runner"
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- name: "Invoke insight handler"
id: run_insights
run: |
echo "${{ toJSON(github.event) }}"
curl -X 'POST' "https://pr-analysis-handler.1fuhf5gskmng.us-east.codeengine.appdomain.cloud/analyze-pr?pr_number=${{ github.event.workflow_run.pull_requests[0].number }}&owner=${{ github.repository_owner }}&repo=${{ github.event.repository.name }}" -H 'accept: application/json' -H 'Authorization: Bearer ${{ secrets.COC_ANALYSIS_TOKEN }}' -d '' &
echo "CoC violation analysis triggered"