Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 2 additions & 18 deletions .github/workflows/frontend-pr.yml
Original file line number Diff line number Diff line change
@@ -1,24 +1,8 @@
name: 'Frontend: PR'
name: "Frontend: PR"

on:
pull_request:
types: [opened, synchronize, reopened, labeled]
branches: ['*']

jobs:
check:
name: Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: valitydev/action-setup-thrift@v1
- uses: valitydev/action-frontend/setup-install@v2
with:
npm-not-ci: 'true'
- name: Codegen
run: npm run codegen
- uses: valitydev/action-frontend/publish@v2
with:
npm-token: ${{ secrets.NPM_TOKEN }}
npm-version-tag: 'pr'
pr-only-labeled: 'true'
uses: valitydev/action-frontend/.github/workflows/proto-check.yml@v3

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}
Comment thread
A77AY marked this conversation as resolved.
Dismissed
22 changes: 7 additions & 15 deletions .github/workflows/frontend-publish.yml
Original file line number Diff line number Diff line change
@@ -1,21 +1,13 @@
name: 'Frontend: Publish'
name: "Frontend: Publish"

on:
push:
branches: ['master', 'main']
branches: ["master", "main"]

permissions:
contents: read
id-token: write

jobs:
publish:
name: Publish
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: valitydev/action-setup-thrift@v1
- uses: valitydev/action-frontend/setup-install@v2
with:
npm-not-ci: true
- name: Build
run: npm run codegen
- uses: valitydev/action-frontend/publish@v2
with:
npm-token: ${{ secrets.NPM_TOKEN }}
uses: valitydev/action-frontend/.github/workflows/proto-publish.yml@v3
Loading