Skip to content
zizmor

Merge pull request #963 from metal3-io/renovate/main-openstack-ironic… #54

Sign in to view logs

Merge pull request #963 from metal3-io/renovate/main-openstack-ironic…

Merge pull request #963 from metal3-io/renovate/main-openstack-ironic… #54

Workflow file for this run

.github/workflows/zizmor.yml at a9b2ccc
---
# Static analysis for GitHub Actions workflows
# https://docs.zizmor.sh/
name: zizmor
on:
push:
branches:
- main
pull_request:
branches:
- main
permissions: {}
jobs:
zizmor:
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
# Upload SARIF to Security tab on push to main
- name: Run zizmor (SARIF)
if: github.event_name == 'push'
uses: zizmorcore/zizmor-action@0dce2577a4760a2749d8cfb7a84b7d5585ebcb7d # v0.5.0
# Block PRs with findings
- name: Run zizmor (PR check)
if: github.event_name == 'pull_request'
uses: zizmorcore/zizmor-action@0dce2577a4760a2749d8cfb7a84b7d5585ebcb7d # v0.5.0
with:
advanced-security: false