openapi/.github/workflows/main.yml at eb85357d776eecc36a1acd33f881a3453b4a6d1b · omec-project/openapi · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
# Copyright 2019 Communication Service/Software Laboratory, National Chiao Tung University (free5gc.org)
# Copyright 2025 Canonical Ltd.
#
# SPDX-License-Identifier: Apache-2.0
name: CI Pipeline

on:
  pull_request:
    branches:
      - main
  push:
    branches:
      - main

permissions:
  contents: read

jobs:
  build:
    permissions:
      contents: read
      actions: read
      security-events: write
      id-token: write
      attestations: write
    uses: omec-project/.github/.github/workflows/build.yml@ead90c247b15898cf138fa31300ee71de83905bd # v0.0.21
    with:
      branch_name: ${{ github.ref }}

  # static-analysis:
  #   uses: omec-project/.github/.github/workflows/static-analysis.yml@main
  #   with:
  #     branch_name: ${{ github.ref }}

  lint:
    permissions:
      contents: read
      checks: write
      id-token: write
      attestations: write
    uses: omec-project/.github/.github/workflows/lint.yml@ead90c247b15898cf138fa31300ee71de83905bd # v0.0.21
    with:
      branch_name: ${{ github.ref }}

  license-check:
    permissions:
      contents: read
      id-token: write
      attestations: write
    uses: omec-project/.github/.github/workflows/license-check.yml@ead90c247b15898cf138fa31300ee71de83905bd # v0.0.21
    with:
      branch_name: ${{ github.ref }}

  fossa-scan:
    permissions:
      contents: read
      security-events: write
      id-token: write
      attestations: write
    uses: omec-project/.github/.github/workflows/fossa-scan.yml@ead90c247b15898cf138fa31300ee71de83905bd # v0.0.21
    with:
      branch_name: ${{ github.ref }}

  unit-tests:
    permissions:
      contents: read
      checks: write
      id-token: write
      attestations: write
    uses: omec-project/.github/.github/workflows/unit-test.yml@ead90c247b15898cf138fa31300ee71de83905bd # v0.0.21
    with:
      branch_name: ${{ github.ref }}

  analysis:
    if: github.repository_owner == 'omec-project'
    permissions:
      actions: read
      artifact-metadata: read
      attestations: read
      checks: read
      contents: read
      deployments: read
      discussions: read
      id-token: write
      issues: read
      models: read
      packages: read
      pages: read
      pull-requests: read
      repository-projects: read
      security-events: write
      statuses: read
    uses: omec-project/.github/.github/workflows/scorecard-analysis.yml@ead90c247b15898cf138fa31300ee71de83905bd # v0.0.21
    with:
      branch_name: ${{ github.ref }}