forked from chobits/ngx_http_proxy_connect_module
-
Notifications
You must be signed in to change notification settings - Fork 0
32 lines (25 loc) · 908 Bytes
/
pr-security.yaml
File metadata and controls
32 lines (25 loc) · 908 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
---
# onemedical/<repo>/.github/workflows/pr-security.yaml
#
# This is the workflow for distribution to repositories across the organization.
# It will call the reusable PR security workflow, and run scans against each PR.
name: PR Security
# yamllint disable-line rule:truthy
on:
pull_request:
branches: [main, master]
permissions:
# Required for workflows in private repositories.
contents: read
# Required for SARIF results upload to GHAS.
security-events: write
actions: read
jobs:
# Run the reusable workflow.
run-workflow:
name: Run Workflow
# yamllint disable-line rule:line-length
uses: onemedical/github-reusable-workflows/.github/workflows/reusable-pr-security.yaml@main
# The detect-secrets tool is used in some repositories, and generates false
# positives like the one below. Add comment to ignore.
secrets: inherit # pragma: allowlist secret