Skip to content

Add RL-Secure workflow for scanning build artifacts #147

Add RL-Secure workflow for scanning build artifacts

Add RL-Secure workflow for scanning build artifacts #147

Workflow file for this run

name: Create npm and GitHub Release
on:
pull_request:
types:
- closed
workflow_dispatch:
permissions:
contents: write
id-token: write # For publishing to npm using --provenance
### TODO: Replace instances of './.github/workflows/' w/ `auth0/dx-sdk-actions/workflows/` and append `@latest` after the common `dx-sdk-actions` repo is made public.
### TODO: Also remove `get-prerelease`, `get-release-notes`, `get-version`, `npm-publish`, `release-create`, and `tag-exists` actions from this repo's .github/actions folder once the repo is public.
### TODO: Also remove `npm-release` workflow from this repo's .github/workflows folder once the repo is public.
jobs:
rl-scanner:
uses: ./.github/workflows/rl-secure.yml
with:
node-version: 18
artifact-name: 'auth0-spa-js.tgz'
secrets:
RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
RLSECURE_SITE_KEY: ${{ secrets.RLSECURE_SITE_KEY }}
SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
PRODSEC_TOOLS_USER: ${{ secrets.PRODSEC_TOOLS_USER }}
PRODSEC_TOOLS_TOKEN: ${{ secrets.PRODSEC_TOOLS_TOKEN }}
PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
release:
uses: ./.github/workflows/npm-release.yml
needs: rl-scanner
with:
node-version: 18
require-build: true
secrets:
npm-token: ${{ secrets.NPM_TOKEN }}
github-token: ${{ secrets.GITHUB_TOKEN }}