Skip to content

.github/workflows/e2e.delegator-generic.tag.main.default.slsa3.yml #7947

.github/workflows/e2e.delegator-generic.tag.main.default.slsa3.yml

.github/workflows/e2e.delegator-generic.tag.main.default.slsa3.yml #7947

# Copyright 2023 SLSA Authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: schedule verify-token wrapper
on:
# Daily run.
schedule:
- cron: "0 4 * * *"
workflow_dispatch:
push:
branches: [main]
permissions: read-all
concurrency: "e2e.verify-token.push.main"
env:
GH_TOKEN: ${{ secrets.E2E_NODEJS_TOKEN }}
ISSUE_REPOSITORY: slsa-framework/slsa-github-generator
jobs:
push:
runs-on: ubuntu-latest
if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch'
permissions:
contents: write
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- run: ./.github/workflows/scripts/e2e-push.sh
verify-token-e2e:
if: github.event_name == 'push' && github.event.head_commit.message == github.workflow
permissions:
contents: read
id-token: write
issues: write
# NOTE: must call @main is required rather than using a "same repo" call so
# that the job_workflow_ref is correctly set to the reusable workflow.
uses: slsa-framework/example-package/.github/workflows/e2e.verify-token.reusable.yml@main