-
Notifications
You must be signed in to change notification settings - Fork 132
44 lines (40 loc) · 1.14 KB
/
audit.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
name: Security audit
on:
push:
branches:
- master
paths:
- Cargo.lock
pull_request:
paths:
- Cargo.lock
schedule:
- cron: '0 5 * * 0' # Weekly every Sunday 05:00 UTC
jobs:
security_audit:
runs-on: ubuntu-latest
container:
image: ghcr.io/${{ github.repository_owner }}/jormungandr-rust-ci:latest
credentials:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
volumes:
- cargo-registry-index:/usr/local/cargo/registry/index
steps:
- uses: actions/checkout@v2
- id: ls-crates-io-index
name: Get head commit hash of crates.io registry index
run: |
commit=$(
git ls-remote --heads https://github.com/rust-lang/crates.io-index.git master |
cut -f 1
)
echo "::set-output name=head::$commit"
- name: Cache cargo registry index
uses: actions/cache@v2
with:
path: /usr/local/cargo/registry/index
key: cargo-index-${{ steps.ls-crates-io-index.outputs.head }}
restore-keys: |
cargo-index-
- run: cargo audit