mirror of
https://github.com/bitwarden/directory-connector
synced 2026-02-18 18:33:39 +00:00
Compare commits
2 Commits
main
...
ac/pm-2047
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
f5faf87ceb | ||
|
|
98e459a5fc |
49
.github/workflows/build-target.yml
vendored
Normal file
49
.github/workflows/build-target.yml
vendored
Normal file
@@ -0,0 +1,49 @@
|
||||
# This workflow is intended to be run when we need to build the client and produce artifacts
|
||||
# that require secrets when the PR source branch does not have access to secrets (e.g. a fork).
|
||||
# This workflow will run in the context of the target of the PR and have access to secrets.
|
||||
# This should only be done after reviewing the PR to ensure that no malicious code has been
|
||||
# introduced, as it could allow the code on the forked branch to have access to workflow secrets.
|
||||
|
||||
name: Build on PR Target
|
||||
|
||||
on:
|
||||
pull_request_target:
|
||||
types: [opened, synchronize, reopened]
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- 'src/**'
|
||||
- 'src-cli/**'
|
||||
- 'jslib/**'
|
||||
- 'resources/**'
|
||||
- 'scripts/**'
|
||||
- 'package.json'
|
||||
- 'package-lock.json'
|
||||
- 'tsconfig.json'
|
||||
- 'angular.json'
|
||||
- '.github/workflows/build.yml'
|
||||
- '!*.md'
|
||||
- '!*.txt'
|
||||
|
||||
defaults:
|
||||
run:
|
||||
shell: bash
|
||||
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
check-run:
|
||||
name: Check PR run
|
||||
uses: bitwarden/gh-actions/.github/workflows/check-run.yml@main
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
run-workflow:
|
||||
name: Run Build
|
||||
needs: check-run
|
||||
if: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
|
||||
uses: ./.github/workflows/build.yml
|
||||
secrets: inherit
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
10
.github/workflows/build.yml
vendored
10
.github/workflows/build.yml
vendored
@@ -8,6 +8,16 @@ on:
|
||||
- "rc"
|
||||
- "hotfix-rc"
|
||||
workflow_dispatch: {}
|
||||
workflow_call:
|
||||
secrets:
|
||||
Azure-KV-CI-Service-Principal:
|
||||
required: true
|
||||
AZURE_SUBSCRIPTION_ID:
|
||||
required: true
|
||||
AZURE_TENANT_ID:
|
||||
required: true
|
||||
AZURE_CLIENT_ID:
|
||||
required: true
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
Reference in New Issue
Block a user