Skip to content

Create SECURITY.md #383

Create SECURITY.md

Create SECURITY.md #383

Workflow file for this run

# On pull request events, this workflow will run `make test`.
name: 'Test'
on:
pull_request:
jobs:
make:
name: 'Make'
runs-on: ubuntu-latest
env:
# For storing the Terraform state for the deployment
AWS_ACCESS_KEY_ID: "${{ secrets.AWS_ACCESS_KEY_ID }}"
AWS_SECRET_ACCESS_KEY: "${{ secrets.AWS_SECRET_ACCESS_KEY }}"
AWS_DEFAULT_REGION: "${{ secrets.AWS_DEFAULT_REGION }}"
# Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
defaults:
run:
shell: bash
# Checkout the repository to the GitHub Actions runner
steps:
- uses: actions/checkout@v2
with:
fetch-depth: '0'
- name: Supply an empty .env.secrets file
run: |
echo "AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID" > .env.secrets
echo "AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" >> .env.secrets
echo "AWS_DEFAULT_REGION=$AWS_DEFAULT_REGION" >> .env.secrets
echo "AWS_ZONE=ssb-dev.data.gov" >> .env.secrets
- name: Build
run: make build
- name: Set the instance name for subsequent steps
# Use an instance name that corresponds to this particular branch+run.
# Docs for this method:
# https://docs.github.com/en/actions/reference/workflow-commands-for-github-actions#setting-an-environment-variable
run: |
INSTANCE_NAME="$(echo ci-${{ github.event.pull_request.number }}-${GITHUB_RUN_ID}-${GITHUB_RUN_ATTEMPT})"
if [[ "$(echo -n ${INSTANCE_NAME} | wc -c)" -lt "64" ]]; then
INSTANCE_NAME="${INSTANCE_NAME}-a-long-suffix-to-ensure-we-are-generating-ids-that-are-short-enough-for-underlying-identifiers"
INSTANCE_NAME="${INSTANCE_NAME//-}"
INSTANCE_NAME=$(head -c 64 <<< "$INSTANCE_NAME")
fi
echo "INSTANCE_NAME=${INSTANCE_NAME}" | tee -a $GITHUB_ENV
- name: Run examples (tests)
run: make up && make test && make down
- name: Clean up if there was a failure
if: ${{ failure() }}
run: make demo-down down