open-balena/.github/workflows/flowzone.yml
Anton Belodedenko c23c2f6373
Tests require permissions: id-token: "write"
change-type: patch
2024-11-28 10:42:54 -08:00

47 lines
1.3 KiB
YAML

name: Flowzone
on:
pull_request:
types: [opened, synchronize, closed]
branches: [main, master]
pull_request_target:
types: [opened, synchronize, closed]
branches: [main, master]
permissions:
id-token: "write" # AWS GitHub OIDC required: write (tests)
jobs:
flowzone:
name: Flowzone
uses: product-os/flowzone/.github/workflows/flowzone.yml@master
# prevent duplicate workflow executions for pull_request and pull_request_target
if: |
(
github.event.pull_request.head.repo.full_name == github.repository &&
github.event_name == 'pull_request'
) || (
github.event.pull_request.head.repo.full_name != github.repository &&
github.event_name == 'pull_request_target'
)
secrets: inherit
with:
jobs_timeout_minutes: 60
cloudflare_website: open-balena
balena_slugs: |
balena/open-balena
tests:
name: openBalena tests
uses: ./.github/workflows/tests.yml
needs: [flowzone]
if: |
((
github.event.pull_request.head.repo.full_name == github.repository &&
github.event_name == 'pull_request'
) || (
github.event.pull_request.head.repo.full_name != github.repository &&
github.event_name == 'pull_request_target'
)) && github.event.action != 'closed'
secrets: inherit