forked from github/docs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathactions-workflows.js
35 lines (32 loc) · 1.21 KB
/
actions-workflows.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
const fs = require('fs')
const path = require('path')
const yaml = require('js-yaml')
const flat = require('flat')
const { chain, difference, get } = require('lodash')
const workflowsDir = path.join(__dirname, '../../.github/workflows')
const workflows = fs.readdirSync(workflowsDir)
.filter(filename => filename.endsWith('.yml') || filename.endsWith('.yaml'))
.map(filename => {
const fullpath = path.join(workflowsDir, filename)
const data = yaml.load(fs.readFileSync(fullpath, 'utf8'), { fullpath })
return { filename, fullpath, data }
})
const allowedActions = require('../../.github/allowed-actions')
function actionsUsedInWorkflow (workflow) {
return Object.keys(flat(workflow))
.filter(key => key.endsWith('.uses'))
.map(key => get(workflow, key))
}
describe('GitHub Actions workflows', () => {
test('only use allowed actions from ./github/allow-actions.json', async () => {
const allUsedActions = chain(workflows)
.map(actionsUsedInWorkflow)
.flatten()
.uniq()
.sort()
.value()
expect(allowedActions.length).toBeGreaterThan(0)
expect(allUsedActions.length).toBeGreaterThan(0)
expect(difference(allowedActions, allUsedActions)).toEqual([])
})
})