sigstore: Tweak method signature #232
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Run KMS tests | |
| on: | |
| push: | |
| workflow_dispatch: | |
| permissions: {} | |
| jobs: | |
| test-kms: | |
| runs-on: ubuntu-latest | |
| if: github.repository_owner == 'secure-systems-lab' # only run upstream | |
| permissions: | |
| id-token: 'write' # for OIDC auth for GCP authentication | |
| issues: 'write' # for filing an issue on failure | |
| steps: | |
| - name: Checkout securesystemslib | |
| uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 | |
| - name: Set up Python | |
| uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 | |
| with: | |
| python-version: '3.x' | |
| cache: 'pip' | |
| cache-dependency-path: 'requirements*.txt' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install --upgrade tox | |
| - name: Authenticate to Google Cloud | |
| uses: google-github-actions/auth@35b0e87d162680511bf346c299f71c9c5c379033 | |
| with: | |
| token_format: access_token | |
| workload_identity_provider: projects/843741030650/locations/global/workloadIdentityPools/securesystemslib-tests/providers/securesystemslib-tests | |
| service_account: securesystemslib@python-tuf-kms.iam.gserviceaccount.com | |
| - run: tox -e kms | |
| - name: File an issue on failure | |
| if: ${{ failure() }} | |
| uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 | |
| with: | |
| script: | | |
| const repo = context.repo.owner + "/" + context.repo.repo | |
| const issues = await github.rest.search.issuesAndPullRequests({ | |
| q: "KMS+tests+failed+in:title+state:open+type:issue+repo:" + repo, | |
| }) | |
| if (issues.data.total_count > 0) { | |
| console.log("Issue open already, not creating.") | |
| } else { | |
| await github.rest.issues.create({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| title: "KMS tests failed", | |
| body: "Hey, it seems KMS tests have failed, please see - [workflow run](" + | |
| "https://github.com/" + repo + "/actions/runs/" + context.runId + ")" | |
| }) | |
| console.log("New issue created.") | |
| } |