Skip to content

rl testing changes

rl testing changes #50

Workflow file for this run

name: Create GitHub Release
on:
push:
branches:
- feature/RL
pull_request:
types:
- closed
workflow_dispatch:
permissions:
contents: write
id-token: write # For publishing to npm using --provenance
### TODO: Replace instances of './.github/workflows/' w/ `auth0/dx-sdk-actions/workflows/` and append `@latest` after the common `dx-sdk-actions` repo is made public.
### TODO: Also remove `get-prerelease`, `get-release-notes`, `get-version`, `npm-publish`, `release-create`, and `tag-exists` actions from this repo's .github/actions folder once the repo is public.
### TODO: Also remove `npm-release` workflow from this repo's .github/workflows folder once the repo is public.
jobs:
rl-scanner:
uses: ./.github/workflows/rl-secure.yml
with:
node-version: 18 ## depends if build requires node else we can remove this.
artifact-name: 'express-openid-connect.tgz' ## Will change respective to Repository
secrets:
RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
RLSECURE_SITE_KEY: ${{ secrets.RLSECURE_SITE_KEY }}
SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
PRODSEC_TOOLS_USER: ${{ secrets.PRODSEC_TOOLS_USER }}
PRODSEC_TOOLS_TOKEN: ${{ secrets.PRODSEC_TOOLS_TOKEN }}
PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
release:
uses: ./.github/workflows/npm-release.yml
needs: rl-scanner ## this is important as this will not let release job to run until rl-scanner is done
with:
node-version: 18
require-build: false
secrets:
npm-token: ${{ secrets.NPM_TOKEN }}
github-token: ${{ secrets.GITHUB_TOKEN }}