Skip to content

OPA: authorization based on request body #3196

OPA: authorization based on request body

OPA: authorization based on request body #3196

Workflow file for this run

name: pr
on: [ pull_request ]
permissions:
contents: read
jobs:
semgrep:
if: ${{ github.actor != 'dependabot[bot]' }}
runs-on: ubuntu-latest
container:
image: returntocorp/semgrep
steps:
# Retrieve the source code for the repository
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
# Fetch the semgrep rules
- run: git clone https://github.com/dgryski/semgrep-go.git
# Run the rule checker using the fetched rules
- run: semgrep ci -f semgrep-go
check-race:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
- uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe
with:
# https://www.npmjs.com/package/semver#caret-ranges-123-025-004
go-version: '^1.19'
- run: go version
- run: make deps
- run: make check-race
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
- uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe
with:
# https://www.npmjs.com/package/semver#caret-ranges-123-025-004
go-version: '^1.19'
- run: go version
- run: make deps
- run: make check-fmt
- run: make vet
- run: make staticcheck
- run: make cicheck