feat: upgrade Astro to v4, vite v4 and storyblok/astro v4 #38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # By default this workflow will be running for PRs and pushes to other branches except main | |
| on: | |
| pull_request_target: | |
| types: [labeled] | |
| push: | |
| branches-ignore: | |
| - 'main' | |
| jobs: | |
| sast: | |
| runs-on: sast | |
| if: | | |
| github.event_name == 'push' || | |
| ( | |
| github.event_name == 'pull_request_target' && | |
| github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name && | |
| github.event.label.name == 'security scan' | |
| ) | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 | |
| # Checking out SAST composite action | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 | |
| with: | |
| repository: NordSecurity/sast-configs | |
| ref: main | |
| ssh-key: ${{ secrets.SAST_ACTION_KEY }} | |
| path: .github/workflows/sast | |
| # Checking out only SAST action and composite project configuration action | |
| sparse-checkout: | | |
| base/sast-action | |
| actions/storyblok-rich-text-astro-renderer-sast-action | |
| - uses: ./.github/workflows/sast/actions/storyblok-rich-text-astro-renderer-sast-action | |
| with: | |
| SAST_TEAM: ${{ secrets.SAST_TEAM }} | |
| SAST_URL: ${{ secrets.SAST_URL }} | |
| SAST_USERNAME: ${{ secrets.SAST_USERNAME }} | |
| SAST_PASSWORD: ${{ secrets.SAST_PASSWORD }} | |
| SAST_CLIENT_SECRET: ${{ secrets.SAST_CLIENT_SECRET }} | |
| UNC_ACTION_KEY: ${{ secrets.UNC_ACTION_KEY }} | |
| UNC_BRANCH_ENABLED: false | |