paradoxlabs/github-actions-magento2
3
0
Fork 0
mirror of https://github.com/graycoreio/github-actions-magento2.git synced 2026-06-08 19:46:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
5c04c25fe8db8700a45483a67b69731e5bbf396a
github-actions-magento2/.github/workflows/_internal-sansec-ecomscan.yaml
T
Damien Retzinger 5c04c25fe8 ci(sansec-ecomscan): adopt cache-magento stamp cache (#251) 
Adds `composer update --no-install` ahead of cache-magento so the
lock exists when the stamp key is computed, then flips on
stamp:true with the matching working-directory. This shortens
ecomscan runs from "full composer install" to "warm vendor/" on
warm hits.
2026-05-09 16:09:01 -04:00

79 lines
2.0 KiB
YAML
Raw Blame History

name: Sansec eComscan Security Scan
on:
push:
branches:
- main
paths:
- ".github/workflows/_internal-sansec-ecomscan.yaml"
- "sansec-ecomscan/**"
- "!(**/*.md)"
pull_request:
branches:
- main
paths:
- ".github/workflows/_internal-sansec-ecomscan.yaml"
- "sansec-ecomscan/**"
- "!(**/*.md)"
workflow_dispatch:
env:
MAGENTO_COMPOSER_REPO: "https://mirror.mage-os.org/"
jobs:
compute_matrix:
if: "!startsWith(github.head_ref, 'release-please')"
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.supported-version.outputs.matrix }}
steps:
- uses: actions/checkout@v6
- uses: ./supported-version
with:
kind: currently-supported
id: supported-version
run-ecomscan:
needs: compute_matrix
strategy:
matrix: ${{ fromJSON(needs.compute_matrix.outputs.matrix) }}
fail-fast: false
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: read
steps:
- uses: actions/checkout@v6
- uses: ./setup-magento
id: setup-magento
with:
php-version: ${{ matrix.php }}
tools: composer:v${{ matrix.composer }}
mode: extension
magento_repository: ${{ env.MAGENTO_COMPOSER_REPO }}
magento_version: ${{ matrix.magento }}
composer_auth: ${{ secrets.COMPOSER_AUTH }}
- run: composer update --no-install
working-directory: ${{ steps.setup-magento.outputs.path }}
- uses: ./cache-magento
with:
composer_cache_key: ${{ matrix.magento }}
working-directory: ${{ steps.setup-magento.outputs.path }}
stamp: true
- name: Composer install
shell: bash
run: composer install
working-directory: ${{ steps.setup-magento.outputs.path }}
env:
COMPOSER_AUTH: ${{ secrets.COMPOSER_AUTH }}
- uses: ./sansec-ecomscan
with:
license: ${{ secrets.SANSEC_LICENSE_KEY }}
path: ${{ steps.setup-magento.outputs.path }}
Reference in New Issue View Git Blame Copy Permalink