mirror of
https://github.com/roundcube/roundcubemail.git
synced 2026-03-04 07:14:02 +01:00
a65dc33761
Dependabot will propose updates to the used versions nonetheless. This is motivated by a recent case in which a github action was compromised and manipulated tags to point to malicious code <https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised>.
38 lines
1.0 KiB
YAML
38 lines
1.0 KiB
YAML
name: Message Rendering
|
|
|
|
on:
|
|
push:
|
|
pull_request:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
message_rendering:
|
|
runs-on: ubuntu-latest
|
|
if: "!contains(github.event.head_commit.message, '[skip ci]') && !contains(github.event.head_commit.message, '[ci skip]')"
|
|
|
|
strategy:
|
|
fail-fast: false
|
|
|
|
name: Linux / PHP 8.3
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
|
|
|
# Run via docker compose because we can't run greenmail in a server here
|
|
# (it requires the testing emails to be present when starting but
|
|
# services are started before the repo is cloned). And instead of
|
|
# re-building what our compose-file contains we can just use it.
|
|
- name: Run tests via docker compose
|
|
run: docker compose -f .ci/compose.yaml run test_message_rendering
|
|
|
|
- name: Upload artifacts
|
|
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
|
|
if: failure()
|
|
with:
|
|
name: Logs
|
|
path: logs/errors.log
|
|
|