-
Notifications
You must be signed in to change notification settings - Fork 9
43 lines (40 loc) · 1.18 KB
/
pr.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
name: Pull Request or Push
on:
push:
branches:
- 'main' # Run on pushes to main
- 'test_secrets'
tags-ignore:
- '*' # Ignore pushes to tags
pull_request:
jobs:
credentials:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
outputs:
env_vars: ${{ steps.credentials.outputs.env_vars }}
steps:
- name: Output encoded credentials
id: credentials
env:
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
run: |
env_vars=$AZURE_CLIENT_ID,$AZURE_CLIENT_SECRET,$AZURE_TENANT_ID >> $GITHUB_OUTPUT
echo "::add-mask:: $env_vars"
echo "::set-output name=env_vars::$env_vars"
call_central_workflow:
name: CI
# uses: salt-extensions/central-artifacts/.github/workflows/ci.yml@main
needs: credentials
uses: M3GH4NN/central-artifacts/.github/workflows/ci.yml@credentials
with:
setup-vault: true
env_vars: ${{ needs.credentials.outputs.env_vars}}
permissions:
contents: write
pull-requests: read
###