-
Notifications
You must be signed in to change notification settings - Fork 3
37 lines (35 loc) · 1.1 KB
/
security-audit.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
name: Security Audit
# Run daily and also when Cargo.toml changes
on:
schedule:
- cron: "0 8 * * *" # 8AM UTC, 3PM MST
push:
paths:
- "**/Cargo.toml"
jobs:
security-audit:
runs-on: ubuntu-18.04
steps:
- uses: actions/checkout@v2
- name: Install Rust
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
- name: Search for cargo-audit to get latest version
id: audit-search
run: echo ::set-output name=audit-version::$(cargo search cargo-audit --limit 1 | grep cargo-audit)
- name: Restore cargo-audit based on search result
id: cache
uses: actions/cache@v2
with:
path: ~/.cargo/bin
key: ${{ github.workflow }} ${{ steps.audit-search.outputs.audit-version }}
- name: Install cargo-audit if the cache missed
run: cargo install cargo-audit
if: steps.cache.outputs.cache-hit != 'true'
- name: Run audit checker
uses: actions-rs/audit-check@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}