moved Security action to its own workflow due to secrets limitation o…

…n PRs from forks.
lquixada · Mar 12, 2021 · 1cd5110 · 1cd5110
1 parent 2bd5425
commit 1cd5110
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 11 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -32,14 +32,3 @@ jobs:
     - uses: actions/checkout@v2
     - uses: actions/setup-node@v1
     - run: make lint
-
-  security:
-    runs-on: ubuntu-latest
-
-    steps:
-    - uses: actions/checkout@v2
-    - uses: actions/setup-node@v1
-    - run: npm install
-    - run: make secure
-      env:
-        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -1,8 +1,10 @@
 # Based on https://docs.github.com/en/actions/guides/publishing-nodejs-packages#publishing-packages-to-npm-and-github-packages
 name: Release
+
 on:
   release:
     types: [created]
+
 jobs:
   build:
     runs-on: ubuntu-latest

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -0,0 +1,17 @@
+name: Security
+
+on:
+  push:
+    branches: [ main ]
+
+jobs:
+  security:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - uses: actions/setup-node@v1
+    - run: npm install
+    - run: make secure
+      env:
+        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}