From ac0d08905160e621b0fcc5926b5c709e5100a614 Mon Sep 17 00:00:00 2001 From: Markus Reiter Date: Fri, 9 Dec 2022 06:39:24 +0000 Subject: [PATCH] Update `ci.yml`. --- .github/workflows/ci.yml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9fd0afe..e1f0888 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,6 +11,9 @@ concurrency: group: "${{ github.ref }}" cancel-in-progress: ${{ github.event_name == 'pull_request' }} +permissions: + contents: read + jobs: generate-matrix: outputs: @@ -114,24 +117,29 @@ jobs: id: gems run: brew install-bundler-gems + - name: Run brew readall ${{ matrix.tap }} + id: readall + run: brew readall '${{ matrix.tap }}' + if: always() && steps.gems.outcome == 'success' + - name: Run brew style ${{ matrix.tap }} run: brew style '${{ matrix.tap }}' - if: always() && steps.gems.outcome == 'success' && !matrix.cask + if: always() && steps.readall.outcome == 'success' && !matrix.cask - name: Run brew fetch --cask ${{ matrix.cask.token }} id: fetch run: | brew fetch --cask --retry --force '${{ matrix.cask.path }}' timeout-minutes: 30 - if: always() && steps.gems.outcome == 'success' && matrix.cask + if: always() && steps.readall.outcome == 'success' && matrix.cask - name: Run brew audit --cask${{ (matrix.cask && ' ') || ' --tap ' }}${{ matrix.cask.token || matrix.tap }} id: audit run: | - brew audit --cask ${{ join(matrix.audit_args, ' ') }}${{ (matrix.cask && ' ') || ' --tap ' }}'${{ matrix.cask.path || matrix.tap }}' + brew audit --cask ${{ join(matrix.audit_args, ' ') }}${{ (matrix.cask && ' --signing ') || ' --tap ' }}'${{ matrix.cask.path || matrix.tap }}' timeout-minutes: 30 if: > - always() && steps.gems.outcome == 'success' && + always() && steps.readall.outcome == 'success' && (!matrix.cask || steps.fetch.outcome == 'success') && !matrix.skip_audit