1
0
mirror of https://github.com/ohmyzsh/ohmyzsh.git synced 2024-11-29 05:03:52 +08:00
ohmyzsh/.github/workflows/main.yml
Alex 065f5ffc5a
ci: harden permissions for GitHub Workflows (#11174)
* build: harden main.yml permissions
Signed-off-by: Alex <aleksandrosansan@gmail.com>

* build: harden project.yml permissions
Signed-off-by: Alex <aleksandrosansan@gmail.com>

* Update project.yml

The permissions are not necessary, because a separate token is used `GITHUB_TOKEN: ${{ secrets.PROJECT_TOKEN }}`
2022-10-07 14:39:00 +02:00

45 lines
1.0 KiB
YAML

name: CI
on:
pull_request:
types:
- opened
- synchronize
branches:
- master
push:
branches:
- master
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
permissions:
contents: read # to fetch code (actions/checkout)
jobs:
tests:
name: Run tests
runs-on: ${{ matrix.os }}
if: github.repository == 'ohmyzsh/ohmyzsh'
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
steps:
- name: Set up git repository
uses: actions/checkout@v2
- name: Install zsh
if: runner.os == 'Linux'
run: sudo apt-get update; sudo apt-get install zsh
- name: Test installer
run: sh ./tools/install.sh
- name: Check syntax
run: |
for file in ./oh-my-zsh.sh \
./lib/*.zsh \
./plugins/*/*.plugin.zsh \
./plugins/*/_* \
./themes/*.zsh-theme; do
zsh -n "$file" || return 1
done