TUF-on-CI repository tests #2812

Workflow file for this run

	name: TUF-on-CI repository tests

	on:
	workflow_call:
	workflow_dispatch:
	schedule:
	- cron: '17 4,10,16,22 * * *'

	permissions: {}

	jobs:
	smoke-test:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

	- name: Set initial root for the smoke test
	run: cp metadata/root_history/5.root.json ./root.json

	- name: Smoke test TUF-on-CI repository with a TUF client
	uses: theupdateframework/tuf-on-ci/actions/test-repository@27c49c016591c7cfea57f6b15296f714a5c4a5f6 # v0.13.0
	with:
	metadata_url: https://sigstore.github.io/root-signing/
	update_base_url: https://tuf-repo-cdn.sigstore.dev/
	# when workflow is reused in publish.yml, do not require future validity
	valid_days: ${{ github.event_name == 'workflow_call' && 0 \|\| 3 }}
	offline_valid_days: ${{ github.event_name == 'workflow_call' && 0 \|\| 30 }}

	custom-smoke-test:
	permissions:
	id-token: 'write' # For signing with the GitHub workflow identity
	uses: ./.github/workflows/custom-test.yml
	with:
	metadata_url: https://sigstore.github.io/root-signing/

	update-issue:
	runs-on: ubuntu-latest
	needs: [smoke-test, custom-smoke-test]
	# During workflow_call, caller updates issue
	if: always() && !cancelled() && github.workflow == 'TUF-on-CI repository tests'
	permissions:
	issues: 'write' # for modifying Issues
	steps:
	- name: Update the issue for the workflow
	uses: theupdateframework/tuf-on-ci/actions/update-issue@27c49c016591c7cfea57f6b15296f714a5c4a5f6 # v0.13.0
	with:
	token: ${{ secrets.TUF_ON_CI_TOKEN \|\| secrets.GITHUB_TOKEN }}
	success: ${{ !contains(needs.*.result, 'failure') }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

TUF-on-CI repository tests #2812

Workflow file

TUF-on-CI repository tests #2812

Jobs

Run details

Workflow file for this run