Example workflows + gitleaks

pythoninthegrass · pythoninthegrass · commit 17a874ad32ec · 2022-07-31T13:22:35.000-05:00
diff --git a/.github/workflows/echo_secret.yml b/.github/workflows/echo_secret.yml
@@ -0,0 +1,15 @@
+name: echo_secret
+
+on:
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - shell: bash
+      env:
+        SUPER_SECRET: ${{ secrets.CREDS }}
+      run: |
+        echo "$SUPER_SECRET"
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -1,5 +1,7 @@
 name: gitleaks
+
 on: [pull_request, push, workflow_dispatch]
+
 jobs:
   scan:
     name: gitleaks
diff --git a/.github/workflows/run_script.yml b/.github/workflows/run_script.yml
@@ -0,0 +1,49 @@
+name: run_script
+
+on:
+  workflow_dispatch:
+
+jobs:
+  ci:
+    strategy:
+      fail-fast: false
+      matrix:
+          python-version: ["3.10.5"]
+          poetry-version: ["1.1.13"]
+          os: [ubuntu-latest]
+          arch: ['x64']
+
+    runs-on: ${{ matrix.os }}
+
+    steps:
+    - name: checkout repo content
+      uses: actions/checkout@v3
+    - name: setup python
+      uses: actions/setup-python@v4
+      with:
+        python-version: ${{ matrix.python-version }}
+        architecture: ${{ matrix.arch }}
+    # - name: Install dependencies
+    #   run: |
+    #     python -m pip install --upgrade pip
+    #     if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
+    - name: run poetry image
+      uses: abatilo/actions-poetry@v2.0.0
+      with:
+        poetry-version: ${{ matrix.poetry-version }}
+    - name: install gh cli
+      shell: bash
+      run: |
+        curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg
+        sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg
+        echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null
+        sudo apt update
+        sudo apt install --no-install-recommends -y gh
+    - name: run script
+      shell: bash
+      env:
+        username: ${{ secrets.USERNAME }}
+      run: |
+        python -m pip install --upgrade pip
+        poetry install
+        poetry run python hello.py
