-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feat: Harden GHA workflows #335
Conversation
Note to reviewer(s): Certain workflows listed as "Required Checks" for this PR will show as pending because of the refactored workflows – new workflows don't yet exist on |
Description
This PR refactors much of the existing GitHub Actions workflows and Terraform Lambda configurations to provide the following enhancements:
main
is pushed & deploy to Production when a release is tagged) contexts. These changes removes quite a bit of duplicated code and allows for repeatability.terraform plan
PRs would always fail for forked PRs.step-security/harden-runner
action.Testing
As with most GitHub Actions changes, testing is complicated. It's probably sufficient to review the most recent workflow executions from this branch.
Checklist