Skip to content

[StepSecurity] Apply security best practices #501

[StepSecurity] Apply security best practices

[StepSecurity] Apply security best practices #501

Workflow file for this run

name: CPack check
on:
push:
branches: [ '**' ]
pull_request:
branches: [ '**' ]
permissions:
contents: read
jobs:
job-build1:
runs-on: ci-gcc9
if: ${{ github.repository != 'intel/pcm' }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
with:
submodules: recursive
- name: Configure CMake
run: |
cmake --version
rm -rf ${{ github.workspace }}/build
cmake -B ${{ github.workspace }}/build -DCMAKE_INSTALL_PREFIX=${{ github.workspace }}/build
- name: Build and Install
run: |
g++ --version
cd ${{ github.workspace }}/build
make -j$(nproc)
- name: CPack
run: |
cd ${{ github.workspace }}/build
cpack
job-build2:
runs-on: ci-test
if: ${{ github.repository != 'intel/pcm' }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
with:
submodules: recursive
- name: Configure CMake
run: |
cmake --version
rm -rf ${{ github.workspace }}/build
cmake -B ${{ github.workspace }}/build -DCMAKE_INSTALL_PREFIX=${{ github.workspace }}/build
- name: Build and Install
run: |
g++ --version
cd ${{ github.workspace }}/build
make -j$(nproc)
- name: CPack
run: |
cd ${{ github.workspace }}/build
cpack