gh token, formatting

ministryofjustice · Dec 20, 2024 · 9ca4629 · 9ca4629
1 parent d16697b
commit 9ca4629
Show file tree

Hide file tree

Showing 2 changed files with 126 additions and 122 deletions.
diff --git a/.github/workflows/pr-merge-main.yml b/.github/workflows/pr-merge-main.yml
@@ -17,70 +17,74 @@ permissions:
   packages: write
 
 jobs:
-    build-test-release:
-      if: |
-        github.event.pull_request.merged == true && !startsWith(github.event.pull_request.head.ref, 'dependabot/')
-      runs-on: ubuntu-latest
-      steps:
-        - uses: actions/checkout@v3
-          with:
-            ref: main
-            token: ${{ secrets.REPO_TOKEN }}
-        - name: Set up JDK 21
-          uses: actions/setup-java@v3
-          with:
-            java-version: '21'
-            distribution: 'temurin'
-        - name: Build with Gradle
-          uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
-          with:
-            arguments: build
-          env:
-            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  build-test-release:
+    if: |
+      github.event.pull_request.merged == true && !startsWith(github.event.pull_request.head.ref, 'dependabot/')
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          ref: main
+          token: ${{ secrets.REPO_TOKEN }}
+      - name: Set up JDK 21
+        uses: actions/setup-java@v3
+        with:
+          java-version: '21'
+          distribution: 'temurin'
+      - name: Build with Gradle
+        uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
+        with:
+          arguments: build
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-        - name: Test
-          uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
-          with:
-            arguments: jacocoTestCoverageVerification
+      - name: Test
+        uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
+        with:
+          arguments: jacocoTestCoverageVerification
 
-        - name: Integration Test
-          uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
-          with:
-            arguments: integrationTest
+      - name: Integration Test
+        uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
+        with:
+          arguments: integrationTest
 
-        - name: Set to github user
-          run: |
-            git config --global user.email "[email protected]"
-            git config --global user.name "GitHub Actions Bot"
+      - name: Set to github user
+        run: |
+          git config --global user.email "[email protected]"
+          git config --global user.name "GitHub Actions Bot"
 
-        - name: Update version
-          uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
-          with:
-            arguments: release -Prelease.useAutomaticVersion=true
+      - name: Update version
+        uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
+        with:
+          arguments: release -Prelease.useAutomaticVersion=true
 
-    vulnerability-report:
-      if: github.event.pull_request.merged == true
-      runs-on: ubuntu-latest
+  vulnerability-report:
+    if: github.event.pull_request.merged == true
+    runs-on: ubuntu-latest
 
-      env:
-        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        SNYK_ORG: legal-aid-agency
-        SNYK_TEST_EXCLUDE: build,generated
+    env:
+      SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      SNYK_ORG: legal-aid-agency
+      SNYK_TEST_EXCLUDE: build,generated
 
-      steps:
-        - uses: actions/checkout@v3
-        - name: Generate Snyk report and upload to LAA Dashboard
-          uses: snyk/actions/[email protected]
-          continue-on-error: true
-          with:
-            command: monitor
-            args: --org=${SNYK_ORG} --all-projects --exclude=$SNYK_TEST_EXCLUDE
-        - name: Generate sarif Snyk report
-          uses: snyk/actions/[email protected]
-          continue-on-error: true
-          with:
-            args: --org=${SNYK_ORG} --all-projects --exclude=$SNYK_TEST_EXCLUDE --sarif-file-output=snyk-report.sarif
-        - name: Upload result to GitHub Code Scanning
-          uses: github/codeql-action/upload-sarif@v2
-          with:
-            sarif_file: snyk-report.sarif
+    steps:
+      - uses: actions/checkout@v3
+      - name: Generate Snyk report and upload to LAA Dashboard
+        uses: snyk/actions/[email protected]
+        continue-on-error: true
+        with:
+          command: monitor
+          args: --org=${SNYK_ORG} --all-projects --exclude=$SNYK_TEST_EXCLUDE
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Generate sarif Snyk report
+        uses: snyk/actions/[email protected]
+        continue-on-error: true
+        with:
+          args: --org=${SNYK_ORG} --all-projects --exclude=$SNYK_TEST_EXCLUDE --sarif-file-output=snyk-report.sarif
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Upload result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: snyk-report.sarif
diff --git a/.github/workflows/push-branch.yml b/.github/workflows/push-branch.yml
@@ -17,72 +17,72 @@ permissions:
   packages: write
 
 jobs:
-    build-test-publish:
-      runs-on: ubuntu-latest
-      steps:
-        - uses: actions/checkout@v3
-        - name: Set up JDK 21
-          uses: actions/setup-java@v3
-          with:
-            java-version: '21'
-            distribution: 'temurin'
-        - name: Build with Gradle
-          uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
-          with:
-            arguments: build
-          env:
-            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  build-test-publish:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up JDK 21
+        uses: actions/setup-java@v3
+        with:
+          java-version: '21'
+          distribution: 'temurin'
+      - name: Build with Gradle
+        uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
+        with:
+          arguments: build
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-        - name: Test
-          uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
-          with:
-            arguments: jacocoTestCoverageVerification
+      - name: Test
+        uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
+        with:
+          arguments: jacocoTestCoverageVerification
 
-        - name: Integration Test
-          uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
-          with:
-            arguments: integrationTest
+      - name: Integration Test
+        uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
+        with:
+          arguments: integrationTest
 
-        - name: Update snapshot version
-          uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
-          with:
-            arguments: updateSnapshotVersion
+      - name: Update snapshot version
+        uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
+        with:
+          arguments: updateSnapshotVersion
 
-        - name: Publish package
-          uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
-          with:
-            arguments: publish
-          env:
-              GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Publish package
+        uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
+        with:
+          arguments: publish
+        env:
+            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-    vulnerability-scan:
-      runs-on: ubuntu-latest
+  vulnerability-scan:
+    runs-on: ubuntu-latest
 
-      env:
-        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        SNYK_ORG: legal-aid-agency
-        SNYK_TEST_EXCLUDE: build,generated
+    env:
+      SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      SNYK_ORG: legal-aid-agency
+      SNYK_TEST_EXCLUDE: build,generated
 
-      steps:
-        - uses: actions/checkout@v3
-        - name: Set up JDK 21
-          uses: actions/setup-java@v3
-          with:
-            java-version: '21'
-            distribution: 'temurin'
-        - uses: snyk/actions/[email protected]
-        - name: Install snyk-delta
-          run: |
-            npm config set prefix '~/.local/'
-            mkdir -p ~/.local/bin
-            export PATH="$HOME/.local/bin/:$PATH"
-            npm install -g snyk-delta
-        - name: Identify new vulnerabilities
-          run: ./snyk/snyk_delta_all_projects.sh --org=$SNYK_ORG --exclude=$SNYK_TEST_EXCLUDE
-          env:
-            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        - name: Run code test
-          uses: snyk/actions/[email protected]
-          with:
-            command: code test
-            args: --org=${SNYK_ORG}
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up JDK 21
+        uses: actions/setup-java@v3
+        with:
+          java-version: '21'
+          distribution: 'temurin'
+      - uses: snyk/actions/[email protected]
+      - name: Install snyk-delta
+        run: |
+          npm config set prefix '~/.local/'
+          mkdir -p ~/.local/bin
+          export PATH="$HOME/.local/bin/:$PATH"
+          npm install -g snyk-delta
+      - name: Identify new vulnerabilities
+        run: ./snyk/snyk_delta_all_projects.sh --org=$SNYK_ORG --exclude=$SNYK_TEST_EXCLUDE
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Run code test
+        uses: snyk/actions/[email protected]
+        with:
+          command: code test
+          args: --org=${SNYK_ORG}