VIH-11246 Update GH Actions

hmcts · Jan 15, 2025 · c565257 · c565257
1 parent cdaa743
commit c565257
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 4 deletions.
diff --git a/.github/workflows/launch-darkly-find-code-refs-in-pr.yml b/.github/workflows/launch-darkly-find-code-refs-in-pr.yml
@@ -0,0 +1,18 @@
+name: Find LaunchDarkly feature flags in diff
+on: pull_request
+
+jobs:
+  find-feature-flags:
+    runs-on: ubuntu-latest
+    name: Find LaunchDarkly feature flags in diff
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Find flags
+        uses: launchdarkly/find-code-references-in-pull-request@v2
+        id: find-flags
+        with:
+          project-key: VH
+          environment-key: production
+          access-token: ${{ secrets.LD_SERVICE_TOKEN }}
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/launch-darkly-flag-sync.yml b/.github/workflows/launch-darkly-flag-sync.yml
@@ -1,5 +1,10 @@
 name: Find LaunchDarkly flag code references
-on: push
+on:
+  push:
+    branches:
+      - master
+  schedule:
+    - cron: '0 0 * * *' # Run every day at midnight
 # cancel in-flight workflow run if another push was triggered
 concurrency:
   group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
@@ -14,9 +19,8 @@ jobs:
         with:
           fetch-depth: 11 # This value must be set if the lookback configuration option is not disabled for find-code-references. Read more: https://github.com/launchdarkly/ld-find-code-refs#searching-for-unused-flags-extinctions
       - name: LaunchDarkly Code References
-        uses: launchdarkly/find-code-references@v2
+        uses: launchdarkly/find-code-references@main
         with:
           accessToken: ${{ secrets.LD_SERVICE_TOKEN }}
           projKey: VH
-          debug: true
           prune: true
diff --git a/.github/workflows/osv-scanner-pr.yml b/.github/workflows/osv-scanner-pr.yml
@@ -6,6 +6,8 @@ on:
     branches: [master]
   merge_group:
     branches: [master]
+  push:
+    branches: [master]
 
 permissions:
   # Required to upload SARIF file to CodeQL. See: https://github.com/github/codeql-action/issues/2117
@@ -17,4 +19,6 @@ permissions:
 
 jobs:
   scan-pr:
-    uses: 'google/osv-scanner-action/.github/workflows/[email protected]'
+    uses: 'google/osv-scanner-action/.github/workflows/[email protected]'
+    with:
+      fail-on-vuln: false