Consolidate 'dependency-submission' tests into integ-test workflow

2025-12-08 17:15:46 +08:00 · 2024-04-10 05:00:05 -06:00
parent 63fcfbfe27
commit 9169d36880
5 changed files with 41 additions and 142 deletions
--- a/.github/workflows/ci-dependency-review.yml
+++ b/.github/workflows/ci-dependency-review.yml
@@ -1,28 +0,0 @@
-# Dependency Review Action
-#
-# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
-#
-# Source repository: https://github.com/actions/dependency-review-action
-# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
-name: CI-dependency-review
-on: [pull_request]
-
-permissions:
-  contents: write
-
-jobs:
-  dependency-review:
-    runs-on: ubuntu-latest
-    steps:
-      - name: 'Checkout Repository'
-        uses: actions/checkout@v4
-      - name: Dependencies for groovy-dsl
-        uses: ./dependency-submission
-        with:
-          build-root-directory: .github/workflow-samples/groovy-dsl
-      - name: Dependencies for kotlin-dsl
-        uses: ./dependency-submission
-        with:
-          build-root-directory: .github/workflow-samples/kotlin-dsl
-      - name: 'Dependency Review'
-        uses: actions/dependency-review-action@v4