chore: check actions workflow (#5)

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
kyverno · Oct 3, 2023 · a7afb3e · a7afb3e
1 parent 095282b
commit a7afb3e
Showing 1 changed file with 23 additions and 0 deletions.
diff --git a/.github/workflows/check-actions.yaml b/.github/workflows/check-actions.yaml
@@ -0,0 +1,23 @@
+name: Check actions
+
+# permissions: {}
+
+on:
+  pull_request:
+    branches:
+      - 'main'
+      - 'release*'
+
+jobs:
+  check:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+      - name: Ensure SHA pinned actions
+        uses: zgosalvez/github-actions-ensure-sha-pinned-actions@f32435541e24cd6a4700a7f52bb2ec59e80603b1 # v2.1.4
+        with:
+          # slsa-github-generator requires using a semver tag for reusable workflows. 
+          # See: https://github.com/slsa-framework/slsa-github-generator#referencing-slsa-builders-and-generators
+          allowlist: |
+            slsa-framework/slsa-github-generator