actions
/
unity-test-runner
mirror of https://github.com/game-ci/unity-test-runner.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Security (#94) 

* fix(test): embed unity license

* fix(test): checkout head

* fix(test): use `pull_request` event instead of `pull_request_target` event
pull/99/head
mob-sakai 2021-02-08 23:23:31 +09:00 committed by GitHub
parent d45ca4403f
commit 345f4c64bd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
.github/workflows/main.yml vendored
View File

@ -1,9 +1,12 @@
name: Actions 😎
on:
push: { branches: [main] }
pull_request_target:
pull_request:
paths-ignore:
- ".github/**"
- '.github/**'
env:
UNITY_LICENSE: "<?xml version=\"1.0\" encoding=\"UTF-8\"?><root>\n <License id=\"Terms\">\n <MachineBindings>\n <Binding Key=\"1\" Value=\"576562626572264761624c65526f7578\"/>\n <Binding Key=\"2\" Value=\"576562626572264761624c65526f7578\"/>\n </MachineBindings>\n <MachineID Value=\"D7nTUnjNAmtsUMcnoyrqkgIbYdM=\"/>\n <SerialHash Value=\"2033b8ac3e6faa3742ca9f0bfae44d18f2a96b80\"/>\n <Features>\n <Feature Value=\"33\"/>\n <Feature Value=\"1\"/>\n <Feature Value=\"12\"/>\n <Feature Value=\"2\"/>\n <Feature Value=\"24\"/>\n <Feature Value=\"3\"/>\n <Feature Value=\"36\"/>\n <Feature Value=\"17\"/>\n <Feature Value=\"19\"/>\n <Feature Value=\"62\"/>\n </Features>\n <DeveloperData Value=\"AQAAAEY0LUJHUlgtWEQ0RS1aQ1dWLUM1SlctR0RIQg==\"/>\n <SerialMasked Value=\"F4-BGRX-XD4E-ZCWV-C5JW-XXXX\"/>\n <StartDate Value=\"2021-02-08T00:00:00\"/>\n <UpdateDate Value=\"2021-02-09T00:34:57\"/>\n <InitialActivationDate Value=\"2021-02-08T00:34:56\"/>\n <LicenseVersion Value=\"6.x\"/>\n <ClientProvidedVersion Value=\"2018.4.30f1\"/>\n <AlwaysOnline Value=\"false\"/>\n <Entitlements>\n <Entitlement Ns=\"unity_editor\" Tag=\"UnityPersonal\" Type=\"EDITOR\" ValidTo=\"9999-12-31T00:00:00\"/>\n <Entitlement Ns=\"unity_editor\" Tag=\"DarkSkin\" Type=\"EDITOR_FEATURE\" ValidTo=\"9999-12-31T00:00:00\"/>\n </Entitlements>\n </License>\n<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments\"/><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/><Reference URI=\"#Terms\"><Transforms><Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/></Transforms><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/><DigestValue>m0Db8UK+ktnOLJBtHybkfetpcKo=</DigestValue></Reference></SignedInfo><SignatureValue>o/pUbSQAukz7+ZYAWhnA0AJbIlyyCPL7bKVEM2lVqbrXt7cyey+umkCXamuOgsWPVUKBMkXtMH8L\n5etLmD0getWIhTGhzOnDCk+gtIPfL4jMo9tkEuOCROQAXCci23VFscKcrkB+3X6h4wEOtA2APhOY\nB+wvC794o8/82ffjP79aVAi57rp3Wmzx+9pe9yMwoJuljAy2sc2tIMgdQGWVmOGBpQm3JqsidyzI\nJWG2kjnc7pDXK9pwYzXoKiqUqqrut90d+kQqRyv7MSZXR50HFqD/LI69h68b7P8Bjo3bPXOhNXGR\n9YCoemH6EkfCJxp2gIjzjWW+l2Hj2EsFQi8YXw==</SignatureValue></Signature></root>"
jobs:
tests:
@ -37,18 +40,10 @@ jobs:
###########################
# Checkout #
###########################
- name: Checkout (default)
- name: Checkout
uses: actions/checkout@v2
if: github.event.event_type != 'pull_request_target'
with:
lfs: true
- name: Checkout (pull_request_target)
uses: actions/checkout@v2
if: github.event.event_type == 'pull_request_target'
with:
lfs: true
ref: ${{ github.event.pull_request.head.ref }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
###########################
# Cache #
@ -67,8 +62,6 @@ jobs:
testMode: ${{ matrix.testMode }}
artifactsPath: ${{ matrix.testMode }}-artifacts
customParameters: -profile SomeProfile -someBoolean -someValue exampleValue
env:
UNITY_LICENSE: ${{ secrets.UNITY_LICENSE }}
- uses: actions/upload-artifact@v2
with:
name: Test results for ${{ matrix.testMode }}
@ -89,18 +82,9 @@ jobs:
###########################
# Checkout #
###########################
- name: Checkout (default)
uses: actions/checkout@v2
if: github.event.event_type != 'pull_request_target'
- uses: actions/checkout@v2
with:
lfs: true
- name: Checkout (pull_request_target)
uses: actions/checkout@v2
if: github.event.event_type == 'pull_request_target'
with:
lfs: true
ref: ${{ github.event.pull_request.head.ref }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
###########################
# Cache #
@ -122,8 +106,6 @@ jobs:
unityVersion: ${{ matrix.unityVersion }}
testMode: all
# Test implicit artifactsPath, by not setting it
env:
UNITY_LICENSE: ${{ secrets.UNITY_LICENSE }}
# Upload artifacts
- name: Upload test results
@ -147,18 +129,9 @@ jobs:
###########################
# Checkout #
###########################
- name: Checkout (default)
uses: actions/checkout@v2
if: github.event.event_type != 'pull_request_target'
- uses: actions/checkout@v2
with:
lfs: true
- name: Checkout (pull_request_target)
uses: actions/checkout@v2
if: github.event.event_type == 'pull_request_target'
with:
lfs: true
ref: ${{ github.event.pull_request.head.ref }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
###########################
# Cache #
@ -180,8 +153,6 @@ jobs:
unityVersion: ${{ matrix.unityVersion }}
testMode: editmode
artifactsPath: artifacts/editmode
env:
UNITY_LICENSE: ${{ secrets.UNITY_LICENSE }}
# Upload artifacts
- name: Upload test results
@ -205,18 +176,9 @@ jobs:
###########################
# Checkout #
###########################
- name: Checkout (default)
uses: actions/checkout@v2
if: github.event.event_type != 'pull_request_target'
- uses: actions/checkout@v2
with:
lfs: true
- name: Checkout (pull_request_target)
uses: actions/checkout@v2
if: github.event.event_type == 'pull_request_target'
with:
lfs: true
ref: ${{ github.event.pull_request.head.ref }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
###########################
# Cache #
@ -238,8 +200,6 @@ jobs:
unityVersion: ${{ matrix.unityVersion }}
testMode: playmode
artifactsPath: artifacts/playmode
env:
UNITY_LICENSE: ${{ secrets.UNITY_LICENSE }}
# Upload artifacts
- name: Upload test results
@ -263,18 +223,9 @@ jobs:
###########################
# Checkout #
###########################
- name: Checkout (default)
uses: actions/checkout@v2
if: github.event.event_type != 'pull_request_target'
- uses: actions/checkout@v2
with:
lfs: true
- name: Checkout (pull_request_target)
uses: actions/checkout@v2
if: github.event.event_type == 'pull_request_target'
with:
lfs: true
ref: ${{ github.event.pull_request.head.ref }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
###########################
# Cache #
@ -295,8 +246,6 @@ jobs:
unityVersion: ${{ matrix.unityVersion }}
testMode: editmode
artifactsPath: artifacts/editmode
env:
UNITY_LICENSE: ${{ secrets.UNITY_LICENSE }}
# Configure second test runner
- name: Tests in playmode 📺
@ -306,8 +255,6 @@ jobs:
unityVersion: ${{ matrix.unityVersion }}
testMode: playmode
artifactsPath: artifacts/playmode
env:
UNITY_LICENSE: ${{ secrets.UNITY_LICENSE }}
# Upload combined artifacts
- name: Upload combined test results