Remove skip from AuthMethodTest #657
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Auto-formats C# whitespace in pull requests and pushes a fixup commit. | |
| # Uses a two-job design (format → push) to limit write permissions to | |
| # only the job that actually needs them. | |
| name: Format | |
| on: | |
| # pull_request_target runs in the context of the *base* branch, not the PR. | |
| # This is intentional: it avoids executing untrusted PR code while still | |
| # allowing us to push back to the PR branch. | |
| # See: https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/ | |
| pull_request_target: | |
| paths: | |
| - "**.editorconfig" | |
| - "**.globalconfig" | |
| - "**.cs" | |
| - .github/workflows/formatter.yml | |
| # Top-level: no permissions. Each job declares only what it needs. | |
| permissions: {} | |
| concurrency: ${{ github.workflow }}-${{ github.head_ref }} | |
| jobs: | |
| format: | |
| runs-on: ubuntu-slim | |
| steps: | |
| - name: Setup .NET | |
| uses: actions/setup-dotnet@v5.1.0 | |
| with: | |
| dotnet-version: '9.0.x' | |
| # https://github.com/dotnet/runtime/issues/118148 | |
| # Checkout into subdirectory, so we never evaluate global.json from potential attacker | |
| - name: Checkout repository | |
| uses: actions/checkout@v6.0.2 | |
| with: | |
| show-progress: false | |
| persist-credentials: false | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| ref: ${{ github.head_ref }} | |
| path: code | |
| - name: Format scripts | |
| run: dotnet format whitespace ./code --no-restore | |
| - name: Create format patch | |
| working-directory: ./code | |
| run: git diff -- "*.cs" > ${{ runner.temp }}/format.patch | |
| - name: Upload patch | |
| uses: actions/upload-artifact@v7.0.0 | |
| with: | |
| name: format-patch | |
| path: ${{ runner.temp }}/format.patch | |
| # Downloads the patch from the format job and commits it to the PR branch. | |
| # This is the only job with write permissions, and it never runs untrusted | |
| # code - it just applies a patch and pushes. | |
| push: | |
| needs: format | |
| runs-on: ubuntu-slim | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6.0.2 | |
| with: | |
| show-progress: false | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| ref: ${{ github.head_ref }} | |
| - name: Download patch | |
| uses: actions/download-artifact@v8.0.1 | |
| with: | |
| pattern: format-patch | |
| path: ${{ runner.temp }}/format-patch | |
| - name: Commit changes | |
| run: | | |
| if [ -s "${{ runner.temp }}/format-patch/format.patch" ]; then | |
| git config user.name octocat | |
| git config user.email octocat@users.noreply.github.com | |
| git apply ${{ runner.temp }}/format-patch/format.patch | |
| git commit -am "style: fix whitespaces" | |
| git push | |
| else | |
| echo "No formatting changes needed" | |
| fi | |