fix: include sagemaker.mlops subpackages in sagemaker-mlops wheel (Fixes #5612) #17
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Fortress Security Scan | |
| on: | |
| pull_request_target: | |
| branches: | |
| - "master" | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.head_ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| id-token: write | |
| jobs: | |
| collab-check: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| approval-env: ${{ steps.collab-check.outputs.result }} | |
| steps: | |
| - name: Collaborator Check | |
| uses: actions/github-script@v7 | |
| id: collab-check | |
| with: | |
| github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} | |
| result-encoding: string | |
| script: | | |
| try { | |
| const res = await github.rest.repos.checkCollaborator({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| username: "${{ github.event.pull_request.user.login }}", | |
| }); | |
| console.log("Verified ${{ github.event.pull_request.user.login }} is a repo collaborator. Auto Approving.") | |
| return res.status == "204" ? "auto-approve" : "manual-approval" | |
| } catch (error) { | |
| console.log("${{ github.event.pull_request.user.login }} is not a collaborator. Requiring Manual Approval.") | |
| return "manual-approval" | |
| } | |
| wait-for-approval: | |
| runs-on: ubuntu-latest | |
| needs: [collab-check] | |
| environment: ${{ needs.collab-check.outputs.approval-env }} | |
| steps: | |
| - run: echo "Workflow Approved! Starting Fortress Security Scan." | |
| fortress-scan: | |
| runs-on: ubuntu-latest | |
| needs: [wait-for-approval] | |
| steps: | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} | |
| aws-region: us-west-2 | |
| role-duration-seconds: 10800 | |
| - name: Run Fortress Security Scan | |
| uses: aws-actions/aws-codebuild-run-build@v1 | |
| with: | |
| project-name: ${{ github.event.repository.name }}-ci-fortress-scan | |
| source-version-override: 'refs/pull/${{ github.event.pull_request.number }}/head^{${{ github.event.pull_request.head.sha }}}' |