chore: enforce security hardening for GitHub Actions workflows #221
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: SCSS Compilation | |
| on: | |
| pull_request: | |
| branches: | |
| - 'develop' | |
| - '4.*' | |
| paths: | |
| - '**.scss' | |
| - '**.css' | |
| - '.github/workflows/test-scss.yml' | |
| push: | |
| branches: | |
| - 'develop' | |
| - '4.*' | |
| paths: | |
| - '**.scss' | |
| - '**.css' | |
| - '.github/workflows/test-scss.yml' | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| build: | |
| name: Compilation of SCSS (Dart Sass) | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Setup Node | |
| uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 | |
| with: | |
| # node version based on dart-sass test workflow | |
| node-version: 16 | |
| - name: Install Dart Sass | |
| run: | | |
| npm install --global sass | |
| sass --version | |
| - name: Run Dart Sass | |
| run: sass --no-source-map admin/css/debug-toolbar/toolbar.scss system/Debug/Toolbar/Views/toolbar.css | |
| - name: Check for changed CSS files | |
| run: | | |
| if [[ -n "$(git status --porcelain 2>/dev/null)" ]]; then | |
| echo "Your changes to the SCSS files did not match the expected CSS output." | |
| git diff-files --patch | |
| exit 1 | |
| fi |