Skip to content
Weekly tests

Run weekly tests and scans #8

Sign in to view logs

Run weekly tests and scans

Run weekly tests and scans #8

Workflow file for this run

.github/workflows/weekly.yaml at c5c873c
# Copyright 2025 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Run weekly scans and other checks.
#
# This workflow calls other workflows to do code and other checks on a schedule.
# It can also be invoked manually via the "Run workflow" button at
# https://github.com/quantumlib/REPO/actions/workflows/weekly.yaml
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
name: Weekly tests
run-name: Run weekly tests and scans
on:
schedule:
# Run on Mondays.
- cron: '0 10 * * 1'
# Allow manual invocation.
workflow_dispatch:
inputs:
debug:
description: 'Run with debugging options'
type: boolean
default: true
# Declare default workflow permissions as read only.
permissions: read-all
concurrency:
# Cancel any previously-started but still active runs on the same branch.
cancel-in-progress: true
group: ${{github.workflow}}-${{github.event.pull_request.number||github.ref}}
jobs:
osv-code-scan:

Check failure on line 48 in .github/workflows/weekly.yaml

View workflow run for this annotation

GitHub Actions / Weekly tests

Invalid workflow file 

The workflow is not valid. .github/workflows/weekly.yaml (Line: 48, Col: 3): Error calling workflow 'quantumlib/OpenFermion/.github/workflows/osv-scanner.yaml@c5c873cfe8db3c4134638e47ef1870511be33287'. The workflow is requesting 'attestations: read, checks: read, deployments: read, discussions: read, issues: read, models: read, packages: read, pages: read, pull-requests: read, repository-projects: read, statuses: read, id-token: read', but is only allowed 'attestations: none, checks: none, deployments: none, discussions: [...]
if: github.repository_owner == 'quantumlib'
name: Run periodic open-source vulnerabilities scanner
uses: ./.github/workflows/osv-scanner.yaml
permissions:
actions: read
contents: read
security-events: write
with:
reason: '(weekly)'
debug: ${{github.event.inputs.debug || false}}
scorecard-repo-scan:
if: github.repository_owner == 'quantumlib'
name: Run periodic Scorecard analysis
uses: ./.github/workflows/scorecard-scanner.yaml
permissions:
actions: read
contents: read
security-events: write
secrets: inherit
with:
reason: '(weekly)'
debug: ${{github.event.inputs.debug || false}}