Merge pull request #137 from yetanalytics/blakeplock-patch-1 #435

	name: CI

	on: push

	jobs:
	nvd-scan:
	uses: yetanalytics/workflow-nvd/.github/workflows/nvd-scan.yml@v1
	with:
	nvd-clojure-version: '3.2.0'
	# onyx dep is outdated and abandoned so don't bother scanning
	classpath-command: 'clojure -Spath -A:cli:server'
	nvd-config-filename: '.nvd/config.json'

	test:
	runs-on: ubuntu-latest

	strategy:
	matrix:
	target: [test-unit, test-unit-onyx, test-cli]

	steps:
	- name: Checkout Repository
	uses: actions/checkout@v3

	- name: Setup CI environment
	uses: yetanalytics/actions/[email protected]

	- name: Log into DockerHub
	if: ${{ matrix.target == 'test-unit' }}
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Run Makefile Target ${{ matrix.target }}
	run: make ${{ matrix.target }}

	validate-template:
	runs-on: ubuntu-latest

	# These permissions are needed by configure-aws-credentials in order
	# to interact with GitHub's OIDC Token endpoint.
	permissions:
	id-token: write # required to use OIDC authentication
	contents: read # required to checkout the code from the repo

	steps:
	- name: Checkout Repository
	uses: actions/checkout@v3

	- name: Setup CI environment
	uses: yetanalytics/actions/[email protected]

	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v1-node16
	with:
	role-to-assume: ${{ secrets.CF_VALIDATE_TEMPLATE_ROLE_ARN }}
	role-duration-seconds: 900 # 15 min; minimal duration possible
	aws-region: us-east-1

	- name: Run Makefile Target validate-template
	run: make validate-template

Provide feedback