name: Security audit
on:
  schedule:
    - cron: '0 0 * * *'

jobs:
  audit:
    runs-on: ubuntu-latest
    if: github.repository == 'google/OpenSK'
    steps:
      - uses: actions/checkout@v2
        with:
          submodules: "true"
      - name: Install Rust toolchain
        run: rustup show
      - uses: actions/setup-python@v1
        with:
          python-version: 3.7
      - name: Install Python dependencies
        run: python -m pip install --upgrade pip setuptools wheel
      - name: Set up OpenSK
        run: ./setup.sh
      - uses: actions-rs/audit-check@v1
        with:
          token: ${{ secrets.GITHUB_TOKEN }}