Make audit scheduled and manually runnable (#430)

* Make audit scheduled and manually runnable

Moves the security audit into a separate workflow so that it can be run
on a schedule, and also dispatched manually.

* Limit audit trigger to dependency changes

Co-authored-by: Ossama Hjaji <[email protected]>

* Execute audit every Sunday

Co-authored-by: Ossama Hjaji <[email protected]>

Co-authored-by: Ossama Hjaji <[email protected]>

Author: spenserblack

Diff for: .github/workflows/audit.yml

@@ -0,0 +1,25 @@
+name: Security Audit
+on:
+  push:
+    branches: [ master ]
+    paths: 
+      - '**/Cargo.toml'
+      - '**/Cargo.lock'
+  pull_request:
+    branches: [ master ]
+    paths: 
+      - '**/Cargo.toml'
+      - '**/Cargo.lock'
+  schedule:
+    - cron: '0 0 * * 0'
+  workflow_dispatch:
+
+jobs:
+  sec:
+    name: Security audit
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - uses: actions-rs/audit-check@v1
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}

Diff for: .github/workflows/ci.yml

@@ -55,12 +55,3 @@ jobs:
         toolchain: stable
         components: rustfmt
     - run: cargo fmt -- --check
-
-  sec:
-    name: Security audit
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v2
-    - uses: actions-rs/audit-check@v1
-      with:
-        token: ${{ secrets.GITHUB_TOKEN }}