.github/workflows/update-lockfiles.yml - bazel - Git at Google

 name: update-lockfiles

 on:
   pull_request:
     branches:
       - "release-**"
     types:
       - closed

 permissions:
   contents: read

 env:
   GH_TOKEN: ${{ secrets.BAZEL_IO_TOKEN }}

 jobs:
   update-lockfiles:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
         uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7
         with:
           egress-policy: audit
       - name: Update lockfile(s) on closed PR
         uses: bazelbuild/continuous-integration/actions/update-lockfile@8db2c232a6f86d56ec655e7b0d87de3787a25ef1
         with:
           release-branch: ${{ github.base_ref }}
           is-prod: True
           pr-number: ${{ github.event.number }}
	name: update-lockfiles

	on:
	pull_request:
	branches:
	- "release-**"
	types:
	- closed

	permissions:
	contents: read

	env:
	GH_TOKEN: ${{ secrets.BAZEL_IO_TOKEN }}

	jobs:
	update-lockfiles:
	runs-on: ubuntu-latest
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7
	with:
	egress-policy: audit
	- name: Update lockfile(s) on closed PR
	uses: bazelbuild/continuous-integration/actions/update-lockfile@8db2c232a6f86d56ec655e7b0d87de3787a25ef1
	with:
	release-branch: ${{ github.base_ref }}
	is-prod: True
	pr-number: ${{ github.event.number }}