| name: update-lockfiles |
| |
| on: |
| pull_request_target: |
| branches: |
| - "release-**" |
| types: |
| - closed |
| |
| permissions: |
| contents: read |
| |
| env: |
| GH_TOKEN: ${{ secrets.BAZEL_IO_TOKEN }} |
| |
| jobs: |
| update-lockfiles: |
| runs-on: ubuntu-latest |
| steps: |
| - name: Harden Runner |
| uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 |
| with: |
| egress-policy: audit |
| - name: Update lockfile(s) on closed PR |
| uses: bazelbuild/continuous-integration/actions/update-lockfile@8db2c232a6f86d56ec655e7b0d87de3787a25ef1 |
| with: |
| release-branch: ${{ github.base_ref }} |
| is-prod: True |
| pr-number: ${{ github.event.number }} |