blob: 5babccc4a537fbfb5a7c7aaa078970d22163b495 [file] [log] [blame]
name: update-lockfiles
on:
pull_request_target:
branches:
- "release-**"
types:
- closed
permissions:
contents: read
env:
GH_TOKEN: ${{ secrets.BAZEL_IO_TOKEN }}
jobs:
update-lockfiles:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7
with:
egress-policy: audit
- name: Update lockfile(s) on closed PR
uses: bazelbuild/continuous-integration/actions/update-lockfile@8db2c232a6f86d56ec655e7b0d87de3787a25ef1
with:
release-branch: ${{ github.base_ref }}
is-prod: True
pr-number: ${{ github.event.number }}