.github/workflows/update-lockfiles.yml - bazel - Git at Google

 name: update-lockfiles

 on:
   pull_request_target:
     branches:
       - "release-**"
     types:
       - closed

 permissions:
   contents: read

 env:
   GH_TOKEN: ${{ secrets.BAZEL_IO_TOKEN }}

 jobs:
   update-lockfiles:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
         uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde
         with:
           egress-policy: audit
       - name: Update lockfile(s) on closed PR
         uses: bazelbuild/continuous-integration/actions/update-lockfile@40accd1e24b7d296e87b573002ed0903828c0cf0
         with:
           release-branch: ${{ github.base_ref }}
           is-prod: True
           pr-number: ${{ github.event.number }}
	name: update-lockfiles

	on:
	pull_request_target:
	branches:
	- "release-**"
	types:
	- closed

	permissions:
	contents: read

	env:
	GH_TOKEN: ${{ secrets.BAZEL_IO_TOKEN }}

	jobs:
	update-lockfiles:
	runs-on: ubuntu-latest
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde
	with:
	egress-policy: audit
	- name: Update lockfile(s) on closed PR
	uses: bazelbuild/continuous-integration/actions/update-lockfile@40accd1e24b7d296e87b573002ed0903828c0cf0
	with:
	release-branch: ${{ github.base_ref }}
	is-prod: True
	pr-number: ${{ github.event.number }}