chore(cloud-native): update assets and dependencies of OCI images #657
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Backport | |
on: | |
pull_request_target: | |
types: [closed, labeled] | |
branches: [main, release-*] | |
permissions: | |
contents: read | |
pull-requests: read | |
# WARNING: | |
# When extending this action, be aware that $GITHUB_TOKEN allows write access to | |
# the GitHub repository. This means that it should not evaluate user input in a | |
# way that allows code injection. | |
jobs: | |
backport: | |
permissions: | |
contents: write # so it can comment | |
pull-requests: write # so it can create pull requests | |
name: Backport Pull Request | |
# Run the action if a PR is merged with backport labels | |
# OR | |
# when already merged PR is labeled with backport labels | |
if: > | |
github.repository == 'JanssenProject/jans' | |
&& | |
github.event.pull_request.merged | |
&& ( | |
github.event.action == 'closed' | |
|| ( | |
github.event.action == 'labeled' | |
&& startsWith(github.event.label.name, 'backport/') | |
) | |
) | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
- name: Create backport PRs | |
uses: korthout/backport-action@e8161d6a0dbfa2651b7daa76cbb75bc7c925bbf3 # v2.4.1 | |
with: | |
# Config README: https://github.com/zeebe-io/backport-action#backport-action | |
github_token: ${{ secrets.MOAUTO_WORKFLOW_TOKEN }} | |
github_workspace: ${{ github.workspace }} | |
# Regex pattern to match GitHub labels | |
# The capture group catches the target branch | |
# i.e. label backport/v1.0.0 will create backport PR for branch v1.0.0 | |
label_pattern: ^backport\/([^ ]+)$ | |
pull_description: |- | |
Automated backport to `${target_branch}`, triggered by a label in #${pull_number}. | |
See ${issue_refs}. |