ac64f9caf5
* Restrict permissions for the GITHUB_TOKEN in .github/workflows/label-feature.yml * Restrict permissions for the GITHUB_TOKEN in .github/workflows/label-support.yml * Restrict permissions for the GITHUB_TOKEN in .github/workflows/stale.yml * Restrict permissions for the GITHUB_TOKEN in .github/workflows/sync_ghes.yaml * Restrict permissions for the GITHUB_TOKEN in .github/workflows/validate-data.yaml Co-authored-by: Step Security <bot@stepsecurity.io> Co-authored-by: step-security[bot] <89328102+step-security[bot]@users.noreply.github.com> Co-authored-by: Step Security <bot@stepsecurity.io>
35 lines
845 B
YAML
35 lines
845 B
YAML
name: Sync workflows for GHES
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
jobs:
|
|
sync:
|
|
permissions:
|
|
contents: write
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
- run: |
|
|
git fetch --no-tags --prune --depth=1 origin +refs/heads/*:refs/remotes/origin/*
|
|
git config user.email "cschleiden@github.com"
|
|
git config user.name "GitHub Actions"
|
|
- uses: actions/setup-node@v2
|
|
with:
|
|
node-version: '12'
|
|
- name: Check starter workflows for GHES compat
|
|
run: |
|
|
npm ci
|
|
npx ts-node-script ./index.ts
|
|
working-directory: ./script/sync-ghes
|
|
- run: |
|
|
git add -A
|
|
if [ -z "$(git status --porcelain)" ]; then
|
|
echo "No changes to commit"
|
|
else
|
|
git commit -m "Updating GHES workflows"
|
|
fi
|
|
- run: git push
|