Skip to content

chore(deps): update step-security/harden-runner action to v2.10.2 #530

chore(deps): update step-security/harden-runner action to v2.10.2

chore(deps): update step-security/harden-runner action to v2.10.2 #530

Workflow file for this run

name: release
on:
push:
branches:
- master
tags:
- "v*.*.*"
pull_request:
types:
- labeled
# only allow minimum required permissions at top-level
permissions:
contents: read
jobs:
release:
if: github.event.action != 'labeled'
runs-on: ubuntu-latest
permissions:
contents: write # hay14busa/action-* to create releases, push tags
pull-requests: read # hay14busa/action-* to list pull requests
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
# Bump version on merging Pull Requests with specific labels.
# (bump:major,bump:minor,bump:patch)
- id: bumpr
if: "!startsWith(github.ref, 'refs/tags/')"
uses: haya14busa/action-bumpr@78ab5a104d20896c9c9122c64221b3aecf1a8cbb # v1.10.0
# Update corresponding major and minor tag.
# e.g. Update v1 and v1.2 when releasing v1.2.3
- uses: haya14busa/action-update-semver@fb48464b2438ae82cc78237be61afb4f461265a1 # v1.2.1
if: "!steps.bumpr.outputs.skip"
with:
tag: ${{ steps.bumpr.outputs.next_version }}
# Get tag name.
- id: tag
uses: haya14busa/action-cond@94f77f7a80cd666cb3155084e428254fea4281fd # v1.2.1
with:
cond: "${{ startsWith(github.ref, 'refs/tags/') }}"
if_true: ${{ github.ref }}
if_false: ${{ steps.bumpr.outputs.next_version }}
# Create release
- if: "steps.tag.outputs.value != ''"
env:
TAG_NAME: ${{ steps.tag.outputs.value }}
BODY: ${{ steps.bumpr.outputs.message }}
# This token is provided by Actions, you do not need to create your own token
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh release create "${TAG_NAME}" -t "Release ${TAG_NAME/refs\/tags\//}" --notes "${BODY}"
release-check:
if: github.event.action == 'labeled'
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write # hay14busa/action-* to add changelog comment to PR
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Post bumpr status comment
uses: haya14busa/action-bumpr@78ab5a104d20896c9c9122c64221b3aecf1a8cbb # v1.10.0