mirror of
https://github.com/caddyserver/caddy.git
synced 2025-10-19 07:43:17 +00:00
2f0fc62b34
* chore: apply security best practices for CI Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com> * remove redundant codeql job Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com> * run scorecard flow on PRs Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com> --------- Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
46 lines
1.3 KiB
YAML
46 lines
1.3 KiB
YAML
name: Release Published
|
|
|
|
# Event payload: https://developer.github.com/webhooks/event-payloads/#release
|
|
on:
|
|
release:
|
|
types: [published]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
release:
|
|
name: Release Published
|
|
strategy:
|
|
matrix:
|
|
os:
|
|
- ubuntu-latest
|
|
runs-on: ${{ matrix.os }}
|
|
permissions:
|
|
contents: read
|
|
pull-requests: read
|
|
actions: write
|
|
steps:
|
|
|
|
# See https://github.com/peter-evans/repository-dispatch
|
|
- name: Harden the runner (Audit all outbound calls)
|
|
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
|
|
with:
|
|
egress-policy: audit
|
|
|
|
- name: Trigger event on caddyserver/dist
|
|
uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0
|
|
with:
|
|
token: ${{ secrets.REPO_DISPATCH_TOKEN }}
|
|
repository: caddyserver/dist
|
|
event-type: release-tagged
|
|
client-payload: '{"tag": "${{ github.event.release.tag_name }}"}'
|
|
|
|
- name: Trigger event on caddyserver/caddy-docker
|
|
uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0
|
|
with:
|
|
token: ${{ secrets.REPO_DISPATCH_TOKEN }}
|
|
repository: caddyserver/caddy-docker
|
|
event-type: release-tagged
|
|
client-payload: '{"tag": "${{ github.event.release.tag_name }}"}'
|
|
|