Skip to content

TUF-on-CI create Signing events #10

TUF-on-CI create Signing events

TUF-on-CI create Signing events #10

name: TUF-on-CI create Signing events
on:
schedule:
- cron: '17 1,7,13,19 * * *'
workflow_dispatch:
permissions: {}
jobs:
create-signing-events:
runs-on: ubuntu-latest
permissions:
contents: write # for committing to signing event branch
actions: write # for dispatching signing event workflow
steps:
- name: Generate GitHub App Token
id: app-token
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
with:
app-id: ${{ vars.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
- name: Create signing events for offline version bumps
uses: theupdateframework/tuf-on-ci/actions/create-signing-events@a486e2d6fcf93af4cb0f479e6a280f34125647d6 # v0.10.0
with:
token: ${{ steps.app-token.outputs.token }}
update-issue:
runs-on: ubuntu-latest
needs: [create-signing-events]
if: always() && !cancelled()
permissions:
issues: write # for modifying Issues
contents: read # for checking out the repository
steps:
- name: Generate GitHub App Token
id: app-token
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
with:
app-id: ${{ vars.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
- name: Update the issue for the workflow
uses: theupdateframework/tuf-on-ci/actions/update-issue@a486e2d6fcf93af4cb0f479e6a280f34125647d6 # v0.10.0
with:
token: ${{ steps.app-token.outputs.token }}
success: ${{ !contains(needs.*.result, 'failure') }}