grafana/.github/workflows/create-security-patch-from-security-mirror.yml

29 lines
1.0 KiB
YAML
Raw Normal View History

# Owned by grafana-release-guild
# Intended to be dropped into the base repo (Ex: grafana/grafana) for use in the security mirror.
name: Create security patch
run-name: create-security-patch
on:
pull_request:
types:
- opened
- reopened
- synchronize
branches:
- "main"
- "v*.*.*"
# This is run before the pull request has been merged, so we'll run against the src branch
jobs:
trigger_downstream_create_security_patch:
concurrency: create-patch-${{ github.ref_name }}
uses: grafana/security-patch-actions/.github/workflows/create-patch.yml@main
if: github.repository == 'grafana/grafana-security-mirror'
with:
repo: "${{ github.repository }}"
src_ref: "${{ github.head_ref }}" # this is the source branch name, Ex: "feature/newthing"
patch_ref: "${{ github.base_ref }}" # this is the target branch name, Ex: "main"
patch_repo: "grafana/grafana-security-patches"
patch_prefix: "${{ github.event.pull_request.number }}"
secrets: inherit