element-web/.github/workflows/backport.yml
Michael Telatynski 03a1d89785
Tighten GITHUB_TOKEN permissions
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
2024-11-20 15:44:02 +00:00

32 lines
1.1 KiB
YAML

name: Backport
on:
pull_request_target:
types:
- closed
- labeled
branches:
- develop
permissions: {} # We use ELEMENT_BOT_TOKEN instead
jobs:
backport:
name: Backport
runs-on: ubuntu-24.04
# Only react to merged PRs for security reasons.
# See https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target.
if: >
github.event.pull_request.merged
&& (
github.event.action == 'closed'
|| (
github.event.action == 'labeled'
&& contains(github.event.label.name, 'backport')
)
)
steps:
- uses: tibdex/backport@9565281eda0731b1d20c4025c43339fb0a23812e # v2
with:
labels_template: "<%= JSON.stringify([...labels, 'X-Release-Blocker']) %>"
# We can't use GITHUB_TOKEN here or CI won't run on the new PR
github_token: ${{ secrets.ELEMENT_BOT_TOKEN }}