create-security-patch #2
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Owned by grafana-delivery-squad | |
| # Intended to be dropped into the base repo (Ex: grafana/grafana) for use in the security mirror. | |
| name: Create security patch | |
| run-name: create-security-patch | |
| on: | |
| pull_request: | |
| types: | |
| - opened | |
| - reopened | |
| - synchronize | |
| branches: | |
| - "main" | |
| - "v*.*.*" | |
| # This is run before the pull request has been merged, so we'll run against the src branch | |
| jobs: | |
| trigger_downstream_create_security_patch: | |
| concurrency: create-patch-${{ github.ref_name }} | |
| uses: grafana/security-patch-actions/.github/workflows/create-patch.yml@main | |
| if: github.repository == 'grafana/grafana-security-mirror' | |
| with: | |
| repo: "${{ github.repository }}" | |
| src_ref: "${{ github.head_ref }}" # this is the source branch name, Ex: "feature/newthing" | |
| patch_ref: "${{ github.base_ref }}" # this is the target branch name, Ex: "main" | |
| patch_repo: "grafana/grafana-security-patches" | |
| patch_prefix: "${{ github.event.pull_request.number }}" | |
| secrets: inherit | |