c27048a57d
* [StepSecurity] ci: Harden GitHub Actions Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> * imprement coderabbit recommendations --------- Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: Igor Velkov <325961+iav@users.noreply.github.com>
37 lines
1.1 KiB
YAML
37 lines
1.1 KiB
YAML
name: "Infrastructure: Dispatch to fork"
|
|
run-name: Forked Helper dispatch on ${{ github.event_name }}
|
|
|
|
on:
|
|
push:
|
|
release:
|
|
deployment:
|
|
pull_request:
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
dispatch-on-forked-repo:
|
|
name: 📢 Run repository dispatch on fork
|
|
env:
|
|
DISPATCH_SECRET: ${{ secrets.ARMBIAN_SELF_DISPATCH_TOKEN }}
|
|
if: ${{ github.repository_owner != 'armbian' }} # Run only on forks
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Dispatch event on forked repository
|
|
if: ${{ env.DISPATCH_SECRET != '' }} # Check that the secret has been set, if not, exit
|
|
uses: peter-evans/repository-dispatch@v4
|
|
with:
|
|
token: ${{ env.DISPATCH_SECRET }}
|
|
repository: ${{ github.repository }}
|
|
event-type: armbian
|
|
client-payload: >
|
|
{
|
|
"event": "${{ github.event_name }}",
|
|
"ref": "${{ github.ref }}",
|
|
"base_ref": "${{ github.base_ref }}",
|
|
"sha": "${{ github.sha }}",
|
|
"event_details": ${{ toJSON(github.event) }}
|
|
}
|