Skip to content

chore(ci): Further harden workflows #42

chore(ci): Further harden workflows

chore(ci): Further harden workflows #42

Workflow file for this run

name: CI (dev)
permissions:
contents: read
on:
push:
branches: [ "dev" ]
concurrency:
group: ${{ github.workflow }}
cancel-in-progress: true
jobs:
lints:
name: "Lint"
uses: ./.github/workflows/act_lint.yml
permissions:
contents: read
security-events: write
build:
name: "Build"
uses: ./.github/workflows/act_build.yml
mdbook:
name: "Mdbook"
uses: ./.github/workflows/act_mdbook.yml
push-to-main:
needs: [lints, build, mdbook]
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@v4
with:
# Shallow checkouts don't work for merging, so pull in enough history to likely work
fetch-depth: 75
# Needed to push to main
persist-credentials: false
- name: Update main
run: |
set -xe
git fetch origin main
git checkout main
git pull origin main
git merge --ff-only dev
- uses: ad-m/[email protected]
name: Push to main
with:
github_token: ${{ secrets.GH_PAT }}
branch: main