Build and publish test harness image after Dependabot PR #25
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and publish test harness image after Dependabot PR | |
| on: | |
| workflow_run: # zizmor: ignore[dangerous-triggers] we are aware that it is a dengerouse trigger but we need a way to build an image after Dependabot PR | |
| types: [ completed ] | |
| workflows: [ 'Rebuild Bowtie Image' ] | |
| branches: | |
| - 'dependabot/**' | |
| permissions: {} | |
| concurrency: | |
| # in this case if several dependabot PRs are merged only the latest one will build and publish the image | |
| group: dependabot-${{ github.event.workflow_run.event }}-${{ github.event.workflow_run.triggering_actor.login }} | |
| cancel-in-progress: true | |
| jobs: | |
| build-and-publish: | |
| if: | | |
| github.event.workflow_run.event == 'pull_request' | |
| && github.event.workflow_run.conclusion == 'success' | |
| && github.event.workflow_run.triggering_actor.login == 'dependabot[bot]' | |
| permissions: | |
| id-token: write | |
| contents: read | |
| attestations: write | |
| packages: write | |
| uses: ./.github/workflows/build-image.yml | |
| with: | |
| is-latest: true | |
| publish-image: true |