-
Notifications
You must be signed in to change notification settings - Fork 6
34 lines (30 loc) · 1.03 KB
/
postsubmits.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
name: Postsubmits
on:
push:
branches: [ main ]
workflow_dispatch:
permissions:
contents: read
jobs:
reconcile:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: set token
run: echo ${{ secrets.AUGGIE_BOT_TOKEN }} > token
- name: peribolos dry-run
uses: docker://ghcr.io/uwu-tools/peribolos:v0.0.7@sha256:b9711218b498f72518eaf21029785202862e8c87ab0082c8e0177b86e8df2467
with:
github-token-path: ./token
config-path: config
fix-org: true
fix-org-members: true
fix-teams: true
fix-team-members: true
fix-team-repos: true
min-admins: 3
#required-admins: # TODO(action): Required admins needs to be configured