File tree Expand file tree Collapse file tree 1 file changed +53
-0
lines changed Expand file tree Collapse file tree 1 file changed +53
-0
lines changed Original file line number Diff line number Diff line change 1+ version : ' minty.abcxyz.dev/v2'
2+
3+ rule :
4+ if : |-
5+ assertion.iss == 'https://token.actions.githubusercontent.com' &&
6+ assertion.organization_id == '93787867' &&
7+ assertion.repository_id == '560465650' &&
8+ assertion.ref == 'refs/heads/main'
9+
10+ scope :
11+ update-checksums :
12+ rule :
13+ if : |-
14+ assertion.workflow_ref.startsWith("abcxyz/secure-setup-terraform/.github/workflows/update-checksums.yml") &&
15+ (assertion.event_name == 'schedule' || assertion.event_name == 'workflow_dispatch')
16+ repositories :
17+ - ' secure-setup-terraform'
18+ permissions :
19+ pull_requests : ' write'
20+ contents : ' write'
21+
22+ create-release :
23+ rule :
24+ if : |-
25+ assertion.workflow_ref.startsWith("abcxyz/secure-setup-terraform/.github/workflows/create-release.yml") &&
26+ assertion.event_name == 'push'
27+ repositories :
28+ - ' secure-setup-terraform'
29+ permissions :
30+ contents : ' write'
31+
32+ draft-release :
33+ rule :
34+ if : |-
35+ assertion.workflow_ref == assertion.job_workflow_ref &&
36+ assertion.workflow_ref.startsWith("abcxyz/secure-setup-terraform/.github/workflows/draft-release.yml") &&
37+ assertion.event_name == 'workflow_dispatch'
38+ repositories :
39+ - ' secure-setup-terraform'
40+ permissions :
41+ contents : ' write'
42+ pull_requests : ' write'
43+
44+ release :
45+ rule :
46+ if : |-
47+ assertion.workflow_ref == assertion.job_workflow_ref &&
48+ assertion.workflow_ref.startsWith("abcxyz/secure-setup-terraform/.github/workflows/release.yml") &&
49+ assertion.event_name == 'push'
50+ repositories :
51+ - ' secure-setup-terraform'
52+ permissions :
53+ contents : ' write'
You can’t perform that action at this time.
0 commit comments