From 4fdb46df064dd30f895b80e2f8d2cf6fb072e0fa Mon Sep 17 00:00:00 2001 From: Stefanni Brasil Date: Fri, 12 Jul 2024 15:32:10 -0600 Subject: [PATCH] Improvements to workflows and security workflow example --- .../workflows/dynamic-security-example.yaml | 19 +++++++++++++++++++ .github/workflows/dynamic-security.yaml | 3 +-- .../trigger-dynamic-readme-update.yaml | 1 + .../trigger-dynamic-security-update.yaml | 3 ++- templates/security.md | 2 +- 5 files changed, 24 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/dynamic-security-example.yaml diff --git a/.github/workflows/dynamic-security-example.yaml b/.github/workflows/dynamic-security-example.yaml new file mode 100644 index 0000000..26a424d --- /dev/null +++ b/.github/workflows/dynamic-security-example.yaml @@ -0,0 +1,19 @@ +name: update-security + +on: + push: + paths: + - SECURITY.md + branches: + - main + workflow_dispatch: + +jobs: + update-security: + permissions: + contents: write + pull-requests: write + pages: write + uses: thoughtbot/templates/.github/workflows/dynamic-security.yaml@main + secrets: + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/dynamic-security.yaml b/.github/workflows/dynamic-security.yaml index 2a9cdfd..1af3f67 100644 --- a/.github/workflows/dynamic-security.yaml +++ b/.github/workflows/dynamic-security.yaml @@ -9,7 +9,7 @@ on: required: true jobs: - update_security-file: + update_security: name: "Update Security file" runs-on: ubuntu-latest steps: @@ -50,4 +50,3 @@ jobs: This PR was automatically generated to update the dynamic section in the SECURITY file. Whenever SECURITY is updated, this workflow is triggered to dynamically render the snippet used in the SECURITY file. - diff --git a/.github/workflows/trigger-dynamic-readme-update.yaml b/.github/workflows/trigger-dynamic-readme-update.yaml index 901cc04..7522624 100644 --- a/.github/workflows/trigger-dynamic-readme-update.yaml +++ b/.github/workflows/trigger-dynamic-readme-update.yaml @@ -59,6 +59,7 @@ jobs: - thoughtbot/Curry - thoughtbot/croutons - thoughtbot/parity + - thoughtbot/testing-reusable-workflow steps: - name: Trigger Dynamic READMEs to be updated with templates uses: benc-uk/workflow-dispatch@v1 diff --git a/.github/workflows/trigger-dynamic-security-update.yaml b/.github/workflows/trigger-dynamic-security-update.yaml index 08e0044..a641432 100644 --- a/.github/workflows/trigger-dynamic-security-update.yaml +++ b/.github/workflows/trigger-dynamic-security-update.yaml @@ -59,11 +59,12 @@ jobs: - thoughtbot/Curry - thoughtbot/croutons - thoughtbot/parity + - thoughtbot/testing-reusable-workflow steps: - name: Trigger Dynamic SECURITYs to be updated with templates uses: benc-uk/workflow-dispatch@v1 with: - workflow: update_security-file + workflow: updatesecurity repo: ${{ matrix.repository }} token: ${{ secrets.PAT_TOKEN }} ref: "main" diff --git a/templates/security.md b/templates/security.md index 2a7bc50..1002a91 100644 --- a/templates/security.md +++ b/templates/security.md @@ -14,4 +14,4 @@ your reasons so that we can have a better understanding of your situation. For security inquiries or vulnerability reports, visit . -If you have any suggestions to improve this policy, please send an email to the email address at . +If you have any suggestions to improve this policy, visit .