Files
fizzy/.github/workflows/dependabot-sync-saas-lockfile.yml
T
Mike Dalessio bc6703b0df ci: disable credential persistence after checkout
suppress artipacked warning in dependabot lockfile sync workflow
2026-03-17 17:57:34 -04:00

36 lines
947 B
YAML

name: Sync Gemfile.saas.lock
on:
push:
branches:
- "dependabot/bundler/**"
paths:
- Gemfile.lock
permissions:
contents: write
jobs:
sync:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 # zizmor: ignore[artipacked] -- credentials needed for git push
- uses: ruby/setup-ruby@09a7688d3b55cf0e976497ff046b70949eeaccfd # v1.288.0
with:
ruby-version: .ruby-version
- name: Forward Gemfile.lock changes to Gemfile.saas.lock
run: bin/bundle-drift forward
- name: Commit updated lockfile
run: |
git add Gemfile.saas.lock
if ! git diff --cached --quiet; then
git config user.name "github-actions[bot]"
git config user.email "github-actions[bot]@users.noreply.github.com"
git commit -m "Sync Gemfile.saas.lock"
git push
fi