Hugh Hackman
f40ecbb899
The shared plugin-release.yaml reusable workflow declares pull-requests: write and uses it to create/merge the release PR. Calling workflows must grant all permissions declared by reusable workflows or the job fails at startup. Also adds secrets: inherit so org-level RELEASE_APP_ID and RELEASE_APP_PRIVATE_KEY are forwarded to the external reusable workflow — without this they arrive empty and the release is silently skipped. Co-Authored-By: Paperclip <noreply@paperclip.ing>
21 lines
386 B
YAML
21 lines
386 B
YAML
name: Release
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
version:
|
|
description: 'Release version (e.g. 1.0.0)'
|
|
required: true
|
|
type: string
|
|
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
|
|
jobs:
|
|
release:
|
|
uses: privilegedescalation/.github/.github/workflows/plugin-release.yaml@main
|
|
with:
|
|
version: ${{ inputs.version }}
|
|
secrets: inherit
|