Improvements to workflows and security workflow example

thoughtbot · Jul 12, 2024 · 4d2b4ad · 4d2b4ad
1 parent 1779e8a
commit 4d2b4ad
Show file tree

Hide file tree

Showing 5 changed files with 24 additions and 4 deletions.
diff --git a/.github/workflows/dynamic-security-example.yaml b/.github/workflows/dynamic-security-example.yaml
@@ -0,0 +1,19 @@
+name: update-security
+
+on:
+  push:
+    paths:
+      - SECURITY.md
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+  update-security:
+    permissions:
+      contents: write
+      pull-requests: write
+      pages: write
+    uses: thoughtbot/templates/.github/workflows/dynamic-security.yaml@main
+    secrets:
+      token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/dynamic-security.yaml b/.github/workflows/dynamic-security.yaml
@@ -9,7 +9,7 @@ on:
         required: true
 
 jobs:
-  update_security-file:
+  update_security:
     name: "Update Security file"
     runs-on: ubuntu-latest
     steps:
@@ -50,4 +50,3 @@ jobs:
             This PR was automatically generated to update the dynamic section in the SECURITY file.
             Whenever SECURITY is updated, this workflow is triggered to dynamically render the snippet
             used in the SECURITY file.
-  
diff --git a/.github/workflows/trigger-dynamic-readme-update.yaml b/.github/workflows/trigger-dynamic-readme-update.yaml
@@ -59,6 +59,7 @@ jobs:
           - thoughtbot/Curry
           - thoughtbot/croutons
           - thoughtbot/parity
+          - thoughtbot/testing-reusable-workflow
     steps:
       - name: Trigger Dynamic READMEs to be updated with templates
         uses: benc-uk/workflow-dispatch@v1

diff --git a/.github/workflows/trigger-dynamic-security-update.yaml b/.github/workflows/trigger-dynamic-security-update.yaml
@@ -59,11 +59,12 @@ jobs:
           - thoughtbot/Curry
           - thoughtbot/croutons
           - thoughtbot/parity
+          - thoughtbot/testing-reusable-workflow
     steps:
       - name: Trigger Dynamic SECURITYs to be updated with templates
         uses: benc-uk/workflow-dispatch@v1
         with:
-          workflow: update_security-file
+          workflow: update-security
           repo: ${{ matrix.repository }}
           token: ${{ secrets.PAT_TOKEN }}
           ref: "main"
diff --git a/templates/security.md b/templates/security.md
@@ -14,4 +14,4 @@ your reasons so that we can have a better understanding of your situation.
 For security inquiries or vulnerability reports, visit
 <https://thoughtbot.com/security>.
 
-If you have any suggestions to improve this policy, please send an email to the email address at <https://thoughtbot.com/security>.
+If you have any suggestions to improve this policy, visit <https://thoughtbot.com/security>.