krata/.github/workflows/release-plz.yml

name: release-plz
permissions:
  pull-requests: write
  contents: write
on:
  push:
    branches:
    - main
concurrency:
  group: "${{ github.workflow }}"
  cancel-in-progress: true
jobs:
  release-plz:
    name: release-plz
    runs-on: ubuntu-latest
    steps:
    - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
      with:
        egress-policy: audit
    - uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
      id: generate-token
      with:
        app-id: "${{ secrets.EDERA_CULTIVATION_APP_ID }}"
        private-key: "${{ secrets.EDERA_CULTIVATION_APP_PRIVATE_KEY }}"
    - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
      with:
        submodules: recursive
        fetch-depth: 0
        token: "${{ steps.generate-token.outputs.token }}"
    - uses: dtolnay/rust-toolchain@d388a4836fcdbde0e50e395dc79a2670ccdef13f # stable
    - run: ./hack/ci/install-linux-deps.sh
    - name: release-plz
      uses: MarcoIeni/release-plz-action@7566221bba53f707d05e4149111ada2c3313ae28 # v0.5.61
      env:
        GITHUB_TOKEN: "${{ steps.generate-token.outputs.token }}"
        CARGO_REGISTRY_TOKEN: "${{ secrets.KRATA_RELEASE_CARGO_TOKEN }}"