UserStyles/.github/workflows/stale.yml at 957500a77d3d9c7c22653be41746ef9d142759d1 · Nick2bad4u/UserStyles · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# This GitHub Actions workflow is designed to automatically mark issues and pull requests as stale
# if they have had no activity for a specified amount of time. It uses the `actions/stale` action
# to perform this task. The workflow is scheduled to run daily at 07:38 AM (UTC) as specified by
# the cron expression.
#
# The workflow has the following permissions:
# - Read access to repository contents.
# - Write access to issues and pull requests.
#
# The workflow consists of a single job named `stale` that runs on the latest Ubuntu runner.
# The job includes the following steps:
# 1. Harden Runner: Uses the `step-security/harden-runner` action to enhance the security of the
#    runner by auditing egress traffic.
# 2. Mark Stale Issues and PRs: Uses the `actions/stale` action to mark issues and pull requests
#    as stale. The action is configured with the following parameters:
#    - `repo-token`: The GitHub token used to authenticate the action.
#    - `stale-issue-message`: The message to post on stale issues.
#    - `stale-pr-message`: The message to post on stale pull requests.
#    - `stale-issue-label`: The label to apply to stale issues.
#    - `stale-pr-label`: The label to apply to stale pull requests.
#
# For more information on configuring the `actions/stale` action, visit:
# https://github.com/actions/stale

name: Mark stale issues and pull requests

on:
  schedule:
    - cron: '38 7 * * *'

permissions:
  contents: read

jobs:
  stale:
    runs-on: ubuntu-latest
    permissions:
      issues: write
      pull-requests: write
    concurrency:
      group: stale-${{ github.ref }}
      cancel-in-progress: false

    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
        with:
          egress-policy: audit

      - uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0
        with:
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          stale-issue-message: 'Stale issue'
          stale-pr-message: 'Stale pull request'
          stale-issue-label: 'no-issue-activity'
          stale-pr-label: 'no-pr-activity'