From 4d9dd8c11ee65eb5371da77ca55f83b73bf41ee5 Mon Sep 17 00:00:00 2001
From: Martin Pitt <martin@piware.de>
Date: Tue, 6 Jul 2021 07:55:40 +0200
Subject: [PATCH] workflows: Run release workflow in release environment

This partitions secrets and limits their potential exposure/leakage.

This environment can be created with github-upload-action-secrets in [1].

[1] https://github.com/cockpit-project/bots/pull/2164
---
 .github/workflows/release.yml.disabled | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/release.yml.disabled b/.github/workflows/release.yml.disabled
index 0f611bb..98e2409 100644
--- a/.github/workflows/release.yml.disabled
+++ b/.github/workflows/release.yml.disabled
@@ -7,6 +7,7 @@ on:
 jobs:
   cockpituous:
     runs-on: ubuntu-latest
+    environment: release
     container:
       image: ghcr.io/cockpit-project/release
     steps: