Can `workflow_run` on main branch allow secure build publishing?
shrink opened this issue · comments
sam commented
https://docs.github.com/en/actions/reference/events-that-trigger-workflows#workflow_run
The push
job in build.yml could use the workflow_run
functionality instead, so that builds from unprivileged users can be pushed to the registry too.