prometheus/.github/workflows/buf.yml

name: buf.build
on:
  push:
    branches:
      - main
permissions:
  contents: read

jobs:
  buf:
    name: lint and publish
    runs-on: ubuntu-latest
    if: github.repository_owner == 'prometheus'
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false
      - uses: bufbuild/buf-setup-action@a47c93e0b1648d5651a065437926377d060baa99 # v1.50.0
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
      - uses: bufbuild/buf-lint-action@06f9dd823d873146471cfaaf108a993fe00e5325 # v1.1.1
        with:
          input: 'prompb'
      - uses: bufbuild/buf-breaking-action@c57b3d842a5c3f3b454756ef65305a50a587c5ba # v1.1.4
        with:
          input: 'prompb'
          against: 'https://github.com/prometheus/prometheus.git#branch=main,ref=HEAD~1,subdir=prompb'
      - uses: bufbuild/buf-push-action@a654ff18effe4641ebea4a4ce242c49800728459 # v1.1.1
        with:
          input: 'prompb'
          buf_token: ${{ secrets.BUF_TOKEN }}