rubygems/gems

name: Push Gem

on:
  release:
    types:
      - created

permissions:
  contents: read

jobs:
  push:
    if: github.repository == 'rubygems/gems'
    runs-on: ubuntu-latest

    permissions:
      contents: write
      id-token: write

    steps:
      # Set up
      - name: Harden Runner
        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
        with:
          egress-policy: audit

      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
      - name: Set up Ruby
        uses: ruby/setup-ruby@cacc9f1c0b3f4eb8a16a6bb0ed10897b43b9de49 # v1.176.0
        with:
          bundler-cache: true
          ruby-version: ruby

      # Release
      - uses: rubygems/release-gem@9e85cb11501bebc2ae661c1500176316d3987059 # v1.1.0