From d5336df637d54f99d75c0e12ecb3ffa7a3528def Mon Sep 17 00:00:00 2001
From: Brad Egler <bradegler@users.noreply.github.com>
Date: Mon, 30 Sep 2024 09:42:44 -0400
Subject: [PATCH] feat: migration of minty configuration (#415)

Migration of:
https://github.com/abcxyz/abcxyz-services/blob/main/github-token-minter/deployments/configs/abcxyz/jvs.yaml
---
 .github/minty.yaml | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 .github/minty.yaml

diff --git a/.github/minty.yaml b/.github/minty.yaml
new file mode 100644
index 00000000..50069318
--- /dev/null
+++ b/.github/minty.yaml
@@ -0,0 +1,32 @@
+version: 'minty.abcxyz.dev/v2'
+
+rule:
+  if: |-
+    assertion.iss == 'https://token.actions.githubusercontent.com' &&
+    assertion.repository_owner_id == '93787867' &&
+    assertion.repository_id == '479173136' &&
+    assertion.ref == 'refs/heads/main' &&
+    assertion.workflow_ref == assertion.job_workflow_ref
+
+scope:
+  draft-release:
+    rule:
+      if: |-
+        assertion.workflow_ref.startsWith("abcxyz/jvs/.github/workflows/draft-release.yml") &&
+        assertion.event_name == 'workflow_dispatch'
+    repositories:
+      - 'jvs'
+    permissions:
+      contents: 'write'
+      pull_requests: 'write'
+
+  release:
+    rule:
+      if: |-
+        assertion.workflow_ref.startsWith("abcxyz/jvs/.github/workflows/release.yml") &&
+        assertion.event_name == 'push'
+    repositories:
+      - 'jvs'
+    permissions:
+      contents: 'write'
+      workflows: 'write'