From ff71fa1c88acfbff261c7cd9a20c0c370f11d61d Mon Sep 17 00:00:00 2001
From: Eric Cornelissen <ericornelissen@gmail.com>
Date: Mon, 1 Aug 2022 22:19:43 +0200
Subject: [PATCH 1/7] Test validity of `type` key for inputs/outputs in
 actions.yml

---
 action.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/action.yml b/action.yml
index be85d19..620e92f 100644
--- a/action.yml
+++ b/action.yml
@@ -6,10 +6,12 @@ inputs:
   tag:
     description: "tag of interest (defaults to the GITHUB_REF environment variable)"
     required: false
+    type: string
 
 outputs:
   git-tag-annotation:
     description: "The git tag annotation"
+    type: string
 
 runs:
   using: "node16"

From 243a91ca847aca74b029d5a40e599232ad7b073c Mon Sep 17 00:00:00 2001
From: Eric Cornelissen <ericornelissen@gmail.com>
Date: Mon, 1 Aug 2022 22:28:54 +0200
Subject: [PATCH 2/7] Move inputs/outputs types to actions-types.yml

Adding `type` keys in action.yml results in an error from GitHub
Actions:

    ./action.yml (Line: 14, Col: 5): Unexpected value 'type'
---
 action-types.yml | 10 ++++++++++
 action.yml       |  2 --
 2 files changed, 10 insertions(+), 2 deletions(-)
 create mode 100644 action-types.yml

diff --git a/action-types.yml b/action-types.yml
new file mode 100644
index 0000000..7fe8ea3
--- /dev/null
+++ b/action-types.yml
@@ -0,0 +1,10 @@
+# This file provides types for "GitHub Actions Kotlin DSL".
+# See https://github.com/krzema12/github-actions-kotlin-dsl
+
+inputs:
+  tag:
+    type: string
+
+outputs:
+  git-tag-annotation:
+    type: string
diff --git a/action.yml b/action.yml
index 620e92f..be85d19 100644
--- a/action.yml
+++ b/action.yml
@@ -6,12 +6,10 @@ inputs:
   tag:
     description: "tag of interest (defaults to the GITHUB_REF environment variable)"
     required: false
-    type: string
 
 outputs:
   git-tag-annotation:
     description: "The git tag annotation"
-    type: string
 
 runs:
   using: "node16"

From 60b80526c04ccdaf4af7da082510f55f37f1c2f8 Mon Sep 17 00:00:00 2001
From: Eric Cornelissen <ericornelissen@gmail.com>
Date: Mon, 1 Aug 2022 22:31:28 +0200
Subject: [PATCH 3/7] Set up CI to validate the action-types.yml file

---
 .github/workflows/verify.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml
index 278bec2..93d0366 100644
--- a/.github/workflows/verify.yml
+++ b/.github/workflows/verify.yml
@@ -8,6 +8,7 @@ on:
       - "test/**.js"
       - ".nvmrc"
       - "action.yml"
+      - "action-types.yml"
       - "index.js"
       - "package-lock.json"
       - "rollup.config.js"
@@ -21,6 +22,7 @@ on:
       - ".nvmrc"
       - "index.js"
       - "action.yml"
+      - "action-types.yml"
       - "package-lock.json"
       - "rollup.config.js"
       - "stryker.config.json"
@@ -202,3 +204,15 @@ jobs:
         env:
           STRYKER_DASHBOARD_API_KEY: ${{ secrets.STRYKER_DASHBOARD_TOKEN }}
         run: npm run test:mutation
+  validate-action-types:
+    name: Validate Action Types
+    runs-on: ubuntu-latest
+    steps:
+      - name: Harden runner
+        uses: step-security/harden-runner@v1.4.4
+        with:
+          egress-policy: audit
+      - name: Checkout repository
+        uses: actions/checkout@v3.0.2
+      - name: Validate Action Types
+        uses: krzema12/github-actions-typing@v0

From e1b8b731c83c0fbacdec28f10d2e21d0599419c7 Mon Sep 17 00:00:00 2001
From: Eric Cornelissen <ericornelissen@gmail.com>
Date: Mon, 1 Aug 2022 22:47:50 +0200
Subject: [PATCH 4/7] Configure harder-runner for Validate Action Types job

---
 .github/workflows/verify.yml | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml
index 93d0366..58c6e2a 100644
--- a/.github/workflows/verify.yml
+++ b/.github/workflows/verify.yml
@@ -211,7 +211,14 @@ jobs:
       - name: Harden runner
         uses: step-security/harden-runner@v1.4.4
         with:
-          egress-policy: audit
+          egress-policy: block
+          allowed-endpoints: >
+            api.github.com:443
+            artifactcache.actions.githubusercontent.com:443
+            github.com:443
+            n06iacprodeus1file4.blob.core.windows.net:443
+            objects.githubusercontent.com:443
+            registry.npmjs.org:443
       - name: Checkout repository
         uses: actions/checkout@v3.0.2
       - name: Validate Action Types

From 88dcfebca6d5e5e2bd4ba9334109d8481e1ca28c Mon Sep 17 00:00:00 2001
From: Eric Cornelissen <ericornelissen@gmail.com>
Date: Mon, 1 Aug 2022 22:48:22 +0200
Subject: [PATCH 5/7] Pin krzema12/github-actions-typing

---
 .github/workflows/verify.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml
index 58c6e2a..a08b1ac 100644
--- a/.github/workflows/verify.yml
+++ b/.github/workflows/verify.yml
@@ -222,4 +222,4 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v3.0.2
       - name: Validate Action Types
-        uses: krzema12/github-actions-typing@v0
+        uses: krzema12/github-actions-typing@v0.5.0

From 339a74e08002e9b5c4ba616e34958cbddab32063 Mon Sep 17 00:00:00 2001
From: Eric Cornelissen <ericornelissen@gmail.com>
Date: Mon, 1 Aug 2022 22:53:00 +0200
Subject: [PATCH 6/7] Update CHANGELOG

---
 CHANGELOG.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7dce3fb..d280af5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,7 +7,7 @@ Versioning].
 
 ## [Unreleased]
 
-- _No changes yet_
+- Add support for GitHub Actions Kotlin DSL. ([#262])
 
 ## [2.0.1] - 2022-07-17
 
@@ -115,3 +115,4 @@ Versioning].
 [#240]: https://github.com/ericcornelissen/git-tag-annotation-action/pull/240
 [#241]: https://github.com/ericcornelissen/git-tag-annotation-action/pull/241
 [#254]: https://github.com/ericcornelissen/git-tag-annotation-action/pull/254
+[#262]: https://github.com/ericcornelissen/git-tag-annotation-action/pull/262

From b1673fdc2822d1be0da5bd99938a17878b59855e Mon Sep 17 00:00:00 2001
From: Eric Cornelissen <ericornelissen@gmail.com>
Date: Mon, 1 Aug 2022 22:54:58 +0200
Subject: [PATCH 7/7] Reconfigure harder-runner for Validate Action Types job

Reduce allowed endpoints to what's absolutely necessary
---
 .github/workflows/verify.yml | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml
index a08b1ac..f40d918 100644
--- a/.github/workflows/verify.yml
+++ b/.github/workflows/verify.yml
@@ -213,12 +213,7 @@ jobs:
         with:
           egress-policy: block
           allowed-endpoints: >
-            api.github.com:443
-            artifactcache.actions.githubusercontent.com:443
             github.com:443
-            n06iacprodeus1file4.blob.core.windows.net:443
-            objects.githubusercontent.com:443
-            registry.npmjs.org:443
       - name: Checkout repository
         uses: actions/checkout@v3.0.2
       - name: Validate Action Types