github-gsa: support pull_request_target #746
Description
i wonder what part of pull_request_target fails to match
a bit more documentation; https://github.com/chainguard-dev/terraform-infra-common/blob/main/modules/github-wif-provider/main.tf#L29-L36
# assertion.ref has one of the forms:
# - Branch: refs/heads/main
# - Pull Request: refs/pull/1/merge
# - Tag: refs/tags/v1.0.0
# assertion.workflow_ref has one of the forms:
the issue is likely that pull_request have a refspec of a format of refs/pull/[0-9]+/merge
while pull_request_target has a refspec of a format of refs/heads/main or refs/heads/master
can you file an issue to add support for pull_request_target refspec for github-wif-provider