Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(ci): use github app token instead of bot user #206

Merged
merged 1 commit into from
Nov 27, 2024
Merged

chore(ci): use github app token instead of bot user #206

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/codeql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@v4

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
Expand Down
8 changes: 7 additions & 1 deletion .github/workflows/prepare-release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,12 @@ jobs:
prepare:
runs-on: ubuntu-latest
steps:
- uses: mongodb-js/devtools-shared/actions/setup-bot-token@main
id: app-token
with:
app-id: ${{ vars.DEVTOOLS_BOT_APP_ID }}
private-key: ${{ secrets.DEVTOOLS_BOT_PRIVATE_KEY }}

- uses: actions/checkout@v4

- name: Use Node.js 20.x
Expand All @@ -36,7 +42,7 @@ jobs:
with:
branch: release/${{ steps.version.outputs.new-version }}
title: 'chore: bump version to ${{ steps.version.outputs.new-version }}'
token: ${{ secrets.SVC_DEVTOOLSBOT_TOKEN }}
token: ${{ steps.app-token.outputs.token }}
draft: false
body: |
An automated PR for next release.
Expand Down
8 changes: 7 additions & 1 deletion .github/workflows/publish-release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,12 @@ jobs:
name: Production
url: https://www.npmjs.com/package/@mongodb-js/oidc-plugin/v/${{ steps.get-version.outputs.package_version }}
steps:
- uses: mongodb-js/devtools-shared/actions/setup-bot-token@main
id: app-token
with:
app-id: ${{ vars.DEVTOOLS_BOT_APP_ID }}
private-key: ${{ secrets.DEVTOOLS_BOT_PRIVATE_KEY }}

- uses: actions/checkout@v4

- name: Use Node.js 20.x
Expand Down Expand Up @@ -44,7 +50,7 @@ jobs:
- name: Merge Pull Request
uses: juliangruber/merge-pull-request-action@9234b8714dda9a08f3d1df5b2a6a3abd7b695353 # 1.3.1
with:
github-token: ${{ secrets.SVC_DEVTOOLSBOT_TOKEN }}
github-token: ${{ steps.app-token.outputs.token }}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This will still work fine in terms of triggering GH actions runs on the created merge commit, right?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, the app token works pretty much the same way as a user token would.

number: ${{ steps.find-pull-request.outputs.number }}
method: squash

Expand Down
Loading