Skip to content

Commit

Permalink
fix: use GitHub token for semantic release workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
rochecompaan committed Sep 21, 2024
1 parent 4262b2d commit b5eef60
Showing 1 changed file with 6 additions and 17 deletions.
23 changes: 6 additions & 17 deletions .github/workflows/semantic-release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,25 +5,20 @@ on:
branches:
- main

permissions:
contents: write
issues: write

jobs:
semantic-release:
runs-on: ubuntu-latest
environment: dev
steps:
- name: Prepare workaround
# Create a GitHub App token to authenticate as the workaround app.
uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ vars.CI_VERSION_WORKAROUND_APP_ID }}
private-key: ${{ secrets.CI_VERSION_WORKAROUND_APP_PRIVATE_KEY }}

- name: Checkout
# Use the workaround app-token to pull all history and tags for the repository.
uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ steps.app-token.outputs.token }}
token: ${{ secrets.GITHUB_TOKEN }}
persist-credentials: false

- name: Setup Node.js
Expand All @@ -38,12 +33,6 @@ jobs:
run: npm audit signatures

- name: Run Semantic Release
# Use the workaround app-token to authenticate as the workaround app in order to
# push tags to the protected branch.
run: npx semantic-release
env:
# Deprecated in favor of the app token.
#CI_VERSION_WORKAROUND_APP_ID: ${{ vars.CI_VERSION_WORKAROUND_APP_ID }}
#CI_VERSION_WORKAROUND_APP_PRIVATE_KEY: ${{ secrets.CI_VERSION_WORKAROUND_APP_PRIVATE_KEY }}
#GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} # I think this is deprecated in favor of the app token
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

0 comments on commit b5eef60

Please sign in to comment.