Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: use GitHub application token #3616

Draft
wants to merge 4 commits into
base: master
Choose a base branch
from
Draft

chore: use GitHub application token #3616

wants to merge 4 commits into from

Conversation

petertonysmith94
Copy link
Contributor

@petertonysmith94 petertonysmith94 commented Jan 23, 2025
edited
Loading

Summary

  • Migrate GITHUB_TOKEN usage to use an application token.

Next steps

  • Create GitHub application (see here)

    • Permissions:
      • Actions: Read+Write (to trigger workflows on FuelLabs/docs-hub + FuelLabs/migrations-and-disclosures)
      • Contents: Read+Write
      • Pull requests: Read + Write
      • Issues: Read

  • Populate GitHub actions:

    • variables with APP_ID (application ID)
    • secrets with PRIVATE_KEY (application private key)

Checklist

  • All changes are covered by tests (or not applicable)
  • All changes are documented (or not applicable)
  • I reviewed the entire PR myself (preferably, on GH UI)
  • I described all Breaking Changes (or there's none)

@petertonysmith94 petertonysmith94 added the chore Issue is a chore label Jan 23, 2025
@petertonysmith94 petertonysmith94 self-assigned this Jan 23, 2025
@vercel Vercel
Copy link

vercel bot commented Jan 23, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
fuels-template ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jan 23, 2025 1:43pm
ts-docs ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jan 23, 2025 1:43pm
ts-docs-api ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jan 23, 2025 1:43pm

petertonysmith94
petertonysmith94 commented Jan 23, 2025
View reviewed changes
Copy link
Contributor Author

@petertonysmith94 petertonysmith94 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Annotating permissions required for release application

.github/workflows/release.yaml Show resolved Hide resolved
.github/workflows/release.yaml Show resolved Hide resolved
.github/workflows/release.yaml Show resolved Hide resolved
.github/workflows/release.yaml Show resolved Hide resolved
.github/workflows/release.yaml Show resolved Hide resolved
.github/workflows/release.yaml Show resolved Hide resolved
.github/workflows/release.yaml Show resolved Hide resolved
.github/workflows/release.yaml Show resolved Hide resolved
.github/workflows/release.yaml Show resolved Hide resolved
@github-actions GitHub Actions
Copy link
Contributor

Coverage Report:

Lines Branches Functions Statements
77.05%(+0.01%) 70.65%(+0.01%) 75.1%(+0%) 77.05%(+0.01%)
Changed Files:
Ok File (✨=New File) Lines Branches Functions Statements
🔴 packages/account/src/providers/provider.ts 68.46%
(-0.09%)		 59%
(+0.54%)		 69.89%
(+0%)		 68.2%
(-0.08%)

@petertonysmith94 petertonysmith94 mentioned this pull request Jan 23, 2025
Open
mchristopher
mchristopher reviewed Jan 31, 2025
View reviewed changes
.github/workflows/pr-validate-changesets.yaml
@@ -17,10 +17,26 @@ jobs:
if: github.actor == 'dependabot[bot]'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is happening in this workflow that requires an app token? It looks like it's only manipulating the contents of the current repo, which should be a matter of adjusting the existing token permissions, not using an app.

.github/workflows/release.yaml
@@ -109,7 +118,7 @@ jobs:
pnpm changeset publish --tag next
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Most of these changes don't look like they need an app - only the stuff doing anything to other repos should need special access. The default token should work fine for changes to this repo.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mchristopher mchristopher mchristopher left review comments

@digorithm digorithm Awaiting requested review from digorithm digorithm will be requested when the pull request is marked ready for review digorithm is a code owner

@arboleya arboleya Awaiting requested review from arboleya arboleya will be requested when the pull request is marked ready for review arboleya is a code owner

@Torres-ssf Torres-ssf Awaiting requested review from Torres-ssf Torres-ssf will be requested when the pull request is marked ready for review Torres-ssf is a code owner

@danielbate danielbate Awaiting requested review from danielbate danielbate will be requested when the pull request is marked ready for review danielbate is a code owner

@nedsalk nedsalk Awaiting requested review from nedsalk nedsalk will be requested when the pull request is marked ready for review nedsalk is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

@petertonysmith94 petertonysmith94

Labels
chore Issue is a chore
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Migrate PAT GitHub Token Usage
2 participants
@petertonysmith94 @mchristopher