v0.2.4

Issues | Pull Requests | v0.2.3...v0.2.4

Features

#79 Add read_checksum_token input to allow custom token for aqua update-checksum @iwata

This action didn't have any input to pass GitHub Access Tokens, so you needed to pass a GitHub Access Token via environment variable GITHUB_TOKEN.

e.g. https://github.com/aquaproj/update-checksum-workflow/blob/437067ad2fba9ba8ed8454cf207f2532432d4e28/.github/workflows/update-checksum.yaml#L142-L147

      - uses: aquaproj/update-checksum-action@0fef5fa12e81e046bb29078f76b99bb29fa4e696 # v0.2.3
        env:
          GITHUB_TOKEN: ${{steps.generate_token.outputs.token}}

But this action uses GitHub Access token for two purposes.

1. aqua update-checksum: It may access private registries and packages. contents: read
2. push a commit by ghcp: It may access a private repository contents: write

These two purposes requires different permissions and scopes.
Especially, contents:write for private registries and packages is undesirable.

As of v0.2.4, you can pass a GitHub access token for aqua update-checksum via the input read_checksum_token.
So, you can pass two different access tokens.

e.g.

      - uses: aquaproj/update-checksum-action@0fef5fa12e81e046bb29078f76b99bb29fa4e696 # v0.2.3
        with:
          read_checksum_token: ${{steps.generate_token.outputs.token}} # Token for `aqua update-checksum`
        env:
          GITHUB_TOKEN: ${{ github.token }} # Token for pushing a commit

read_checksum_token is optional. By default, AQUA_GITHUB_TOKEN or GITHUB_TOKEN is used.