From f35eb7ffaeef3c8fbfe47e6f01ea015e28f0cadf Mon Sep 17 00:00:00 2001 From: Ryan Cooke Date: Tue, 1 Oct 2024 15:30:08 +0100 Subject: [PATCH] use github app installation token for device repository cloning This is required for cloning private submodules - as the default behaviour means the token is scoped only to the repository the workflow is running on Change-type: patch Signed-off-by: Ryan Cooke --- .github/workflows/yocto-build-deploy.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/yocto-build-deploy.yml b/.github/workflows/yocto-build-deploy.yml index 2f1f625cb..4a0e62037 100644 --- a/.github/workflows/yocto-build-deploy.yml +++ b/.github/workflows/yocto-build-deploy.yml @@ -1065,6 +1065,8 @@ jobs: steps: # https://github.com/actions/create-github-app-token + # We give the owner arg, meaning that this token will be valid for all repositories in the org + # This behvaiour is required for private submodules - name: Create GitHub App installation token uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 id: app-token @@ -1072,6 +1074,7 @@ jobs: with: app-id: ${{ vars.FLOWZONE_APP_ID }} private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} # Generate another app token for the balena-io organization # so we can checkout private contracts