From eb9b93e6f5a3ceb2c89c48a001c3e193c85fd765 Mon Sep 17 00:00:00 2001 From: Mario Vitale Date: Mon, 27 Nov 2023 13:24:29 +0100 Subject: [PATCH] Use Github App for retrieving job token --- .github/workflows/bump-build-number.yml | 9 ++++++++- scripts/bump_build_number.sh | 4 ++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/.github/workflows/bump-build-number.yml b/.github/workflows/bump-build-number.yml index 524a0ff8497..5629d85f4f8 100644 --- a/.github/workflows/bump-build-number.yml +++ b/.github/workflows/bump-build-number.yml @@ -15,6 +15,13 @@ jobs: # This is required to run on MacOS runs-on: macos-12 steps: + - uses: mattermost/github-app-installation-token-action@181cd1b8c94b158428c4facfe043d6e28c20be55 + id: ghapp + with: + appId: "${{ vars.UNIFIED_CI_APP_ID }}" + installationId: "${{ vars.UNIFIED_CI_INSTALLATION_ID }}" + privateKey: ${{ secrets.UNIFIED_CI_PRIVATE_KEY }} + - name: bump-build-number/checkout-repo uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: @@ -29,7 +36,7 @@ jobs: - name: bump-build-number/bump-build-number env: - GH_TOKEN: "${{ github.token }}" + GH_TOKEN: "${{ steps.ghapp.outputs.token }}" DRY_RUN: no run: ./scripts/bump_build_number.sh ... diff --git a/scripts/bump_build_number.sh b/scripts/bump_build_number.sh index b6a677ca3ec..fb7400aa8b0 100755 --- a/scripts/bump_build_number.sh +++ b/scripts/bump_build_number.sh @@ -55,9 +55,9 @@ if grep -qiE '^(no?|false)$' <<<$DRY_RUN; then Bump app build number to $BUILD_NUMBER #### Release Note -```release-note +\`\`\`release-note NONE -``` +\`\`\` EOF else log "Running in DRY_RUN mode: skipping branch push and PR creation"