diff --git a/.github/workflows/dispatch-matrix-check.yml b/.github/workflows/dispatch-matrix-check.yml index afe78c948c..845a8fc4ae 100644 --- a/.github/workflows/dispatch-matrix-check.yml +++ b/.github/workflows/dispatch-matrix-check.yml @@ -20,11 +20,20 @@ jobs: with: minimum-permission: "write" + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repositories: "codeql-coding-standards-release-engineering" + - name: Dispatch Matrix Testing Job if: steps.check-write-permission.outputs.has-permission uses: peter-evans/repository-dispatch@v2 with: - token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + token: ${{ steps.generate-token.outputs.token }} repository: github/codeql-coding-standards-release-engineering event-type: matrix-test client-payload: '{"pr": "${{ github.event.number }}"}' diff --git a/.github/workflows/dispatch-matrix-test-on-comment.yml b/.github/workflows/dispatch-matrix-test-on-comment.yml index 98e1f9b7ba..4f9f9a5b1e 100644 --- a/.github/workflows/dispatch-matrix-test-on-comment.yml +++ b/.github/workflows/dispatch-matrix-test-on-comment.yml @@ -17,11 +17,20 @@ jobs: with: minimum-permission: "write" + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repositories: "codeql-coding-standards-release-engineering" + - name: Dispatch Matrix Testing Job if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-matrix') && steps.check-write-permission.outputs.has-permission }} uses: peter-evans/repository-dispatch@v2 with: - token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + token: ${{ steps.generate-token.outputs.token }} repository: github/codeql-coding-standards-release-engineering event-type: matrix-test client-payload: '{"pr": "${{ github.event.issue.number }}"}' diff --git a/.github/workflows/dispatch-release-performance-check.yml b/.github/workflows/dispatch-release-performance-check.yml index 64863b8b05..7e28a9c4f9 100644 --- a/.github/workflows/dispatch-release-performance-check.yml +++ b/.github/workflows/dispatch-release-performance-check.yml @@ -17,11 +17,20 @@ jobs: with: minimum-permission: "write" + - name: Generate token + id: generate-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ vars.AUTOMATION_APP_ID }} + private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repositories: "codeql-coding-standards-release-engineering" + - name: Dispatch Performance Testing Job if: ${{ github.event.issue.pull_request && contains(github.event.comment.body, '/test-performance') && steps.check-write-permission.outputs.has-permission }} uses: peter-evans/repository-dispatch@v2 with: - token: ${{ secrets.RELEASE_ENGINEERING_TOKEN }} + token: ${{ steps.generate-token.outputs.token }} repository: github/codeql-coding-standards-release-engineering event-type: performance-test client-payload: '{"pr": "${{ github.event.issue.number }}"}' diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml index d3f511caba..7afc516aac 100644 --- a/.github/workflows/finalize-release.yml +++ b/.github/workflows/finalize-release.yml @@ -103,7 +103,7 @@ jobs: - name: Generate token if: env.HOTFIX_RELEASE == 'false' id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + uses: actions/create-github-app-token@v1 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index 9bbd27ce26..ba258e06f5 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -143,7 +143,7 @@ jobs: - name: Generate token id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + uses: actions/create-github-app-token@v1 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml index 21838c1d9f..c825fab347 100644 --- a/.github/workflows/update-release.yml +++ b/.github/workflows/update-release.yml @@ -43,7 +43,7 @@ jobs: - name: Generate token id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + uses: actions/create-github-app-token@v1 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 5f5382f5dd..63aa9e90e3 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -40,7 +40,7 @@ jobs: steps: - name: Generate token id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + uses: actions/create-github-app-token@v1 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }} @@ -108,7 +108,7 @@ jobs: steps: - name: Generate token id: generate-token - uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e + uses: actions/create-github-app-token@v1 with: app-id: ${{ vars.AUTOMATION_APP_ID }} private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }}