From 41d60e54a13ba9c3f5149aa90dd9d972d21a099e Mon Sep 17 00:00:00 2001 From: Bo Anderson Date: Wed, 22 Nov 2023 16:53:31 +0000 Subject: [PATCH] workflows/vendor-gems: trial using GitHub App token --- .github/actionlint.yaml | 6 +++--- .github/workflows/vendor-gems.yml | 10 +++++++++- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/.github/actionlint.yaml b/.github/actionlint.yaml index 4ae8fc863957c..97ba215778c25 100644 --- a/.github/actionlint.yaml +++ b/.github/actionlint.yaml @@ -1,8 +1,8 @@ self-hosted-runner: # Labels of self-hosted runner in array of strings. - labels: - - 11-arm64 + labels: [] # Configuration variables in array of strings defined in your repository or # organization. `null` means disabling configuration variables check. # Empty array means no configuration variable is allowed. -config-variables: [] +config-variables: + - BREW_COMMIT_APP_ID diff --git a/.github/workflows/vendor-gems.yml b/.github/workflows/vendor-gems.yml index 12aa4372b2545..b1f1a59f65c94 100644 --- a/.github/workflows/vendor-gems.yml +++ b/.github/workflows/vendor-gems.yml @@ -151,11 +151,19 @@ jobs: -m "Autogenerated by the [vendor-gems](https://github.com/Homebrew/brew/blob/HEAD/.github/workflows/vendor-gems.yml) workflow." fi + - name: Generate push token + uses: actions/create-github-app-token@v1 + id: app-token + if: github.event_name == 'pull_request_target' || github.event_name == 'workflow_dispatch' + with: + app-id: ${{ vars.BREW_COMMIT_APP_ID }} + private-key: ${{ secrets.BREW_COMMIT_APP_KEY }} + - name: Push to pull request if: github.event_name == 'pull_request_target' || github.event_name == 'workflow_dispatch' uses: Homebrew/actions/git-try-push@master with: - token: ${{ secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN }} + token: ${{ steps.app-token.outputs.token }} directory: ${{ steps.set-up-homebrew.outputs.repository-path }} branch: ${{ steps.checkout.outputs.branch }} force: true