diff --git a/.github/workflows/auto-format.yml b/.github/workflows/auto-format.yml index f8b0eec524..e703327416 100644 --- a/.github/workflows/auto-format.yml +++ b/.github/workflows/auto-format.yml @@ -10,12 +10,19 @@ jobs: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} + - name: Checkout code uses: actions/checkout@v4 with: repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} - name: Prepare uses: ./.github/actions/prepare diff --git a/.github/workflows/auto-update-i18n.yml b/.github/workflows/auto-update-i18n.yml index 27fb8723ee..8c99c7efbc 100644 --- a/.github/workflows/auto-update-i18n.yml +++ b/.github/workflows/auto-update-i18n.yml @@ -12,12 +12,18 @@ jobs: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} - name: Checkout code uses: actions/checkout@v4 with: repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} - name: Prepare uses: ./.github/actions/prepare diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml index f3c210081b..d0088eec95 100644 --- a/.github/workflows/bump-version.yml +++ b/.github/workflows/bump-version.yml @@ -21,6 +21,12 @@ jobs: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} - name: Checkout repository uses: actions/checkout@v4 @@ -43,7 +49,7 @@ jobs: - name: Create Pull Request uses: ./.github/actions/create-pr with: - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} branch: "chore(release)/v${{ steps.bump_version.outputs.new_version }}" title: "chore(release): v${{ steps.bump_version.outputs.new_version }}" body: | diff --git a/.github/workflows/frontend-remove-unused-components.yml b/.github/workflows/frontend-remove-unused-components.yml index fd3cb87113..9c5be126b6 100644 --- a/.github/workflows/frontend-remove-unused-components.yml +++ b/.github/workflows/frontend-remove-unused-components.yml @@ -10,6 +10,12 @@ jobs: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} - name: Checkout uses: actions/checkout@v4 - name: Prepare @@ -37,7 +43,7 @@ jobs: if: env.CHANGES_DETECTED == 'true' uses: ./.github/actions/create-pr with: - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} branch: bot-frontend-remove-unused-svelte-files title: 'chore(frontend): Remove Unused Svelte Files' body: | diff --git a/.github/workflows/tag-release.yml b/.github/workflows/tag-release.yml index bcf8fbf140..173799409d 100644 --- a/.github/workflows/tag-release.yml +++ b/.github/workflows/tag-release.yml @@ -13,6 +13,12 @@ jobs: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} - name: Checkout repository uses: actions/checkout@v4 @@ -37,7 +43,8 @@ jobs: uses: release-drafter/release-drafter@v6 with: version: 'v${{ steps.get_version.outputs.version }}' + token: ${{ steps.app-token.outputs.token }} tag: 'v${{ steps.get_version.outputs.version }}' name: 'v${{ steps.get_version.outputs.version }}' latest: true - publish: true \ No newline at end of file + publish: true diff --git a/.github/workflows/update-rust.yml b/.github/workflows/update-rust.yml index e6365bd098..f5ed63ac3d 100644 --- a/.github/workflows/update-rust.yml +++ b/.github/workflows/update-rust.yml @@ -12,6 +12,12 @@ jobs: rust-update: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} - uses: actions/checkout@v4 # First, check rust GitHub releases for a new version. We assume that the @@ -51,8 +57,8 @@ jobs: if: ${{ steps.update.outputs.updated == '1' }} uses: ./.github/actions/create-pr with: - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} branch: bot-rust-update title: 'build(backend): Update Rust version' body: | - A new Rust version available. \ No newline at end of file + A new Rust version available. diff --git a/.github/workflows/update-snapshots.yml b/.github/workflows/update-snapshots.yml index 6c1013b136..fe1ab4817c 100644 --- a/.github/workflows/update-snapshots.yml +++ b/.github/workflows/update-snapshots.yml @@ -45,6 +45,13 @@ jobs: echo "This workflow should not be triggered with workflow_dispatch on main" exit 1 + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} + - name: Checkout if: ${{ github.event_name != 'pull_request' }} uses: actions/checkout@v4 @@ -55,7 +62,7 @@ jobs: with: repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} - name: Deploy the backend uses: ./.github/actions/deploy-backend diff --git a/.github/workflows/update-tokens.yml b/.github/workflows/update-tokens.yml index 3fda89cb95..9f1742e01e 100644 --- a/.github/workflows/update-tokens.yml +++ b/.github/workflows/update-tokens.yml @@ -10,6 +10,12 @@ jobs: update-tokens-sns: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} - name: Checkout uses: actions/checkout@v4 - name: Prepare @@ -28,7 +34,7 @@ jobs: if: env.CHANGES_DETECTED == 'true' uses: ./.github/actions/create-pr with: - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} branch: bot-tokens-sns-update title: 'feat(frontend): Update Sns Tokens' body: | @@ -37,6 +43,12 @@ jobs: update-tokens-ckerc20: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} - name: Checkout uses: actions/checkout@v4 - name: Prepare @@ -58,7 +70,7 @@ jobs: if: env.CHANGES_DETECTED == 'true' uses: ./.github/actions/create-pr with: - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} branch: bot-tokens-ckerc20-update title: 'feat(frontend): Update ckErc20 Tokens' body: |