From 2f49c3e8301cb2f7a2088bc15bb4885d6eebf70f Mon Sep 17 00:00:00 2001 From: Carly Gundy <47304080+cgundy@users.noreply.github.com> Date: Wed, 20 Nov 2024 13:17:42 +0100 Subject: [PATCH 1/8] chore(IDX): replace PAT with GitHub App --- .github/workflows/tag-release.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/tag-release.yml b/.github/workflows/tag-release.yml index b3da5ef511..3fc868b55e 100644 --- a/.github/workflows/tag-release.yml +++ b/.github/workflows/tag-release.yml @@ -13,6 +13,12 @@ jobs: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} - name: Checkout repository uses: actions/checkout@v4 @@ -37,4 +43,4 @@ jobs: uses: release-drafter/release-drafter@v6 with: version: "v${{ steps.get_version.outputs.version }}" - token: ${{ secrets.GIX_CREATE_PR_PAT }} \ No newline at end of file + token: ${{ steps.app-token.outputs.token }} From 5b6453f76e8bf10475e2069628231ac5f8ab28a5 Mon Sep 17 00:00:00 2001 From: Carly Gundy <47304080+cgundy@users.noreply.github.com> Date: Wed, 20 Nov 2024 13:19:57 +0100 Subject: [PATCH 2/8] Update bump-version.yml --- .github/workflows/bump-version.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml index f3c210081b..d0088eec95 100644 --- a/.github/workflows/bump-version.yml +++ b/.github/workflows/bump-version.yml @@ -21,6 +21,12 @@ jobs: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} - name: Checkout repository uses: actions/checkout@v4 @@ -43,7 +49,7 @@ jobs: - name: Create Pull Request uses: ./.github/actions/create-pr with: - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} branch: "chore(release)/v${{ steps.bump_version.outputs.new_version }}" title: "chore(release): v${{ steps.bump_version.outputs.new_version }}" body: | From 1803392644b425d048a7738017064f97a3749849 Mon Sep 17 00:00:00 2001 From: Carly Gundy <47304080+cgundy@users.noreply.github.com> Date: Wed, 20 Nov 2024 13:20:52 +0100 Subject: [PATCH 3/8] Update frontend-remove-unused-components.yml --- .github/workflows/frontend-remove-unused-components.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/frontend-remove-unused-components.yml b/.github/workflows/frontend-remove-unused-components.yml index fd3cb87113..9c5be126b6 100644 --- a/.github/workflows/frontend-remove-unused-components.yml +++ b/.github/workflows/frontend-remove-unused-components.yml @@ -10,6 +10,12 @@ jobs: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} - name: Checkout uses: actions/checkout@v4 - name: Prepare @@ -37,7 +43,7 @@ jobs: if: env.CHANGES_DETECTED == 'true' uses: ./.github/actions/create-pr with: - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} branch: bot-frontend-remove-unused-svelte-files title: 'chore(frontend): Remove Unused Svelte Files' body: | From 98ffd1354212c4b3e0eebdfc6c8916772a02a019 Mon Sep 17 00:00:00 2001 From: Carly Gundy <47304080+cgundy@users.noreply.github.com> Date: Wed, 20 Nov 2024 13:21:39 +0100 Subject: [PATCH 4/8] Update update-rust.yml --- .github/workflows/update-rust.yml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-rust.yml b/.github/workflows/update-rust.yml index e6365bd098..f5ed63ac3d 100644 --- a/.github/workflows/update-rust.yml +++ b/.github/workflows/update-rust.yml @@ -12,6 +12,12 @@ jobs: rust-update: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} - uses: actions/checkout@v4 # First, check rust GitHub releases for a new version. We assume that the @@ -51,8 +57,8 @@ jobs: if: ${{ steps.update.outputs.updated == '1' }} uses: ./.github/actions/create-pr with: - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} branch: bot-rust-update title: 'build(backend): Update Rust version' body: | - A new Rust version available. \ No newline at end of file + A new Rust version available. From 028aacc6d7a34d474ccacdcc7f023e8723059cf7 Mon Sep 17 00:00:00 2001 From: Carly Gundy <47304080+cgundy@users.noreply.github.com> Date: Wed, 20 Nov 2024 13:22:50 +0100 Subject: [PATCH 5/8] Update update-tokens.yml --- .github/workflows/update-tokens.yml | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-tokens.yml b/.github/workflows/update-tokens.yml index 3fda89cb95..9f1742e01e 100644 --- a/.github/workflows/update-tokens.yml +++ b/.github/workflows/update-tokens.yml @@ -10,6 +10,12 @@ jobs: update-tokens-sns: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} - name: Checkout uses: actions/checkout@v4 - name: Prepare @@ -28,7 +34,7 @@ jobs: if: env.CHANGES_DETECTED == 'true' uses: ./.github/actions/create-pr with: - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} branch: bot-tokens-sns-update title: 'feat(frontend): Update Sns Tokens' body: | @@ -37,6 +43,12 @@ jobs: update-tokens-ckerc20: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} - name: Checkout uses: actions/checkout@v4 - name: Prepare @@ -58,7 +70,7 @@ jobs: if: env.CHANGES_DETECTED == 'true' uses: ./.github/actions/create-pr with: - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} branch: bot-tokens-ckerc20-update title: 'feat(frontend): Update ckErc20 Tokens' body: | From 84a23160c214fdc7bf1e08dc44f689526d5d4e93 Mon Sep 17 00:00:00 2001 From: Carly Gundy <47304080+cgundy@users.noreply.github.com> Date: Wed, 20 Nov 2024 13:23:38 +0100 Subject: [PATCH 6/8] Update auto-update-i18n.yml --- .github/workflows/auto-update-i18n.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/auto-update-i18n.yml b/.github/workflows/auto-update-i18n.yml index 27fb8723ee..8c99c7efbc 100644 --- a/.github/workflows/auto-update-i18n.yml +++ b/.github/workflows/auto-update-i18n.yml @@ -12,12 +12,18 @@ jobs: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} - name: Checkout code uses: actions/checkout@v4 with: repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} - name: Prepare uses: ./.github/actions/prepare From 3e0da753ad0491c0d1d396edb88f1dbf728ea049 Mon Sep 17 00:00:00 2001 From: Carly Gundy <47304080+cgundy@users.noreply.github.com> Date: Wed, 20 Nov 2024 13:24:18 +0100 Subject: [PATCH 7/8] Update auto-format.yml --- .github/workflows/auto-format.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/auto-format.yml b/.github/workflows/auto-format.yml index f8b0eec524..e703327416 100644 --- a/.github/workflows/auto-format.yml +++ b/.github/workflows/auto-format.yml @@ -10,12 +10,19 @@ jobs: runs-on: ubuntu-24.04 steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} + - name: Checkout code uses: actions/checkout@v4 with: repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} - name: Prepare uses: ./.github/actions/prepare From 8f884c4b5b70f84c4f7358bde469c232546dc10d Mon Sep 17 00:00:00 2001 From: Carly Gundy <47304080+cgundy@users.noreply.github.com> Date: Wed, 20 Nov 2024 13:25:45 +0100 Subject: [PATCH 8/8] Update update-snapshots.yml --- .github/workflows/update-snapshots.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-snapshots.yml b/.github/workflows/update-snapshots.yml index b1bf13f196..1af09b28be 100644 --- a/.github/workflows/update-snapshots.yml +++ b/.github/workflows/update-snapshots.yml @@ -36,6 +36,13 @@ jobs: echo "This workflow should not be triggered with workflow_dispatch on main" exit 1 + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} + private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} + - name: Checkout if: ${{ github.event_name != 'pull_request' }} uses: actions/checkout@v4 @@ -46,7 +53,7 @@ jobs: with: repository: ${{ github.event.pull_request.head.repo.full_name }} ref: ${{ github.event.pull_request.head.ref }} - token: ${{ secrets.GIX_CREATE_PR_PAT }} + token: ${{ steps.app-token.outputs.token }} - name: Deploy the backend