revert

ChristianZaccaria · ChristianZaccaria · commit 3f87c24e0279 · 2024-11-04T15:20:31.000Z
diff --git a/.github/workflows/fake-release.yaml b/.github/workflows/fake-release.yaml
@@ -8,47 +8,49 @@ on:
               required: true
               description: 'Version number (for example: 0.1.0)'
     push:
-        branches:
-            - test-odh-notebooks-sync
+        branches: [ main ]
 
 env:
   BRANCH_NAME: main
   PR_BRANCH_NAME: snyk-tag-monitoring-${{ github.run_id }}
-  GITHUB_TOKEN: ${{ secrets.GH_CLI_TOKEN }}
   RELEASE_VERSION: ${{ github.event.inputs.release-version || '0.2.0' }}
 
 jobs:
     release:
         runs-on: ubuntu-latest
+        permissions:
+          contents: write
+          pull-requests: write
         steps:
           - name: Checkout code
             uses: actions/checkout@v4
             with:
                 submodules: recursive
+                token: ${{ secrets.GH_CLI_TOKEN }}
 
           - name: Append tag to Snyk monitoring list
             run: |
-              sed -i 's/list_of_released_tags=(/list_of_released_tags=("v$RELEASE_VERSION", /' .github/workflows/snyk-security.yaml
+              sed -i 's/list_of_released_tags=(/list_of_released_tags=("v${{ env.RELEASE_VERSION }}", /' .github/workflows/snyk-security.yaml
 
           - name: Commit and push changes
             run: |
               git config --global user.email "138894154+codeflare-machine-account@users.noreply.github.com"
               git config --global user.name "codeflare-machine-account"
               git checkout -b $PR_BRANCH_NAME
               git commit -am "Update snyk-security.yaml"
-              git push origin $PR_BRANCH_NAME
+              git push --set-upstream origin "$PR_BRANCH_NAME"
 
           - name: Create Pull Request
             run: |
                 gh pr create \
                 --title "$pr_title" \
                 --body "$pr_body" \
                 --head ${{ env.PR_BRANCH_NAME }} \
-                --base "$GIT_BRANCH"
+                --base main
             env:
-              pr_title: "Append tag $RELEASE_VERSION to Snyk monitoring list"
+              GITHUB_TOKEN: ${{ secrets.GH_CLI_TOKEN }}
+              pr_title: "Append tag ${{ env.RELEASE_VERSION }} to Snyk monitoring list"
               pr_body: |
                 :rocket: This is an automated Pull Request generated by [release.yaml](https://github.com/project-codeflare/codeflare-sdk/blob/main/.github/workflows/release.yaml) workflow.
 
                 This PR appends to the list of tags that Snyk will be monitoring.
-              GIT_BRANCH: ${GITHUB_REF#refs/heads/}
