Skip to content

fix: use CI user PAT to bypass branch protections #86

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 16, 2025
Merged

fix: use CI user PAT to bypass branch protections #86

merged 2 commits into from
Apr 16, 2025

Conversation

@0marperez
Copy link
Contributor

@0marperez 0marperez commented Apr 14, 2025

Issue #, if available:
SDK-KT-610

Description of changes:
Need to assume the CI role to bypass branch protection rules

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@0marperez 0marperez force-pushed the fix-auto-merge-credentials branch from 5d25878 to 5e96c91 Compare April 15, 2025 21:23
lauzadis
lauzadis reviewed Apr 16, 2025
View reviewed changes
.github/actions/merge-main/action.yml
Comment on lines +6 to +7
ci-user-pat:
description: The CI user's personal access token to write to the repo
Copy link
Member

@lauzadis lauzadis Apr 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why does this need to be an input, is this not accessible through {{ secrets.CI_USER_PAT }} (using the secrets from whichever repo invoked this action)?

Copy link
Contributor Author

@0marperez 0marperez Apr 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, secrets are not accessible through the action. You can see a run here where it didn't work:
https://github.com/awslabs/aws-kotlin-repo-tools/actions/runs/14479267339/job/40612416547

I think I found a better way to pass secrets to the action than what I'm using now:
https://docs.github.com/en/actions/sharing-automations/reusing-workflows#passing-inputs-and-secrets-to-a-reusable-workflow

Copy link
Contributor Author

@0marperez 0marperez Apr 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually never mind the "better" way, it seems like it doesn't work for actions.

Copy link
Member

@lauzadis lauzadis Apr 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This entire merge-main process could probably be restructured as a reusable workflow instead of an action, but I think it's out of scope for now

@0marperez 0marperez force-pushed the fix-auto-merge-credentials branch from cecb3ab to c711cf7 Compare April 16, 2025 14:45
@0marperez 0marperez changed the title fix: assume CI role to bypass branch protections fix: use CI user PAT to bypass branch protections Apr 16, 2025
@0marperez 0marperez merged commit a1ad9dd into main Apr 16, 2025
10 checks passed
@0marperez 0marperez deleted the fix-auto-merge-credentials branch April 16, 2025 15:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lauzadis lauzadis lauzadis approved these changes

@ianbotsf ianbotsf ianbotsf approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@0marperez @lauzadis @ianbotsf