Skip to content

Commit 787af47

Browse files
jprusikjprusik
committed
use actions/create-github-app-token and fix typos
1 parent 6eda5d2 commit 787af47

File tree

2 files changed

+61
-5
lines changed

2 files changed

+61
-5
lines changed

.github/workflows/test-all-custom-flags.yml

Lines changed: 30 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,8 +29,36 @@ jobs:
2929
packages: read
3030
pull-requests: write
3131
steps:
32+
- name: Log in to Azure
33+
uses: bitwarden/gh-actions/azure-login@main
34+
with:
35+
subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
36+
tenant_id: ${{ secrets.AZURE_TENANT_ID }}
37+
client_id: ${{ secrets.AZURE_CLIENT_ID }}
38+
39+
- name: Get Azure Key Vault secrets
40+
id: get-kv-secrets
41+
uses: bitwarden/gh-actions/get-keyvault-secrets@main
42+
with:
43+
keyvault: gh-org-bitwarden
44+
secrets: "BW-GHAPP-ID,BW-GHAPP-KEY"
45+
46+
- name: Log out from Azure
47+
uses: bitwarden/gh-actions/azure-logout@main
48+
49+
- name: Generate GH App token
50+
uses: actions/create-github-app-token@30bf6253fa41bdc8d1501d202ad15287582246b4 # v2.0.3
51+
id: app-token
52+
with:
53+
app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}
54+
private-key: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-KEY }}
55+
owner: bitwarden
56+
repositories: clients
57+
permission-actions: write
58+
3259
- name: Checkout
3360
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
61+
3462
- name: Setup Node
3563
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
3664
with:
@@ -74,7 +102,7 @@ jobs:
74102
branch: ${{ github.event.client_payload.origin_branch || inputs.CLIENTS_BRANCH || 'main' }}
75103
name: ^dist-chrome-MV3-\w{7}\.zip$
76104
name_is_regexp: true
77-
repo: jprusik/clients
105+
repo: bitwarden/clients
78106
if_no_artifact_found: fail
79107
skip_unpack: true
80108

@@ -155,7 +183,7 @@ jobs:
155183
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
156184
if: failure() && github.event.client_payload.origin_issue
157185
with:
158-
github-token: ${{ secrets.GITHUB_TOKEN }}
186+
github-token: ${{ steps.app-token.outputs.token }}
159187
script: |
160188
const owner = 'bitwarden';
161189
const featureFlags = "${{ inputs.FEATURE_FLAGS || '{}' }}";

.github/workflows/test-all.yml

Lines changed: 31 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -28,8 +28,36 @@ jobs:
2828
packages: read
2929
pull-requests: write
3030
steps:
31+
- name: Log in to Azure
32+
uses: bitwarden/gh-actions/azure-login@main
33+
with:
34+
subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
35+
tenant_id: ${{ secrets.AZURE_TENANT_ID }}
36+
client_id: ${{ secrets.AZURE_CLIENT_ID }}
37+
38+
- name: Get Azure Key Vault secrets
39+
id: get-kv-secrets
40+
uses: bitwarden/gh-actions/get-keyvault-secrets@main
41+
with:
42+
keyvault: gh-org-bitwarden
43+
secrets: "BW-GHAPP-ID,BW-GHAPP-KEY"
44+
45+
- name: Log out from Azure
46+
uses: bitwarden/gh-actions/azure-logout@main
47+
48+
- name: Generate GH App token
49+
uses: actions/create-github-app-token@30bf6253fa41bdc8d1501d202ad15287582246b4 # v2.0.3
50+
id: app-token
51+
with:
52+
app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}
53+
private-key: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-KEY }}
54+
owner: bitwarden
55+
repositories: clients
56+
permission-actions: write
57+
3158
- name: Checkout
3259
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
60+
3361
- name: Setup Node
3462
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
3563
with:
@@ -155,7 +183,7 @@ jobs:
155183
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
156184
if: failure() && github.event.client_payload.origin_issue
157185
with:
158-
github-token: ${{ secrets.GITHUB_TOKEN }}
186+
github-token: ${{ steps.app-token.outputs.token }}
159187
script: |
160188
const owner = 'bitwarden';
161189
const runURL = `https://github.com/${owner}/browser-interactions-testing/actions/runs/${context.runId}`;
@@ -181,14 +209,14 @@ jobs:
181209
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
182210
if: success() && github.event.client_payload.origin_issue
183211
with:
184-
github-token: ${{ secrets.GITHUB_TOKEN }}
212+
github-token: ${{ steps.app-token.outputs.token }}
185213
script: |
186214
const owner = 'bitwarden';
187215
const message = `⚠️ **Files have been modified in this PR that impact the Autofill experience** ⚠️
188216
189217
[BIT](https://github.com/${owner}/browser-interactions-testing) was run to verify no regressions have been introduced to the core Autofill experience.
190218
191-
✅ Fortunately, [these BIT tests have passed](https://github.com/${owner}/browser-interactions-testing/actions/runs/${context.runId})! 🎉
219+
✅ Fortunately, [these BIT tests have passed](https://github.com/${owner}/browser-interactions-testing/actions/runs/${context.runId})! 🎉`;
192220
193221
github.rest.issues.createComment({
194222
issue_number: context.payload.client_payload.origin_issue,

0 commit comments

Comments
 (0)