chore(ci): Use javascript-sdk-gitflow app instead of personal token (#18829)

Before submitting a pull request, please take a look at our

[Contributing](https://github.com/getsentry/sentry-javascript/blob/master/CONTRIBUTING.md)
guidelines and verify:

- [ ] If you've added code that should be tested, please add tests.
- [ ] Ensure your code lints and the test suite passes (`yarn lint`) &
(`yarn test`).
- [ ] Link an issue if there is one related to your pull request. If no
issue is linked, one will be auto-generated and linked.

Closes #issue_link_here


Closes #18830 (added automatically)

Author: oioki

.github/workflows/external-contributors.yml

@@ -35,12 +35,17 @@ jobs:
           name: ${{ github.event.pull_request.user.login }}
           author_association: ${{ github.event.pull_request.author_association }}
 
+      - name: Generate GitHub App token
+        id: app-token
+        uses: actions/create-github-app-token@v1
+        with:
+          app-id: ${{ vars.GITFLOW_APP_ID }}
+          private-key: ${{ secrets.GITFLOW_APP_PRIVATE_KEY }}
+
       - name: Create PR with changes
         uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
         with:
-          # This token is scoped to Daniel Griesser
-          # If we used the default GITHUB_TOKEN, the resulting PR would not trigger CI :(
-          token: ${{ secrets.REPO_SCOPED_TOKEN }}
+          token: ${{ steps.app-token.outputs.token }}
           commit-message: 'chore: Add external contributor to CHANGELOG.md'
           title: 'chore: Add external contributor to CHANGELOG.md'
           branch: 'external-contributor/patch-${{ github.event.pull_request.user.login }}'

.github/workflows/gitflow-sync-develop.yml

@@ -25,6 +25,13 @@ jobs:
       - name: git checkout
         uses: actions/checkout@v6
 
+      - name: Generate GitHub App token
+        id: app-token
+        uses: actions/create-github-app-token@v1
+        with:
+          app-id: ${{ vars.GITFLOW_APP_ID }}
+          private-key: ${{ secrets.GITFLOW_APP_PRIVATE_KEY }}
+
       # https://github.com/marketplace/actions/github-pull-request-action
       - name: Create Pull Request
         id: open-pr
@@ -35,8 +42,7 @@ jobs:
           pr_title: '[Gitflow] Merge ${{ env.SOURCE_BRANCH }} into ${{ env.TARGET_BRANCH }}'
           pr_body: 'Merge ${{ env.SOURCE_BRANCH }} branch into ${{ env.TARGET_BRANCH }}'
           pr_label: 'Dev: Gitflow'
-          # This token is scoped to Daniel Griesser
-          github_token: ${{ secrets.REPO_SCOPED_TOKEN }}
+          github_token: ${{ steps.app-token.outputs.token }}
 
       - name: Enable automerge for PR
         if: steps.open-pr.outputs.pr_number != ''