Skip to content

Commit 16ee364

Browse files
koki-developkoki-develop
committed
chore(ci): use GitHub App token for goreleaser releases
Replace TAP_GITHUB_TOKEN with token from actions/create-github-app-token. Improves security by using a GitHub App token.
1 parent 076194c commit 16ee364

File tree

1 file changed

+10
-1
lines changed

1 file changed

+10
-1
lines changed

.github/workflows/release-please.yml

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,16 @@ jobs:
4747
persist-credentials: false
4848
fetch-depth: 0
4949
- uses: ./.github/actions/setup
50+
- uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2.2.0
51+
id: app-token
52+
with:
53+
app-id: ${{ secrets.HOMEBREW_TAP_APP_ID }}
54+
private-key: ${{ secrets.HOMEBREW_TAP_APP_PRIVATE_KEY }}
55+
owner: ${{ github.repository_owner }}
56+
repositories: homebrew-tap
57+
permission-contents: write
58+
5059
- run: goreleaser release --clean
5160
env:
5261
GITHUB_TOKEN: ${{ github.token }}
53-
TAP_GITHUB_TOKEN: ${{ secrets.TAP_GITHUB_TOKEN }}
62+
TAP_GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}

0 commit comments

Comments
 (0)