chore(ci): Fix workflow secrets (#656)

el-virt · web-flow · commit fe1c82bcd62c · 2025-06-27T14:39:07.000-04:00
diff --git a/.github/workflows/build-and-test.yaml b/.github/workflows/build-and-test.yaml
@@ -14,5 +14,4 @@ jobs:
   build-and-test:
     uses: opentdf/web-sdk/.github/workflows/reusable_build-and-test.yaml@main
     secrets:
-      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
diff --git a/.github/workflows/deliver.yaml b/.github/workflows/deliver.yaml
@@ -20,4 +20,4 @@ jobs:
       pages: write
     uses: opentdf/web-sdk/.github/workflows/reusable_deliver.yaml@main
     secrets:
-      NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+      NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
diff --git a/.github/workflows/reusable_build-and-test.yaml b/.github/workflows/reusable_build-and-test.yaml
@@ -8,6 +8,9 @@ env:
 
 on:
   workflow_call:
+    secrets:
+      SONAR_TOKEN:
+        required: true
 
 jobs:
   ccc:
@@ -83,7 +86,7 @@ jobs:
         if: fromJSON(env.do_sonarscan)
         uses: SonarSource/sonarqube-scan-action@2500896589ef8f7247069a56136f8dc177c27ccf #v5.2.0
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ github.token }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 
   cli:
diff --git a/.github/workflows/reusable_deliver.yaml b/.github/workflows/reusable_deliver.yaml
@@ -2,6 +2,9 @@ name: "Reusable worflow: Deliver Client to npm registry"
 
 on:
   workflow_call:
+    secrets:
+      NPM_TOKEN:
+        required: true
 
 # Default empty permissions for all jobs
 permissions: {}
