@@ -37,24 +37,14 @@ jobs:
3737 - uses : rancher-eio/read-vault-secrets@main
3838 with :
3939 secrets : |
40- secret/data/github/repo/${{ github.repository }}/github/app-credentials appId | APP_ID ;
41- secret/data/github/repo/${{ github.repository }}/github/app-credentials privateKey | PRIVATE_KEY
42-
43- # Fetch github token just for the charts repository
44- - uses : actions/create-github-app-token@d72941d797fd3113feb6b93fd0dec494b13a2547 # v1
45- id : app-token
46- with :
47- app-id : ${{ env.APP_ID }}
48- private-key : ${{ env.PRIVATE_KEY }}
49- repositories : |
50- charts
40+ github/token/rancher--charts--pull_requests--write token | GH_TOKEN
5141
5242name : Checkout charts repository
5343 uses : actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
5444 with :
5545 repository : ${{ github.repository_owner }}/charts
5646 ref : " ${{ env.CHARTS_REF }}"
57- token : ${{ steps.app-token.outputs.token }}
47+ token : ${{ env.GH_TOKEN }}
5848 path : charts
5949 # Allow making git push request later on
6050 persist-credentials : true
6656 git config --global user.name "$APP_USER"
6757 git config --global user.email "${user_id}+${APP_USER}@users.noreply.github.com"
6858env :
69- GH_TOKEN : ${{ steps.app-token.outputs.token }}
70- APP_USER : " ${{ steps.app-token.outputs.app-slug }} [bot]"
59+ GH_TOKEN : ${{ GH_TOKEN }}
60+ APP_USER : " rancher-pr-and-push-remotedialer-proxy [bot]"
7161
7262 - name : Install dependencies
7363 run : sudo snap install yq --channel=v4/stable
8272
8373name : Push and create pull request
8474 env :
85- GH_TOKEN : ${{ steps.app-token.outputs.token }}
75+ GH_TOKEN : ${{ GH_TOKEN }}
8676 run : |
8777 cd charts
8878 git push origin "$BRANCH"
0 commit comments