mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-11-19 17:41:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

.github: use personal access token for bot PRs

Browse Source 
Use a dedicated personal access token BOT_PR_TOKEN for bot PRs instead
of the default GITHUB_TOKEN. It is needed for triggering another
workflow from pull requests created by Github Actions. The default
GITHUB_TOKEN is by design not able to trigger another workflow.

See also
https://docs.github.com/en/actions/using-workflows/triggering-a-workflow#triggering-a-workflow-from-a-workflow
This commit is contained in:
Dongsu Park 2023-04-26 16:58:06 +02:00
parent bbc3ae71dd
commit 9597661ead
11 changed files with 24 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/cacerts-release.yaml vendored
View File

@ -15,7 +15,7 @@ jobs:
- name: Check out main scripts branch for GitHub workflow scripts only
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: gha
ref: main
- name: Figure out branch
@ -25,7 +25,7 @@ jobs:
if: steps.figure-out-branch.outputs.SKIP == 0
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: work
ref: ${{ steps.figure-out-branch.outputs.BRANCH }}
- name: Figure out latest ca-certificates release version
@ -58,7 +58,7 @@ jobs:
if: (steps.figure-out-branch.outputs.SKIP == 0) && (steps.apply-patch.outputs.UPDATE_NEEDED == 1)
uses: peter-evans/create-pull-request@v5
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: work
branch: "cacerts-${{ steps.nss-latest-release.outputs.NSS_VERSION }}-${{ steps.figure-out-branch.outputs.BRANCH }}"
base: ${{ steps.figure-out-branch.outputs.BRANCH }}

4
.github/workflows/containerd-release-main.yaml vendored
View File

@ -11,7 +11,7 @@ jobs:
- name: Check out scripts
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: scripts
- name: Figure out latest Containerd release version
id: containerd-latest-release
@ -40,7 +40,7 @@ jobs:
uses: peter-evans/create-pull-request@v5
if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: scripts
branch: "containerd-${{ steps.containerd-latest-release.outputs.VERSION_NEW }}-main"
base: main

4
.github/workflows/docker-release-main.yaml vendored
View File

@ -11,7 +11,7 @@ jobs:
- name: Check out scripts
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: scripts
- name: Figure out latest Docker release version
id: docker-latest-release
@ -43,7 +43,7 @@ jobs:
uses: peter-evans/create-pull-request@v5
if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: scripts
branch: docker-${{ steps.docker-latest-release.outputs.VERSION_NEW }}-main
base: main

4
.github/workflows/firmware-release-main.yaml vendored
View File

@ -11,7 +11,7 @@ jobs:
- name: Check out scripts
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: scripts
- name: Figure out latest Linux Firmware release version
id: firmware-latest-release
@ -37,7 +37,7 @@ jobs:
uses: peter-evans/create-pull-request@v5
if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: scripts
branch: firmware-${{ steps.firmware-latest-release.outputs.VERSION_NEW }}-main
base: main

4
.github/workflows/go-release-main.yaml vendored
View File

@ -11,7 +11,7 @@ jobs:
- name: Check out scripts
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: scripts
- name: Figure out latest Go release versions
id: go-latest-release
@ -38,7 +38,7 @@ jobs:
uses: peter-evans/create-pull-request@v5
if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: scripts
branch: ${{ steps.apply-patch-main.outputs.BRANCH_NAME }}
base: main

6
.github/workflows/kernel-release.yaml vendored
View File

@ -15,7 +15,7 @@ jobs:
- name: Check out main scripts branch for GitHub workflow scripts only
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: gha
ref: main
- name: Figure out branch
@ -25,7 +25,7 @@ jobs:
if: steps.figure-out-branch.outputs.SKIP == 0
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: work
ref: ${{ steps.figure-out-branch.outputs.BRANCH }}
- name: Figure out latest Linux release version
@ -59,7 +59,7 @@ jobs:
if: (steps.figure-out-branch.outputs.SKIP == 0) && (steps.apply-patch.outputs.UPDATE_NEEDED == 1)
uses: peter-evans/create-pull-request@v5
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: work
branch: "linux-${{ steps.kernel-latest-release.outputs.KERNEL_VERSION }}-${{ steps.figure-out-branch.outputs.BRANCH }}"
base: ${{ steps.figure-out-branch.outputs.BRANCH }}

4
.github/workflows/mantle-releases-main.yml vendored
View File

@ -48,7 +48,7 @@ jobs:
- uses: actions/checkout@v3
if: ${{ steps.figure-out-branch.outputs.SKIP == 0 }}
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
ref: ${{ steps.figure-out-branch.outputs.BRANCH }}
- name: Fetch latest mantle hash
if: ${{ steps.figure-out-branch.outputs.SKIP == 0 }}
@ -71,7 +71,7 @@ jobs:
if: ${{ steps.figure-out-branch.outputs.SKIP == 0 }}
uses: peter-evans/create-pull-request@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
base: ${{ steps.figure-out-branch.outputs.BRANCH }}
branch: mantle-update-${{ steps.figure-out-branch.outputs.BRANCH }}
author: Flatcar Buildbot <buildbot@flatcar-linux.org>

4
.github/workflows/runc-release-main.yaml vendored
View File

@ -11,7 +11,7 @@ jobs:
- name: Check out scripts
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: scripts
- name: Figure out latest Runc release version
id: runc-latest-release
@ -55,7 +55,7 @@ jobs:
uses: peter-evans/create-pull-request@v5
if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: scripts
branch: runc-${{ steps.runc-latest-release.outputs.VERSION_NEW }}-main
base: main

4
.github/workflows/rust-release-main.yaml vendored
View File

@ -11,7 +11,7 @@ jobs:
- name: Check out scripts
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: scripts
- name: Figure out latest Rust release version
id: rust-latest-release
@ -38,7 +38,7 @@ jobs:
uses: peter-evans/create-pull-request@v5
if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: scripts
branch: rust-${{ steps.rust-latest-release.outputs.VERSION_NEW }}-main
base: main

4
.github/workflows/update-metadata-glsa.yaml vendored
View File

@ -11,7 +11,7 @@ jobs:
- name: Check out scripts
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
- name: Update GLSA metadata
id: update-glsa-metadata
run: |
@ -24,7 +24,7 @@ jobs:
- name: Create pull request for main branch
uses: peter-evans/create-pull-request@v5
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
branch: buildbot/monthly-glsa-metadata-updates-${{steps.update-glsa-metadata.outputs.TODAYDATE }}
delete-branch: true
base: main

4
.github/workflows/vmware-release-main.yaml vendored
View File

@ -11,7 +11,7 @@ jobs:
- name: Check out scripts
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: scripts
- name: Figure out latest open-vm-tools release version
id: openvmtools-latest-release
@ -40,7 +40,7 @@ jobs:
uses: peter-evans/create-pull-request@v5
if: steps.apply-patch-main.outputs.UPDATE_NEEDED == 1
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_PR_TOKEN }}
path: scripts
branch: vmware-${{ steps.openvmtools-latest-release.outputs.VERSION_NEW }}-main
base: main