Skip to content

Commit

Permalink
BREAKING: switch to official actions/create-github-app-token
Browse files Browse the repository at this point in the history 
This deprecates support for the token_scope input for custom
actions which wasn't used anywhere anyway.

It also deprecates support for the installation_id input as
the installation will be derived from the repo owner.

The old token action is still in use to enable auto-merge where
custom token scopes were still required. This will be removed
in the future when custom permissions are supported by the new
action.

See: tibdex/github-app-token#99
See: actions/create-github-app-token#3
Resolves: #790

Change-type: major
Signed-off-by: Kyle Harding <kyle@balena.io>
  • Loading branch information
@klutchell
klutchell committed Jan 2, 2024
1 parent 66bcf43 commit bb4701c
Show file tree
Hide file tree
Showing 7 changed files with 256 additions and 628 deletions.
11 changes: 0 additions & 11 deletions .github/actions/always/action.yml
View file
Expand Up @@ -27,14 +27,3 @@ runs:
echo "${INPUTS}"
echo "${SECRETS}"
echo "${VARIABLES}"
# https://github.com/marketplace/actions/github-app-token
- name: Generate GitHub App installation token
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0
id: gh_app_installation_token
with:
app_id: ${{ fromJSON(inputs.json).app_id }}
installation_retrieval_mode: id
installation_retrieval_payload: ${{ fromJSON(inputs.json).installation_id }}
private_key: ${{ fromJSON(inputs.secrets).GH_APP_PRIVATE_KEY }}
permissions: ${{ fromJSON(inputs.json).token_scope }}
11 changes: 0 additions & 11 deletions .github/actions/clean/action.yml
View file
Expand Up @@ -27,14 +27,3 @@ runs:
echo "${INPUTS}"
echo "${SECRETS}"
echo "${VARIABLES}"
# https://github.com/marketplace/actions/github-app-token
- name: Generate GitHub App installation token
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0
id: gh_app_installation_token
with:
app_id: ${{ fromJSON(inputs.json).app_id }}
installation_retrieval_mode: id
installation_retrieval_payload: ${{ fromJSON(inputs.json).installation_id }}
private_key: ${{ fromJSON(inputs.secrets).GH_APP_PRIVATE_KEY }}
permissions: ${{ fromJSON(inputs.json).token_scope }}
11 changes: 0 additions & 11 deletions .github/actions/finalize/action.yml
View file
Expand Up @@ -27,14 +27,3 @@ runs:
echo "${INPUTS}"
echo "${SECRETS}"
echo "${VARIABLES}"
# https://github.com/marketplace/actions/github-app-token
- name: Generate GitHub App installation token
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0
id: gh_app_installation_token
with:
app_id: ${{ fromJSON(inputs.json).app_id }}
installation_retrieval_mode: id
installation_retrieval_payload: ${{ fromJSON(inputs.json).installation_id }}
private_key: ${{ fromJSON(inputs.secrets).GH_APP_PRIVATE_KEY }}
permissions: ${{ fromJSON(inputs.json).token_scope }}
11 changes: 0 additions & 11 deletions .github/actions/test/action.yml
View file
Expand Up @@ -39,14 +39,3 @@ runs:
echo "semver=$(npx -q -y -- semver -c -l "${tag}")" >> $GITHUB_OUTPUT
echo "describe=$(git describe --tags --always --dirty | cat)" >> $GITHUB_OUTPUT
echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
# https://github.com/marketplace/actions/github-app-token
- name: Generate GitHub App installation token
uses: tibdex/github-app-token@0914d50df753bbc42180d982a6550f195390069f # v2.0.0
id: gh_app_installation_token
with:
app_id: ${{ fromJSON(inputs.json).app_id }}
installation_retrieval_mode: id
installation_retrieval_payload: ${{ fromJSON(inputs.json).installation_id }}
private_key: ${{ fromJSON(inputs.secrets).GH_APP_PRIVATE_KEY }}
permissions: ${{ fromJSON(inputs.json).token_scope }}

0 comments on commit bb4701c

Please sign in to comment.