Skip to content

Commit 4725036

Browse files
deantchideantchi
authored
ci: use release bot token to release (#45)
1 parent 840b2f1 commit 4725036

File tree

1 file changed

+20
-1
lines changed

1 file changed

+20
-1
lines changed

.github/workflows/ci.yml

Lines changed: 20 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -105,16 +105,33 @@ jobs:
105105
if: always()
106106

107107
build-publish:
108+
permissions:
109+
contents: write
110+
issues: write
111+
pull-requests: write
108112
runs-on: ubuntu-latest
109113
needs:
110114
- lint
111115
- test
112116
steps:
117+
- name: Generate release bot app token
118+
id: generate_token
119+
uses: actions/create-github-app-token@v1
120+
with:
121+
app-id: ${{ secrets.HIROSYSTEMS_RELEASE_BOT_ID }}
122+
private-key: ${{ secrets.HIROSYSTEMS_RELEASE_BOT_PEM }}
123+
113124
- uses: actions/checkout@v4
114125
with:
115126
token: ${{ secrets.GH_TOKEN || secrets.GITHUB_TOKEN }}
116127
fetch-depth: 0
117128
persist-credentials: false
129+
- name: Get bot user ID
130+
id: bot-user-id
131+
run: |
132+
echo "user-id=$(gh api "/users/${{ steps.generate_token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
133+
env:
134+
GH_TOKEN: ${{ steps.generate_token.outputs.token }}
118135

119136
- uses: actions/setup-node@v4
120137
with:
@@ -131,9 +148,11 @@ jobs:
131148
# Only run on non-PR events or only PRs that aren't from forks
132149
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
133150
env:
134-
GITHUB_TOKEN: ${{ secrets.GH_TOKEN || secrets.GITHUB_TOKEN }}
151+
GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}
135152
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
136153
SEMANTIC_RELEASE_PACKAGE: ${{ github.event.repository.name }}
154+
GIT_AUTHOR_EMAIL: "${{ steps.bot-user-id.outputs.user-id }}+${{ steps.generate_token.outputs.app-slug }}[bot]@users.noreply.github.com"
155+
GIT_COMMITTER_EMAIL: "${{ steps.bot-user-id.outputs.user-id }}+${{ steps.generate_token.outputs.app-slug }}[bot]@users.noreply.github.com"
137156
with:
138157
semantic_version: 19
139158
extra_plugins: |

0 commit comments

Comments
 (0)