Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 12 additions & 11 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -62,8 +62,8 @@ jobs:
- name: Build
run: pnpm build

- uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
id: app-token
- uses: ./.github/actions/setup-bot-auth
id: bot-auth
with:
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
Expand All @@ -74,7 +74,8 @@ jobs:
id: changesets
uses: ./version
with:
github-token: ${{ steps.app-token.outputs.token }}
github-token: ${{ steps.bot-auth.outputs.token }}
setup-git-user: false
script: pnpm bump

publish:
Expand All @@ -87,13 +88,6 @@ jobs:
permissions:
contents: write # to create release and have it authored by github-actions (changesets/action)
steps:
- uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
id: app-token
with:
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
permission-contents: write # to bypass branch and tag protection rules (release.ts)

- name: Check out repo
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
with:
Expand All @@ -106,8 +100,15 @@ jobs:
- name: Build
run: pnpm build

- uses: ./.github/actions/setup-bot-auth

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This now creates the git identity. It usually would be created in our root action and the custom publish script would then use that - but since the split publishing PR we lost that as the git identity setup is not implemented in /publish subaction (as it's not really needed there)

id: bot-auth
with:
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
permission-contents: write # to bypass branch and tag protection rules (release.ts)

- name: Publish to marketplace
uses: ./publish
with:
github-token: ${{ steps.app-token.outputs.token }}
github-token: ${{ steps.bot-auth.outputs.token }}
script: pnpm release
19 changes: 7 additions & 12 deletions .github/workflows/release-pr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -122,13 +122,6 @@ jobs:
pull-requests: write # to comment on the pull request with the release result (changesets/action)

steps:
- uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
id: app-token
with:
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
permission-contents: write # to push the release snapshot branch (release-pr.ts)

- name: Check out repo
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
with:
Expand Down Expand Up @@ -173,15 +166,17 @@ jobs:
- name: Build
run: pnpm build

- name: Setup Git user
run: |
git config --global user.name "github-actions[bot]"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
- uses: ./.github/actions/setup-bot-auth
id: bot-auth
with:
client-id: ${{ vars.APP_CLIENT_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
permission-contents: write # to push the release snapshot branch (release-pr.ts)

- name: Release snapshot version
run: pnpm release:pr
env:
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
GITHUB_TOKEN: ${{ steps.bot-auth.outputs.token }}

- name: Add success reaction
run: gh api "/repos/$GH_REPO/issues/comments/$COMMENT_ID/reactions" -f content='rocket'
Expand Down