Skip to content

Commit

Permalink
Use bot token for releases (#322)
Browse files Browse the repository at this point in the history 
* Use bot token for releases

* Specify token scope

* Update scope

* Update scope
  • Loading branch information
@LitoMore
LitoMore authored Apr 12, 2024
1 parent b776aa3 commit a50bd12
Show file tree
Hide file tree
Showing 3 changed files with 35 additions and 26 deletions.
14 changes: 8 additions & 6 deletions .github/workflows/auto-release.yml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,6 @@
name: Automated Releases
on: workflow_dispatch

permissions:
contents: write

# This Workflow is triggered through the GitHub API:
# curl -X Post \
# -H "Authorization: Bearer <token>" \
Expand All @@ -16,6 +13,11 @@ jobs:
name: Automated release
runs-on: ubuntu-latest
steps:
- uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ vars.BOT_APP_ID }}
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
- name: Checkout
uses: actions/checkout@v4
with:
Expand All @@ -35,8 +37,8 @@ jobs:
- name: Commit updates
run: |
# Set up git credential
git config --global user.email "github-actions[bot]@users.noreply.github.com"
git config --global user.name "github-actions[bot]"
git config --global user.email "simple-icons[bot]@users.noreply.github.com"
git config --global user.name "simple-icons[bot]"
# Create a commit for the simple-icons dependency update
git add .
Expand All @@ -45,7 +47,7 @@ jobs:
run: |
# Set up remote using a Personal Access Token
git remote remove origin
git remote add origin https://${{secrets.RELEASE_TOKEN}}@github.com/simple-icons/simple-icons-website.git
git remote add origin https://${{ steps.app-token.outputs.token }}@github.com/simple-icons/simple-icons-website.git
# Push updates to origin
git push origin master
21 changes: 12 additions & 9 deletions .github/workflows/publish.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,16 @@ on:
push:
branches: [master]

permissions:
contents: write

jobs:
publish-website:
runs-on: ubuntu-latest
name: Publish Website
steps:
- uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ vars.BOT_APP_ID }}
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
- name: Checkout
uses: actions/checkout@v4
with:
Expand All @@ -20,14 +22,14 @@ jobs:
with:
node-version: 20.x
- name: Cache dependencies
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Cache build
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: .cache/webpack
key: ${{ runner.os }}-build-${{ hashFiles('**/package-lock.json') }}
Expand All @@ -36,14 +38,15 @@ jobs:
- name: Install dependencies
run: npm ci
- name: Build Website
run: npm run build
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
run: npm run build
- name: Deploy
uses: JamesIves/github-pages-deploy-action@v4
with:
token: ${{ steps.app-token.outputs.token }}
branch: gh-pages
folder: _site
single-commit: true
git-config-name: github-actions[bot]
git-config-email: github-actions[bot]@users.noreply.github.com
git-config-name: simple-icons[bot]
git-config-email: simple-icons[bot]@users.noreply.github.com
26 changes: 15 additions & 11 deletions .github/workflows/verify.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,6 @@ on:
- master
pull_request:

permissions:
contents: read

jobs:
build:
name: Build website
Expand All @@ -20,14 +17,14 @@ jobs:
with:
node-version: 20.x
- name: Cache dependencies
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Cache build
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: .cache/webpack
key: ${{ runner.os }}-build-${{ hashFiles('**/package-lock.json') }}
Expand All @@ -48,7 +45,7 @@ jobs:
with:
node-version: 20.x
- name: Cache dependencies
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
Expand All @@ -63,28 +60,35 @@ jobs:
needs: [build]
runs-on: ubuntu-latest
steps:
- uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ vars.BOT_APP_ID }}
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
owner: 'simple-icons'
repositories: 'simple-icons,simple-icons-website'
- name: Checkout
uses: actions/checkout@v4
- name: Use Node.js 20.x
uses: actions/setup-node@v4
with:
node-version: 20.x
- name: Cache dependencies
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- name: Cache build
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: .cache/webpack
key: ${{ runner.os }}-build-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-
- name: Cache Jest
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: .cache/jest
key: ${{ runner.os }}-jest-${{ hashFiles('package-lock.json') }}-${{ github.run_number }}
Expand All @@ -96,9 +100,9 @@ jobs:
- name: Run unit tests
run: npm run test:unit
- name: Run end-to-end tests
run: npm run test:e2e -- --runInBand
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
run: npm run test:e2e -- --runInBand
- name: Upload test screenshots
uses: actions/upload-artifact@v4
with:
Expand Down

0 comments on commit a50bd12

Please sign in to comment.