diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7f925ce..c6c8e72 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -110,11 +110,18 @@ jobs: needs: [publish_pypi, publish_docker] steps: + - name: Generate app token + id: app-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ secrets.APP_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} + - uses: actions/checkout@v4 with: ref: main fetch-depth: 0 - token: ${{ secrets.GITHUB_TOKEN }} + token: ${{ steps.app-token.outputs.token }} - name: Download bumped manifests uses: actions/download-artifact@v4 @@ -122,9 +129,11 @@ jobs: name: manifests - name: Commit and push version bump + env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} run: | git config user.name "github-actions[bot]" - git config user.email "github-actions[bot]@users.noreply.github.com" + git config user.email "41898282+github-actions[bot]@users.noreply.github.com" git add pyproject.toml uv.lock git commit -m "chore: bump version to ${VERSION#v} [skip ci]" git push origin main diff --git a/.github/workflows/update-changelog.yml b/.github/workflows/update-changelog.yml index 49ede07..9318c45 100644 --- a/.github/workflows/update-changelog.yml +++ b/.github/workflows/update-changelog.yml @@ -17,10 +17,18 @@ jobs: contents: write steps: + - name: Generate app token + id: app-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ secrets.APP_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} + - name: Checkout code uses: actions/checkout@v4 with: ref: ${{ github.event.release.target_commitish }} + token: ${{ steps.app-token.outputs.token }} - name: Update Changelog uses: stefanzweifel/changelog-updater-action@v1 @@ -29,6 +37,8 @@ jobs: release-notes: ${{ github.event.release.body }} - name: Commit updated CHANGELOG + env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} run: | git config user.name "github-actions[bot]" git config user.email "41898282+github-actions[bot]@users.noreply.github.com"