From 7efcca8f19304fe063cc239c0c1e2d7f3783149d Mon Sep 17 00:00:00 2001 From: Luis Rosales Date: Tue, 28 Nov 2023 14:20:01 +0100 Subject: [PATCH] Feat/86 make token configurable via new secret GITHUB_USER_TOKEN (#87) * feat: make token configurable in release process Closes #86 * chore: change the name of the variable used in the workflow * chore: remove default since it is not supported * chore: test simple config * chore: not persisting credentials on checkout * fix: adding missing github dependency * chore: add defaults again * chore: setting to false * chore: making token mandatory * chore: default to the github token * chore: test removing github plugin * chore: testing removing the persist credentials * chore: returning back persist creds as it is needed * docs: hide underlaying implementation * docs: adding documentation regarding the USER_TOKEN secret configuration * docs: Update docs/automatic-release.md Co-authored-by: Philipp Bammes <8144115+tyrann0us@users.noreply.github.com> Signed-off-by: Luis Rosales * chore: Update .github/workflows/automatic-release.yml Co-authored-by: Erika Gili Signed-off-by: Luis Rosales * docs: better default value * chore: align name of variable * chore: fix table format, enhanced some texts * Apply suggestions from code review Co-authored-by: Philipp Bammes <8144115+tyrann0us@users.noreply.github.com> Signed-off-by: Christian Leucht <3417446+Chrico@users.noreply.github.com> --------- Signed-off-by: Luis Rosales Signed-off-by: Christian Leucht <3417446+Chrico@users.noreply.github.com> Co-authored-by: Philipp Bammes <8144115+tyrann0us@users.noreply.github.com> Co-authored-by: Erika Gili Co-authored-by: Christian Leucht <3417446+Chrico@users.noreply.github.com> --- .github/workflows/automatic-release.yml | 8 +++++++- docs/automatic-release.md | 9 ++++++--- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/.github/workflows/automatic-release.yml b/.github/workflows/automatic-release.yml index 28655121..ad69e758 100644 --- a/.github/workflows/automatic-release.yml +++ b/.github/workflows/automatic-release.yml @@ -7,6 +7,10 @@ on: default: 18 required: false type: string + secrets: + GITHUB_USER_TOKEN: + description: Authentication token with write permission needed by the release bot (falls back to GITHUB_TOKEN). + required: false jobs: release: @@ -31,6 +35,8 @@ jobs: - name: Checkout uses: actions/checkout@v4 + with: + persist-credentials: false - name: Check presence of release.config.js run: | @@ -57,5 +63,5 @@ jobs: - name: Release env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_USER_TOKEN != '' && secrets.GITHUB_USER_TOKEN || secrets.GITHUB_TOKEN }} run: npx semantic-release diff --git a/docs/automatic-release.md b/docs/automatic-release.md index 91925525..6c2ce7c8 100644 --- a/docs/automatic-release.md +++ b/docs/automatic-release.md @@ -44,9 +44,10 @@ jobs: #### Inputs -| Name | Default | Description | -|----------------|---------|------------------------------------------------------| -| `NODE_VERSION` | 18 | Node version with which the release will be executed | +| Name | Required | Default | Description | +|---------------------|----------|---------|---------------------------------------------------------------------------------------------------| +| `NODE_VERSION` | false |18 | Node version with which the release will be executed | +| `GITHUB_USER_TOKEN` | false |`''` | Authentication token with write permission needed by the release bot (falls back to GITHUB_TOKEN) | **Example with configuration parameters:** @@ -62,4 +63,6 @@ jobs: uses: inpsyde/reusable-workflows/.github/workflows/automatic-release.yml@main with: NODE_VERSION: 16 + secrets: + GITHUB_USER_TOKEN: ${{ secrets.WRITE_TOKEN }} ```