-
Notifications
You must be signed in to change notification settings - Fork 569
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update push-mimir-build-image.yml to use app token
- Loading branch information
1 parent
b12c2fd
commit 3d8c76a
Showing
1 changed file
with
21 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -26,10 +26,27 @@ jobs: | |
| - name: Checkout Repository | ||
| uses: actions/checkout@v4 | ||
|
|
||
| # Retrieve GitHub App Credentials from Vault | ||
| - name: Retrieve GitHub App Credentials from Vault | ||
| id: get-secrets | ||
| uses: grafana/shared-workflows/actions/[email protected] | ||
| with: | ||
| repo_secrets: | | ||
| APP_ID=mimir-github-bot:app_id | ||
| PRIVATE_KEY=mimir-github-bot:private_key | ||
| # Generate GitHub App Token | ||
| - name: Generate GitHub App Token | ||
| id: app-token | ||
| uses: actions/create-github-app-token@v1 | ||
| with: | ||
| app-id: ${{ env.APP_ID }} | ||
| private-key: ${{ env.PRIVATE_KEY }} | ||
| owner: ${{ github.repository_owner }} | ||
|
|
||
| - name: Checkout Pull Request Branch | ||
| run: gh pr checkout ${{ github.event.pull_request.number }} | ||
| env: | ||
| GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | ||
| GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} | ||
|
|
||
| - name: Setup QEMU | ||
| uses: docker/setup-qemu-action@v3 | ||
|
|
@@ -76,7 +93,7 @@ jobs: | |
| - name: Add Comment to the PR | ||
| id: notification | ||
| run: | | ||
| run: | | ||
| if [ ${{ steps.check_build.outputs.build }} == 'true' ]; then | ||
| gh pr comment $PR_NUMBER --body "**Building new version of mimir-build-image**. After image is built and pushed to Docker Hub, \ | ||
| a new commit will automatically be added to this PR with new image version \`$IMAGE:$TAG\`. This can take up to 1 hour." | ||
|
|
@@ -86,7 +103,7 @@ jobs: | |
| fi | ||
| env: | ||
| PR_NUMBER: ${{ github.event.pull_request.number }} | ||
| GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | ||
| GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} | ||
| TAG: ${{ steps.compute_hash.outputs.tag }} | ||
| IMAGE: ${{ steps.prepare.outputs.image }} | ||
|
|
||
|
|
@@ -126,6 +143,6 @@ jobs: | |
| git push origin HEAD | ||
| fi | ||
| env: | ||
| GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} | ||
| GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} | ||
| TAG: ${{ steps.compute_hash.outputs.tag }} | ||
| MAIN_TAG: ${{ steps.prepare.outputs.main_image_tag }} | ||