From 760281826c541a3e49b6c4d2850e5f0a6a944580 Mon Sep 17 00:00:00 2001 From: Mike McQuaid Date: Tue, 6 Apr 2021 13:40:44 +0100 Subject: [PATCH] Update token usage - Move to `GITHUB_TOKEN` where possible - Move from `HOMEBREW_GITHUB_API_TOKEN` to `HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN` --- .github/workflows/autopublish.yml | 2 +- .github/workflows/dispatch-build-bottle.yml | 6 +++--- .github/workflows/dispatch-rebottle.yml | 6 +++--- .github/workflows/linux-dispatch-build-bottle.yml | 6 +++--- .github/workflows/publish-commit-bottles.yml | 10 +++++----- .github/workflows/remove-disabled-formulae.yml | 2 +- .github/workflows/triage.yml | 6 +++--- 7 files changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/autopublish.yml b/.github/workflows/autopublish.yml index c3a72c2906e..7be6f76391e 100644 --- a/.github/workflows/autopublish.yml +++ b/.github/workflows/autopublish.yml @@ -20,5 +20,5 @@ jobs: - name: Run automerge env: - HOMEBREW_GITHUB_API_TOKEN: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + HOMEBREW_GITHUB_API_TOKEN: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} run: brew pr-automerge --verbose --publish --autosquash diff --git a/.github/workflows/dispatch-build-bottle.yml b/.github/workflows/dispatch-build-bottle.yml index 21db1341d6e..dcf8c5215cc 100644 --- a/.github/workflows/dispatch-build-bottle.yml +++ b/.github/workflows/dispatch-build-bottle.yml @@ -102,7 +102,7 @@ jobs: if: ${{!success() && github.event.inputs.issue > 0}} uses: Homebrew/actions/post-comment@master with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} issue: ${{github.event.inputs.issue}} body: ":x: @${{github.actor}} bottle request for ${{github.event.inputs.formula}} [failed](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." bot_body: ":x: Bottle request for ${{github.event.inputs.formula}} [failed](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." @@ -162,7 +162,7 @@ jobs: - name: Push commits uses: Homebrew/actions/git-try-push@master with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} env: GIT_COMMITTER_NAME: BrewTestBot GIT_COMMITTER_EMAIL: 1589480+BrewTestBot@users.noreply.github.com @@ -172,7 +172,7 @@ jobs: if: ${{!success() && github.event.inputs.issue > 0}} uses: Homebrew/actions/post-comment@master with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} issue: ${{github.event.inputs.issue}} body: ":x: @${{github.actor}} bottle request for ${{github.event.inputs.formula}} [failed](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." bot_body: ":x: Bottle request for ${{github.event.inputs.formula}} [failed](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." diff --git a/.github/workflows/dispatch-rebottle.yml b/.github/workflows/dispatch-rebottle.yml index 8d461b622b6..a3c9e0c48bf 100644 --- a/.github/workflows/dispatch-rebottle.yml +++ b/.github/workflows/dispatch-rebottle.yml @@ -103,7 +103,7 @@ jobs: if: ${{!success() && github.event.inputs.issue > 0}} uses: Homebrew/actions/post-comment@master with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} issue: ${{github.event.inputs.issue}} body: ":x: @${{github.actor}} bottle request for ${{github.event.inputs.formula}} [failed](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." bot_body: ":x: Bottle request for ${{github.event.inputs.formula}} [failed](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." @@ -163,7 +163,7 @@ jobs: - name: Push commits uses: Homebrew/actions/git-try-push@master with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} env: GIT_COMMITTER_NAME: BrewTestBot GIT_COMMITTER_EMAIL: 1589480+BrewTestBot@users.noreply.github.com @@ -173,7 +173,7 @@ jobs: if: ${{!success() && github.event.inputs.issue > 0}} uses: Homebrew/actions/post-comment@master with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.GITHUB_TOKEN}} issue: ${{github.event.inputs.issue}} body: ":x: @${{github.actor}} bottle request for ${{github.event.inputs.formula}} [failed](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." bot_body: ":x: Bottle request for ${{github.event.inputs.formula}} [failed](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." diff --git a/.github/workflows/linux-dispatch-build-bottle.yml b/.github/workflows/linux-dispatch-build-bottle.yml index ceea5e80471..e5da97117b0 100644 --- a/.github/workflows/linux-dispatch-build-bottle.yml +++ b/.github/workflows/linux-dispatch-build-bottle.yml @@ -86,7 +86,7 @@ jobs: if: ${{!success() && github.event.inputs.issue > 0}} uses: Homebrew/actions/post-comment@master with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} issue: ${{github.event.inputs.issue}} body: ":x: @${{github.actor}} bottle request for ${{github.event.inputs.formula}} [failed](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." bot_body: ":x: Bottle request for ${{github.event.inputs.formula}} [failed](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." @@ -137,7 +137,7 @@ jobs: - name: Push commits uses: Homebrew/actions/git-try-push@master with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} env: GIT_COMMITTER_NAME: BrewTestBot GIT_COMMITTER_EMAIL: 1589480+BrewTestBot@users.noreply.github.com @@ -147,7 +147,7 @@ jobs: if: ${{!success() && github.event.inputs.issue > 0}} uses: Homebrew/actions/post-comment@master with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} issue: ${{github.event.inputs.issue}} body: ":x: @${{github.actor}} bottle request for ${{github.event.inputs.formula}} [failed](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." bot_body: ":x: Bottle request for ${{github.event.inputs.formula}} [failed](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." diff --git a/.github/workflows/publish-commit-bottles.yml b/.github/workflows/publish-commit-bottles.yml index bdc2ea94314..961da91856d 100644 --- a/.github/workflows/publish-commit-bottles.yml +++ b/.github/workflows/publish-commit-bottles.yml @@ -20,7 +20,7 @@ jobs: - name: Post comment once started uses: Homebrew/actions/post-comment@master with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} issue: ${{github.event.inputs.pull_request}} body: ":shipit: @${{github.actor}} has [triggered a merge](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." bot_body: ":robot: A scheduled task has [triggered a merge](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." @@ -64,7 +64,7 @@ jobs: - name: Pull bottles env: - HOMEBREW_GITHUB_API_TOKEN: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + HOMEBREW_GITHUB_API_TOKEN: ${{secrets.GITHUB_TOKEN}} HOMEBREW_GPG_PASSPHRASE: ${{ secrets.BREWTESTBOT_GPG_SIGNING_SUBKEY_PASSPHRASE }} HOMEBREW_BINTRAY_USER: brewtestbot HOMEBREW_BINTRAY_KEY: ${{secrets.HOMEBREW_BINTRAY_KEY}} @@ -81,7 +81,7 @@ jobs: - name: Push commits uses: Homebrew/actions/git-try-push@master with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.GITHUB_TOKEN}} env: GIT_COMMITTER_NAME: BrewTestBot GIT_COMMITTER_EMAIL: 1589480+BrewTestBot@users.noreply.github.com @@ -91,7 +91,7 @@ jobs: if: ${{!success()}} uses: Homebrew/actions/post-comment@master with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} issue: ${{github.event.inputs.pull_request}} body: ":warning: @${{github.actor}} bottle publish [failed](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." bot_body: ":warning: Bottle publish [failed](${{github.event.repository.html_url}}/actions/runs/${{github.run_id}})." @@ -101,7 +101,7 @@ jobs: if: ${{!success()}} uses: Homebrew/actions/dismiss-approvals@master with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} pr: ${{github.event.inputs.pull_request}} message: "bottle publish failed" diff --git a/.github/workflows/remove-disabled-formulae.yml b/.github/workflows/remove-disabled-formulae.yml index 283ec93546a..46aa499a060 100644 --- a/.github/workflows/remove-disabled-formulae.yml +++ b/.github/workflows/remove-disabled-formulae.yml @@ -37,7 +37,7 @@ jobs: if: ${{ steps.remove_disabled.outputs.formulae-removed == 'true' }} uses: peter-evans/create-pull-request@45c510e1f68ba052e3cd911f661a799cfb9ba3a3 with: - token: ${{ secrets.HOMEBREW_GITHUB_API_TOKEN }} + token: ${{ secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN }} branch: remove-disabled-formulae title: Remove disabled formulae body: > diff --git a/.github/workflows/triage.yml b/.github/workflows/triage.yml index 7161c82fbf2..3f4a81a60be 100644 --- a/.github/workflows/triage.yml +++ b/.github/workflows/triage.yml @@ -9,17 +9,17 @@ jobs: - name: Check commit format uses: Homebrew/actions/check-commit-format@master with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} - name: Cancel previous runs uses: Homebrew/actions/cancel-previous-runs@master if: always() with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} - name: Label pull request uses: Homebrew/actions/label-pull-requests@master if: always() with: - token: ${{secrets.HOMEBREW_GITHUB_API_TOKEN}} + token: ${{secrets.HOMEBREW_GITHUB_PUBLIC_REPO_TOKEN}} def: | [ {