diff --git a/.github/workflows/add_new_versions.yml b/.github/workflows/add_new_versions.yml index 9692fce8..76552669 100644 --- a/.github/workflows/add_new_versions.yml +++ b/.github/workflows/add_new_versions.yml @@ -14,8 +14,24 @@ jobs: runs-on: ubuntu-latest steps: + - name: Read App Secrets + uses: rancher-eio/read-vault-secrets@main + with: + secrets: | + secret/data/github/repo/${{ github.repository }}/github/app-credentials appId | APP_ID ; + secret/data/github/repo/${{ github.repository }}/github/app-credentials privateKey | PRIVATE_KEY + + - name: Create App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ env.APP_ID }} + private-key: ${{ env.PRIVATE_KEY }} + - name: Checkout code uses: actions/checkout@v4 + with: + token: ${{ steps.app-token.outputs.token }} - uses: actions/setup-python@v5 with: @@ -32,25 +48,11 @@ jobs: python -u workflow_scripts/check-for-new-versions.py env: EXCLUDED_VERSIONS: "v20.10.x,v23.0.x,v25.0.x,v26.1.x" - - - name: Read App Secrets - uses: rancher-eio/read-vault-secrets@main - with: - secrets: | - secret/data/github/repo/${{ github.repository }}/github/app-credentials appId | APP_ID ; - secret/data/github/repo/${{ github.repository }}/github/app-credentials privateKey | PRIVATE_KEY - - - name: Create App Token - uses: actions/create-github-app-token@v1 - id: app-token - with: - app-id: ${{ env.APP_ID }} - private-key: ${{ env.PRIVATE_KEY }} - name: check if the PR exist if: ${{ env.PR_TITLE != '' }} env: - GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} + GH_TOKEN: ${{ steps.app-token.outputs.token }} PR_TITLE: ${{env.PR_TITLE}} run: | EXISTING_PR=$(gh pr list --limit 1500 --json title,url | jq --arg title "${PR_TITLE}" -r '.[] | select(.title==$title) | .url') @@ -88,7 +90,7 @@ jobs: id: cpr env: SOURCE_BRANCH: ${{ steps.branch.outputs.branch }} - GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} + GH_TOKEN: ${{ steps.app-token.outputs.token }} PR_TITLE: ${{env.PR_TITLE}} PR_BODY: autogenerated PR to add docker ${{env.NEW_VERSIONS}} run: |