5353 pull-requests : write
5454 runs-on : ubuntu-latest
5555 steps :
56+ - name : ' Generate token'
57+ id : app-token
58+ uses : actions/create-github-app-token@v2
59+ with :
60+ app-id : ${{ secrets.BOT_APP_ID }}
61+ private-key : ${{ secrets.BOT_PRIVATE_KEY }}
62+ permission-issues : write
63+ permission-administration : write
64+ permission-contents : write
65+ permission-pull-requests : write
66+
67+ - name : Get GitHub App User ID
68+ id : get-user-id
69+ run : |
70+ echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
71+ env :
72+ GH_TOKEN : ${{ steps.app-token.outputs.token }}
73+ - id : committer
74+ run : echo "string=${{ steps.app-token.outputs.app-slug }}[bot] <${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com>" >> "$GITHUB_OUTPUT"
75+ - run : echo "committer string is ${{ steps.committer.outputs.string }}"
76+
77+ - name : Set global username and email
78+ run : |
79+ git config --global user.name '${{ steps.app-token.outputs.app-slug }}[bot]'
80+ git config --global user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com'
81+
82+ name : Debug auth
83+ run : |
84+ curl -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ steps.app-token.outputs.token }}" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/user
85+
5686name : Checkout
5787 uses : actions/checkout@v4
88+ with :
89+ token : ${{ steps.app-token.outputs.token }}
90+ ref : ${{ github.head_ref }}
91+ # Make sure the value of GITHUB_TOKEN will not be persisted in repo's config
92+ persist-credentials : false
5893
5994 - name : Use Node.js
6095 uses : actions/setup-node@v4
80115
81116 - name : Run Semantic Release
82117 env :
83- GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
118+ GITHUB_TOKEN : ${{ steps.app-token.outputs.token }}
84119 NPM_TOKEN : ${{ secrets.NPM_TOKEN }}
85120 run : npx semantic-release
0 commit comments