From 6e9e4248c2b1e0a09e769424403055d5cbf5616d Mon Sep 17 00:00:00 2001 From: Devin Collins Date: Mon, 29 Jan 2024 01:20:58 -0800 Subject: [PATCH 1/2] Use PAT for publishing --- .github/workflows/shared-bump-semver-tags.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/shared-bump-semver-tags.yaml b/.github/workflows/shared-bump-semver-tags.yaml index f5d58e6..df6dde0 100644 --- a/.github/workflows/shared-bump-semver-tags.yaml +++ b/.github/workflows/shared-bump-semver-tags.yaml @@ -8,6 +8,11 @@ on: default: true required: false type: boolean + secrets: + PUBLISH_PAT: + description: "Personal Access Token for publishing packages" + required: true + type: string jobs: bump-tag-version: @@ -29,7 +34,7 @@ jobs: id: bump with: mode: bump - repo-token: ${{ secrets.GITHUB_TOKEN }} + repo-token: ${{ secrets.PUBLISH_PAT }} minor-label: minor major-label: major patch-label: patch From 5fac3258041c47bbe7f4684fd6f15100493ac2e4 Mon Sep 17 00:00:00 2001 From: Devin Collins Date: Mon, 29 Jan 2024 01:21:30 -0800 Subject: [PATCH 2/2] use PAT everywhere --- .github/workflows/shared-bump-semver-tags.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/shared-bump-semver-tags.yaml b/.github/workflows/shared-bump-semver-tags.yaml index df6dde0..da9e19a 100644 --- a/.github/workflows/shared-bump-semver-tags.yaml +++ b/.github/workflows/shared-bump-semver-tags.yaml @@ -60,4 +60,6 @@ jobs: git config user.name "$GITHUB_ACTOR" git config user.email "$GITHUB_ACTOR@users.noreply.github.com" git tag -fa v${{ steps.parse.outputs.major-version }} -m "Update v${{ steps.parse.outputs.major-version }} tag" - git push origin v${{ steps.parse.outputs.major-version }} --force \ No newline at end of file + git push origin v${{ steps.parse.outputs.major-version }} --force + env: + GITHUB_TOKEN: ${{ secrets.PUBLISH_PAT }} \ No newline at end of file