Skip to content

Replace token with ssh-key in release workflow #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
OhYee merged 1 commit into from
Dec 2, 2025
Merged

Replace token with ssh-key in release workflow #8

OhYee merged 1 commit into from
Dec 2, 2025

Conversation

@OhYee
Copy link
Contributor

@OhYee OhYee commented Dec 2, 2025

Thank you for creating a pull request to contribute to Serverless Devs agentrun-sdk-python code! Before you open the request please answer the following questions to help it be more easily integrated. Please check the boxes "[ ]" with "[x]" when done too.
Please select one of the PR types below to complete

Fix bugs

Bug detail

The specific manifestation of the bug or the associated issue.

Pull request tasks

  • Add test cases for the changes
  • Passed the CI test

Update docs

Reason for update

Why do you need to update your documentation?

Pull request tasks

  • Update Chinese documentation
  • Update English documentation

Add contributor

Contributed content

  • Code
  • Document

Content detail

if content_type == 'code' || content_type == 'document':
    please tell us `PR url`,like: https://github.com/Serverless-Devs/agentrun-sdk-python/pull/1
else:
    please describe your contribution in detail

Others

Reason for update

Why do you need to update your documentation?

@OhYee
Replace token with ssh-key in release workflow
660edae 
Signed-off-by: OhYee <kongchenhao.kch@alibaba-inc.com>
Copilot AI review requested due to automatic review settings December 2, 2025 10:17
@OhYee OhYee merged commit e8e1fdc into main Dec 2, 2025
3 checks passed
Copilot finished reviewing on behalf of OhYee December 2, 2025 10:18
Copilot AI reviewed Dec 2, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request changes the authentication method for the actions/checkout@v4 action in the release workflow by replacing the token parameter with ssh-key.

Key Changes

  • Modified the actions/checkout@v4 configuration to use ssh-key instead of token parameter with the DEPLOY_KEY secret

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

.github/workflows/release.yml
- uses: actions/checkout@v4
with:
token: ${{ secrets.DEPLOY_KEY }}
ssh-key: ${{ secrets.DEPLOY_KEY }}
Copy link

Copilot AI Dec 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The change from token to ssh-key is likely incorrect. The actions/checkout@v4 action uses different parameters for different authentication methods:

  • token: for GitHub Personal Access Tokens (PATs)
  • ssh-key: for SSH private keys

If DEPLOY_KEY is a GitHub PAT (which is typical for secrets with this name), it should remain as token. If DEPLOY_KEY is actually an SSH private key, then:

  1. This change is correct, but the secret should be renamed to clarify it's an SSH key (e.g., DEPLOY_SSH_KEY)
  2. The SSH key must be in the proper private key format

Please verify which type of credential DEPLOY_KEY contains and use the appropriate parameter.

Suggested change
ssh-key: ${{ secrets.DEPLOY_KEY }}
token: ${{ secrets.DEPLOY_KEY }}

Copilot uses AI. Check for mistakes.
@OhYee OhYee deleted the using-ssh-key branch December 5, 2025 02:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@OhYee