v0.2.4
Immutable
release. Only release title and notes can be modified.
Issues | Pull Requests | v0.2.3...v0.2.4
Features
#79 Add read_checksum_token input to allow custom token for aqua update-checksum @iwata
This action didn't have any input to pass GitHub Access Tokens, so you needed to pass a GitHub Access Token via environment variable GITHUB_TOKEN.
- uses: aquaproj/update-checksum-action@0fef5fa12e81e046bb29078f76b99bb29fa4e696 # v0.2.3
env:
GITHUB_TOKEN: ${{steps.generate_token.outputs.token}}But this action uses GitHub Access token for two purposes.
- aqua update-checksum: It may access private registries and packages.
contents: read - push a commit by ghcp: It may access a private repository
contents: write
These two purposes requires different permissions and scopes.
Especially, contents:write for private registries and packages is undesirable.
As of v0.2.4, you can pass a GitHub access token for aqua update-checksum via the input read_checksum_token.
So, you can pass two different access tokens.
e.g.
- uses: aquaproj/update-checksum-action@0fef5fa12e81e046bb29078f76b99bb29fa4e696 # v0.2.3
with:
read_checksum_token: ${{steps.generate_token.outputs.token}} # Token for `aqua update-checksum`
env:
GITHUB_TOKEN: ${{ github.token }} # Token for pushing a commitread_checksum_token is optional. By default, AQUA_GITHUB_TOKEN or GITHUB_TOKEN is used.