feat: normalize secret input keys to UPPER_SNAKE_CASE#69
Conversation
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
This PR standardizes secret-related action input keys across the repository by renaming them from kebab-case to UPPER_SNAKE_CASE, and updates all internal callers and documentation accordingly.
Changes:
- Renamed secret inputs in multiple
action.yamlfiles (e.g.,github-token→GITHUB_TOKEN,app-private-key→APP_PRIVATE_KEY,codecov-token→CODECOV_TOKEN). - Updated
.github/workflows/*callers (test workflows + release workflow) to pass the new input keys. - Updated action READMEs and
CONTRIBUTING.mdto document the new convention (kebab-case for non-secret inputs, UPPER_SNAKE_CASE for secret inputs).
Reviewed changes
Copilot reviewed 20 out of 20 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| upsert-issue/README.md | Updates documented token input name to GITHUB_TOKEN. |
| upsert-issue/action.yaml | Renames token input key and updates inputs.* references. |
| setup-go-toolchain/README.md | Updates documented token input name to GITHUB_TOKEN and usage examples. |
| setup-go-toolchain/action.yaml | Renames token input key and updates step if / env references. |
| run-dotnet-tests/README.md | Renames secret inputs in docs/examples to APP_PRIVATE_KEY, GITHUB_TOKEN, CODECOV_TOKEN. |
| run-dotnet-tests/action.yaml | Renames secret inputs and updates all inputs.* references in steps/conditions. |
| login-to-ghcr/README.md | Updates documented token input name to GITHUB_TOKEN and usage example. |
| login-to-ghcr/action.yaml | Renames token input key and updates inputs.* reference. |
| create-issues-from-todos/README.md | Updates documented app private key input name to APP_PRIVATE_KEY. |
| create-issues-from-todos/action.yaml | Renames app private key input key and updates inputs.* reference. |
| CONTRIBUTING.md | Documents the new split convention: kebab-case for non-secret vs UPPER_SNAKE_CASE for secret inputs. |
| approve-pr/README.md | Updates documented app private key input name to APP_PRIVATE_KEY. |
| approve-pr/action.yaml | Renames app private key input key and updates inputs.* reference. |
| .github/workflows/test-upsert-issue.yaml | Updates caller to pass GITHUB_TOKEN. |
| .github/workflows/test-setup-go-toolchain.yaml | Updates caller to pass GITHUB_TOKEN. |
| .github/workflows/test-run-dotnet-tests.yaml | Updates caller to pass APP_PRIVATE_KEY and GITHUB_TOKEN. |
| .github/workflows/test-login-to-ghcr.yaml | Updates caller to pass GITHUB_TOKEN. |
| .github/workflows/test-create-issues-from-todos.yaml | Updates caller to pass APP_PRIVATE_KEY. |
| .github/workflows/test-approve-pr.yaml | Updates caller to pass APP_PRIVATE_KEY. |
| .github/workflows/active-release.yaml | Updates reusable workflow secret key to APP_PRIVATE_KEY. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| if: inputs.CODECOV_TOKEN != '' | ||
| uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2 | ||
| with: | ||
| files: ${{ steps.get_coverage_files.outputs.COVERAGE_FILES }} |
There was a problem hiding this comment.
On Windows, get_coverage_files is skipped (only get_coverage_files_windows runs), but the Codecov upload still references steps.get_coverage_files.outputs.COVERAGE_FILES. This will be empty/undefined on Windows and can cause missing uploads or failures. Consider unifying both steps under a single id, or selecting the correct output based on matrix.os (e.g., prefer the Windows step output when running on Windows).
| files: ${{ steps.get_coverage_files.outputs.COVERAGE_FILES }} | |
| files: ${{ matrix.os == 'windows-latest' && steps.get_coverage_files_windows.outputs.COVERAGE_FILES || steps.get_coverage_files.outputs.COVERAGE_FILES }} |
|
🎉 This PR is included in version 2.1.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Summary
Renames all secret input keys in action definitions, test workflows, and documentation from
kebab-casetoUPPER_SNAKE_CASE, consistent with how secrets are referenced via${{ secrets.SECRET_NAME }}.Changes
Action definitions (
action.yaml)APP_PRIVATE_KEYCODECOV_TOKENAPP_PRIVATE_KEYGITHUB_TOKENGITHUB_TOKENGITHUB_TOKENCallers (
.github/workflows/)active-release.yamland alltest-*.yamlworkflows to use new key namesDocumentation
README.mdinput tables and usage examplesCONTRIBUTING.mdnaming convention guidance to distinguish secret vs non-secret inputs