Skip to content

ci: use primer integration app for status checks #7158

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 7, 2025
Merged

ci: use primer integration app for status checks #7158

merged 2 commits into from
Nov 7, 2025

Conversation

@joshblack
Copy link
Member

@joshblack joshblack commented Nov 6, 2025

Use the Primer Integration App for setting status checks so that required checks come from the same source.

Changelog

New

Changed

  • Use the Primer Integration App for setting status checks from github-ui

Removed

Rollout strategy

  • None; if selected, include a brief description as to why

Update our workflow to use the Primer Integration App token for setting status checks. This should help fix our issues when requiring these status checks but GitHub Actions is reporting on them.

@changeset-bot
Copy link

changeset-bot bot commented Nov 6, 2025
edited
Loading

⚠️ No Changeset found

Latest commit: 34f79fd

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@joshblack joshblack added the integration-tests: skipped manually Changes in this PR do not require an integration test label Nov 6, 2025
@github-actions github-actions bot added the staff Author is a staff member label Nov 6, 2025
@joshblack joshblack added the skip changeset This change does not need a changelog label Nov 6, 2025
@joshblack joshblack marked this pull request as ready for review November 6, 2025 21:51
@joshblack joshblack requested a review from a team as a code owner November 6, 2025 21:51
Copilot AI reviewed Nov 6, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates the status-checks workflow to use a GitHub App token instead of the default GITHUB_TOKEN for setting commit statuses when integration tests are skipped manually.

  • Adds GitHub App token generation step using create-github-app-token action
  • Replaces GITHUB_TOKEN with the generated app token for API operations

.github/workflows/status-checks.yml
uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
with:
app-id: 902635
owner: 'primer'
Copy link

Copilot AI Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The repositories parameter should be added to the create-github-app-token action configuration to limit the token scope. Other workflows in this repository (e.g., .github/workflows/lock-release.yml) follow the pattern of including repositories: react when specifying owner: primer. This follows the principle of least privilege by restricting the token to only the necessary repository.

Suggested addition:

with:
  app-id: 902635
  owner: 'primer'
  repositories: react
  private-key: ${{ secrets.PRIMER_INTEGRATION_APP_PRIVATE_KEY }}
Suggested change
owner: 'primer'
owner: 'primer'
repositories: react

Copilot uses AI. Check for mistakes.
@github-actions github-actions bot requested a deployment to storybook-preview-7158 November 6, 2025 21:54 Abandoned
@siddharthkp siddharthkp added this pull request to the merge queue Nov 7, 2025
Merged via the queue into main with commit f66be9c Nov 7, 2025
59 of 60 checks passed
@siddharthkp siddharthkp deleted the joshblack-patch-3 branch November 7, 2025 03:25
pksjce pushed a commit that referenced this pull request Nov 11, 2025
@joshblack @pksjce
ci: use primer integration app for status checks (#7158)
982132b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@llastflowers llastflowers llastflowers approved these changes

@siddharthkp siddharthkp Awaiting requested review from siddharthkp siddharthkp is a code owner automatically assigned from primer/engineer-reviewers

Assignees

No one assigned

Labels

integration-tests: skipped manually Changes in this PR do not require an integration test skip changeset This change does not need a changelog staff Author is a staff member

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@joshblack @llastflowers @siddharthkp