From 163789ffb1dc1e0626e6a97e52ba72197445dc04 Mon Sep 17 00:00:00 2001
From: Joshua Tang <joshuaystang@gmail.com>
Date: Sun, 14 Jan 2024 10:37:59 +1100
Subject: [PATCH] ci(release): use github app token (#277)

---
 .github/workflows/github_actions.yml | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/github_actions.yml b/.github/workflows/github_actions.yml
index 7101ed1..2cc8bf0 100644
--- a/.github/workflows/github_actions.yml
+++ b/.github/workflows/github_actions.yml
@@ -66,13 +66,20 @@ jobs:
           dart format --output=none --set-exit-if-changed .
           flutter analyze
 
-  semantic-release:
-    name: Semantic release
+  release:
+    name: Release
     runs-on: ubuntu-latest
     needs: [test, lint]
     if: ${{ (github.ref == 'refs/heads/main') && (contains(fromJSON('["workflow_dispatch", "schedule"]'), github.event_name)) }}
 
     steps:
+      - name: Create GitHub App token 🔑
+        id: create-app-token
+        uses: tibdex/github-app-token@v2.1.0
+        with:
+          app_id: ${{ secrets.GH_APP_ID }}
+          private_key: ${{ secrets.GH_APP_PRIVATE_KEY }}
+
       - name: Checkout 🛎️
         uses: actions/checkout@v4
         with:
@@ -102,5 +109,5 @@ jobs:
       - name: Release 🚀
         run: npx semantic-release
         env:
-          GITHUB_TOKEN: ${{ secrets.PAT }}
+          GITHUB_TOKEN: ${{ steps.create-app-token.outputs.token }}
           GOOGLE_SERVICE_ACCOUNT_KEY: ${{ secrets.GOOGLE_SERVICE_ACCOUNT_KEY }}