diff --git a/.github/workflows/continuous-delivery.yml b/.github/workflows/continuous-delivery.yml index ae51732d9..d6a78ebfb 100644 --- a/.github/workflows/continuous-delivery.yml +++ b/.github/workflows/continuous-delivery.yml @@ -213,6 +213,8 @@ jobs: runs-on: ubuntu-latest needs: [branch_check, metadata, merge, continuous_integration, publish_image, deploy] if: (github.ref_name == 'staging' || github.ref_name == 'master') && always() + permissions: + checks: write steps: - name: Get conclusion id: get_conclusion @@ -228,11 +230,10 @@ jobs: done - name: Update Continuous Delivery check run - uses: guidojw/actions/update-check-run@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: LouisBrunner/checks-action@6b626ffbad7cc56fd58627f774b9067e6118af23 # v2.0.0 with: - app_id: ${{ vars.GH_APP_ID }} - private_key: ${{ secrets.GH_APP_PRIVATE_KEY }} sha: ${{ needs.merge.outputs.sha }} + token: ${{ github.token }} name: Continuous Delivery conclusion: ${{ steps.get_conclusion.outputs.conclusion }} details_url: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index df42dd331..368e55596 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -80,8 +80,8 @@ jobs: RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }} run: | EXIT_STATUS=0 - ./actionlint -ignore 'property "gh_app_private_key" is not defined' -ignore 'SC2153:' \ - -ignore 'property "sha" is not defined in object type {}' || EXIT_STATUS=$? + ./actionlint -ignore 'SC2153:' -ignore 'property "sha" is not defined in object type {}' || \ + EXIT_STATUS=$? docker run -e POSTGRES_USER=postgres -e POSTGRES_PASSWORD=postgres -e POSTGRES_HOST=localhost -e \ RAILS_MASTER_KEY --network=host app bin/ci.sh lint || EXIT_STATUS=$? exit $EXIT_STATUS diff --git a/.github/workflows/publish-image.yml b/.github/workflows/publish-image.yml index 3d65f8977..6047c5322 100644 --- a/.github/workflows/publish-image.yml +++ b/.github/workflows/publish-image.yml @@ -106,6 +106,8 @@ jobs: runs-on: ubuntu-latest needs: [metadata, publish] if: github.event_name == 'workflow_dispatch' && github.workflow == 'Publish Image' && always() + permissions: + checks: write steps: - name: Get conclusion id: get_conclusion @@ -121,10 +123,9 @@ jobs: done - name: Update Publish Image check run - uses: guidojw/actions/update-check-run@abb0ee8d1336edf73383f2e5a09abd3a22f25b13 # v1.3.3 + uses: LouisBrunner/checks-action@6b626ffbad7cc56fd58627f774b9067e6118af23 # v2.0.0 with: - app_id: ${{ vars.GH_APP_ID }} - private_key: ${{ secrets.GH_APP_PRIVATE_KEY }} + token: ${{ github.token }} name: Publish Image conclusion: ${{ steps.get_conclusion.outputs.conclusion }} details_url: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}