diff --git a/.github/workflows/publish-bot.yml b/.github/workflows/publish-bot.yml index b97fe867a74b..9a628156e0db 100644 --- a/.github/workflows/publish-bot.yml +++ b/.github/workflows/publish-bot.yml @@ -26,28 +26,37 @@ jobs: - name: Install Poetry if: ${{ !startsWith(github.event_name, 'pull_request') }} run: pipx install poetry + - name: Setup Python uses: actions/setup-python@v4 with: python-version: "3.10" + - name: Test Plugin id: plugin-test run: | - curl -sSL https://github.com/nonebot/nonebot2-publish-bot/releases/latest/download/plugin_test.py -o plugin_test.py - python plugin_test.py + curl -sSL https://github.com/nonebot/nonebot2-publish-bot/releases/latest/download/plugin_test.py | python - publish_bot: runs-on: ubuntu-latest name: nonebot2 publish bot needs: plugin_test steps: + - name: Generate token + id: generate-token + uses: tibdex/github-app-token@v1 + with: + app_id: ${{ secrets.APP_ID }} + private_key: ${{ secrets.APP_KEY }} + - name: Checkout Code uses: actions/checkout@v3 with: - token: ${{ secrets.GH_TOKEN }} + token: ${{ steps.generate-token.outputs.token }} + - name: NoneBot2 Publish Bot uses: docker://ghcr.io/nonebot/nonebot2-publish-bot:latest with: - token: ${{ secrets.GH_TOKEN }} + token: ${{ steps.generate-token.outputs.token }} config: > { "base": "master", diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index fafd9dbcc4fe..140e39bf7df4 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -18,9 +18,16 @@ jobs: group: pull-request-changelog cancel-in-progress: true steps: + - name: Generate token + id: generate-token + uses: tibdex/github-app-token@v1 + with: + app_id: ${{ secrets.APP_ID }} + private_key: ${{ secrets.APP_KEY }} + - uses: actions/checkout@v3 with: - token: ${{ secrets.GH_TOKEN }} + token: ${{ steps.generate-token.outputs.token }} - name: Setup Node Environment uses: ./.github/actions/setup-node @@ -43,8 +50,8 @@ jobs: - name: Commit and Push run: | yarn prettier - git config user.name github-actions[bot] - git config user.email github-actions[bot]@users.noreply.github.com + git config user.name noneflow[bot] + git config user.email 129742071+noneflow[bot]@users.noreply.github.com git add . git diff-index --quiet HEAD || git commit -m ":memo: Update changelog" git push diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a5b1c154b86f..cdda45ec4059 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,12 +6,17 @@ on: jobs: build: runs-on: ubuntu-latest - steps: + - name: Generate token + id: generate-token + uses: tibdex/github-app-token@v1 + with: + app_id: ${{ secrets.APP_ID }} + private_key: ${{ secrets.APP_KEY }} + - uses: actions/checkout@v3 with: - ref: master - token: ${{ secrets.GH_TOKEN }} + token: ${{ steps.generate-token.outputs.token }} - name: Setup Python Environment uses: ./.github/actions/setup-python @@ -39,8 +44,8 @@ jobs: - name: Push Tag run: | - git config user.name github-actions[bot] - git config user.email github-actions[bot]@users.noreply.github.com + git config user.name noneflow[bot] + git config user.email 129742071+noneflow[bot]@users.noreply.github.com git add . git commit -m ":bookmark: Release $(poetry version -s)" git tag ${{ env.TAG_NAME }}