diff --git a/.github/workflows/trigger-publish.yml b/.github/workflows/trigger-publish.yml
index 4859c831..b8c87a98 100644
--- a/.github/workflows/trigger-publish.yml
+++ b/.github/workflows/trigger-publish.yml
@@ -19,9 +19,20 @@ jobs:
         run: |
           echo branch="${GITHUB_REF#refs/heads/}" >> "$GITHUB_OUTPUT"
 
-      - name: Dispatch docker builds Github Action
-        uses: temporalio/docker-builds/update-submodules.yml@main
+      - name: Generate a token
+        id: generate_token
+        uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92
         with:
-          repo: "cli"
-          branch: ${{ steps.get_branch.outputs.branch }}
-          commit: ${{ env.GITHUB_SHA }}
+          app_id: ${{ secrets.TEMPORAL_CICD_APP_ID }}
+          private_key: ${{ secrets.TEMPORAL_CICD_PRIVATE_KEY }}
+
+      - name: Dispatch docker builds Github Action
+        env:
+          PAT: ${{ steps.generate_token.outputs.token }}
+          PARENT_REPO: temporalio/docker-builds
+          PARENT_BRANCH: ${{ toJSON('main') }}
+          WORKFLOW_ID: update-submodules.yml
+          REPO: ${{ toJSON('cli') }}
+          BRANCH: ${{ toJSON(steps.get_branch.outputs.branch) }}
+        run: |
+          curl -fL -X POST -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $PAT" "https://api.github.com/repos/$PARENT_REPO/actions/workflows/$WORKFLOW_ID/dispatches" -d '{"ref":'"$PARENT_BRANCH"', "inputs": { "repo":'"$REPO"', "branch":'"$BRANCH"', "commit": '"$GITHUB_SHA"' }}'