diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index cbbdf29..91e5018 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -35,44 +35,15 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Generate GitHub App token - id: generate_token - uses: tibdex/github-app-token@v2 - with: - app_id: ${{ secrets.HAWKY_APP_ID }} - private_key: ${{ secrets.HAWKY_APP_PRIVATE_KEY }} - - name: Test token permissions - run: | - curl -v -H "Authorization: token ${{ steps.generate_token.outputs.token }}" \ - https://api.github.com/repos/stackhawk/stackhawk-mcp - shell: bash - name: Set up git for pushing run: | - git remote set-url origin https://x-access-token:${{ steps.generate_token.outputs.token }}@github.com/${{ github.repository }}.git + git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/${{ github.repository }}.git - name: Log git remote and user run: | git remote -v - git config --get user.name || echo "No user.name set" - git config --get user.email || echo "No user.email set" git config --list - - name: Set git user for HawkyMcBuilderFace bot - run: | - git config user.name "HawkyMcBuilderFace[bot]" - git config user.email "222944+HawkyMcBuilderFace[bot]@users.noreply.github.com" - - name: Log git user after config - run: | - git config --get user.name - git config --get user.email - - name: Get version from pyproject.toml - id: get_version - run: | - VERSION=$(grep '^version = ' pyproject.toml | head -1 | cut -d '"' -f2) - echo "version=$VERSION" >> $GITHUB_OUTPUT - - name: Log generated GitHub App token (for debugging) - run: | - echo "Generated GitHub App token:" - echo "${{ steps.generate_token.outputs.token }}" | sed 's/./& /g' | head -c 100 - shell: bash + git config user.name || true + git config user.email || true - name: Create and push tag for current version (with verbose logging) run: | git tag v${{ steps.get_version.outputs.version }} @@ -87,19 +58,13 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Generate GitHub App token - id: generate_token - uses: tibdex/github-app-token@v2 - with: - app_id: ${{ secrets.HAWKY_APP_ID }} - private_key: ${{ secrets.HAWKY_APP_PRIVATE_KEY }} - name: Set up git for pushing run: | - git remote set-url origin https://x-access-token:${{ steps.generate_token.outputs.token }}@github.com/${{ github.repository }}.git - - name: Set git user for HawkyMcBuilderFace bot + git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/${{ github.repository }}.git + - name: Set git user for GitHub Actions bot run: | - git config user.name "HawkyMcBuilderFace[bot]" - git config user.email "222944+HawkyMcBuilderFace[bot]@users.noreply.github.com" + git config user.name "github-actions[bot]" + git config user.email "41898282+github-actions[bot]@users.noreply.github.com" - name: Bump patch version with bumpver run: bumpver update --patch --commit - name: Push version bump commit diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b01f902..3c011bf 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,16 +13,10 @@ jobs: name: Manual Approval runs-on: ubuntu-latest steps: - - name: Generate GitHub App token - id: generate_token - uses: tibdex/github-app-token@v2 - with: - app_id: ${{ secrets.HAWKY_APP_ID }} - private_key: ${{ secrets.HAWKY_APP_PRIVATE_KEY }} - name: Wait for manual approval uses: trstringer/manual-approval@v1 with: - secret: ${{ steps.generate_token.outputs.token }} + secret: ${{ secrets.GH_TOKEN }} issue-title: "Release Approval for ${{ github.ref_name }}" issue-body: "Please approve this release to publish to PyPI and Docker." approvers: sgerlach,kcberg,danielhopkins,clamey,Bwvolleyball @@ -35,12 +29,6 @@ jobs: runs-on: ubuntu-latest needs: approval steps: - - name: Generate GitHub App token - id: generate_token - uses: tibdex/github-app-token@v2 - with: - app_id: ${{ secrets.HAWKY_APP_ID }} - private_key: ${{ secrets.HAWKY_APP_PRIVATE_KEY }} - name: Confirm release tag exists run: | echo "Release tag is ${{ github.ref }}" @@ -63,19 +51,13 @@ jobs: run: | python -m pip install --upgrade pip pip install build bumpver - - name: Generate GitHub App token - id: generate_token - uses: tibdex/github-app-token@v2 - with: - app_id: ${{ secrets.HAWKY_APP_ID }} - private_key: ${{ secrets.HAWKY_APP_PRIVATE_KEY }} - name: Set up git for pushing run: | - git remote set-url origin https://x-access-token:${{ steps.generate_token.outputs.token }}@github.com/${{ github.repository }}.git - - name: Set git user for HawkyMcBuilderFace bot + git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/${{ github.repository }}.git + - name: Set git user for GitHub Actions bot run: | - git config user.name "HawkyMcBuilderFace[bot]" - git config user.email "222944+HawkyMcBuilderFace[bot]@users.noreply.github.com" + git config user.name "github-actions[bot]" + git config user.email "41898282+github-actions[bot]@users.noreply.github.com" - name: Build package run: | python -m build @@ -92,19 +74,13 @@ jobs: with: ref: ${{ github.ref }} fetch-depth: 0 - - name: Generate GitHub App token - id: generate_token - uses: tibdex/github-app-token@v2 - with: - app_id: ${{ secrets.HAWKY_APP_ID }} - private_key: ${{ secrets.HAWKY_APP_PRIVATE_KEY }} - name: Set up git for pushing run: | - git remote set-url origin https://x-access-token:${{ steps.generate_token.outputs.token }}@github.com/${{ github.repository }}.git - - name: Set git user for HawkyMcBuilderFace bot + git remote set-url origin https://x-access-token:${{ secrets.GH_TOKEN }}@github.com/${{ github.repository }}.git + - name: Set git user for GitHub Actions bot run: | - git config user.name "HawkyMcBuilderFace[bot]" - git config user.email "222944+HawkyMcBuilderFace[bot]@users.noreply.github.com" + git config user.name "github-actions[bot]" + git config user.email "41898282+github-actions[bot]@users.noreply.github.com" - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx