@@ -223,26 +223,32 @@ jobs:
223223name : Install Updatecli in the runner
224224 uses : updatecli/updatecli-action@79983ec58a76fe0c87fc76f5a5c7ef8df0bb36c4 # v2.77.0
225225
226+ - uses : actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1
227+ id : generate-token
228+ with :
229+ app-id : ${{ secrets.APP_ID }}
230+ private-key : ${{ secrets.APP_PRIVATE_KEY }}
231+
226232 - name : Update kubewarden-defaults Helm chart
227233 if : endsWith(needs.setvariables.outputs.repository, 'policy-server')
228234 env :
229- UPDATECLI_GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
235+ UPDATECLI_GITHUB_TOKEN : ${{ steps.generate-token.outputs.token }}
230236 UPDATECLI_GITHUB_OWNER : ${{ github.repository_owner }}
231237 UPDATECLI_CHART_VERSION : ${{ needs.setvariables.outputs.version }}
232238 run : " updatecli apply --config ./updatecli/updatecli.d/patch-kubewarden-defaults.yaml --values updatecli/values.yaml"
233239
234240 - name : Update kubewarden-controller Helm chart with no CRDs update
235241 if : (endsWith(needs.setvariables.outputs.repository, 'kubewarden-controller') || endsWith(needs.setvariables.outputs.repository, 'audit-scanner')) && steps.update_crds.outputs.must_update_crds_chart==0
236242 env :
237- UPDATECLI_GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
243+ UPDATECLI_GITHUB_TOKEN : ${{ steps.generate-token.outputs.token }}
238244 UPDATECLI_GITHUB_OWNER : ${{ github.repository_owner }}
239245 UPDATECLI_CHART_VERSION : ${{ needs.setvariables.outputs.version }}
240246 run : " updatecli apply --config ./updatecli/updatecli.d/patch-kubewarden-controller.yaml --values updatecli/values.yaml"
241247
242248 - name : Update kubewarden-controller Helm chart with CRDs update
243249 if : (endsWith(needs.setvariables.outputs.repository, 'kubewarden-controller') || endsWith(needs.setvariables.outputs.repository, 'audit-scanner')) && steps.update_crds.outputs.must_update_crds_chart!=0
244250 env :
245- UPDATECLI_GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
251+ UPDATECLI_GITHUB_TOKEN : ${{ steps.generate-token.outputs.token }}
246252 UPDATECLI_GITHUB_OWNER : ${{ github.repository_owner }}
247253 UPDATECLI_CHART_VERSION : ${{ needs.setvariables.outputs.version }}
248254 run : " updatecli apply --config ./updatecli/updatecli.d/patch-kubewarden-controller-with-crds-update.yaml --values updatecli/values.yaml"
@@ -366,10 +372,16 @@ jobs:
366372name : Install Updatecli in the runner
367373 uses : updatecli/updatecli-action@79983ec58a76fe0c87fc76f5a5c7ef8df0bb36c4 # v2.77.0
368374
375+ - uses : actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1
376+ id : generate-token
377+ with :
378+ app-id : ${{ secrets.APP_ID }}
379+ private-key : ${{ secrets.APP_PRIVATE_KEY }}
380+
369381 - name : Major or minor update Kubewarden charts with NO CRDs update
370382 if : steps.update_crds.outputs.must_update_crds_chart==0 && (needs.check-update-type.outputs.update_type == 'major' || needs.check-update-type.outputs.update_type == 'minor')
371383 env :
372- UPDATECLI_GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
384+ UPDATECLI_GITHUB_TOKEN : ${{ steps.generate-token.outputs.token }}
373385 UPDATECLI_SEMVERINC_UPDATE : ${{ needs.check-update-type.outputs.update_type }}
374386 UPDATECLI_PRERELEASE_SUFFIX : ${{ needs.check-update-type.outputs.prerelease }}
375387 UPDATECLI_GITHUB_OWNER : ${{ github.repository_owner }}
@@ -379,7 +391,7 @@ jobs:
379391 - name : Major or minor update Kubewarden charts WITH CRDs update
380392 if : steps.update_crds.outputs.must_update_crds_chart==1 && (needs.check-update-type.outputs.update_type == 'major' || needs.check-update-type.outputs.update_type == 'minor')
381393 env :
382- UPDATECLI_GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
394+ UPDATECLI_GITHUB_TOKEN : ${{ steps.generate-token.outputs.token }}
383395 UPDATECLI_SEMVERINC_UPDATE : ${{ needs.check-update-type.outputs.update_type }}
384396 UPDATECLI_PRERELEASE_SUFFIX : ${{ needs.check-update-type.outputs.prerelease }}
385397 UPDATECLI_GITHUB_OWNER : ${{ github.repository_owner }}
@@ -389,7 +401,7 @@ jobs:
389401 - name : Prerelease update Kubewarden charts with NO CRDs update
390402 if : steps.update_crds.outputs.must_update_crds_chart==0 && needs.check-update-type.outputs.update_type == 'prerelease'
391403 env :
392- UPDATECLI_GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
404+ UPDATECLI_GITHUB_TOKEN : ${{ steps.generate-token.outputs.token }}
393405 UPDATECLI_SEMVERINC_UPDATE : ${{ needs.check-update-type.outputs.update_type }}
394406 UPDATECLI_PRERELEASE_SUFFIX : ${{ needs.check-update-type.outputs.prerelease }}
395407 UPDATECLI_GITHUB_OWNER : ${{ github.repository_owner }}
@@ -399,7 +411,7 @@ jobs:
399411 - name : Prerelease update Kubewarden charts WITH CRDs update
400412 if : steps.update_crds.outputs.must_update_crds_chart==1 && needs.check-update-type.outputs.update_type == 'prerelease'
401413 env :
402- UPDATECLI_GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
414+ UPDATECLI_GITHUB_TOKEN : ${{ steps.generate-token.outputs.token }}
403415 UPDATECLI_SEMVERINC_UPDATE : ${{ needs.check-update-type.outputs.update_type }}
404416 UPDATECLI_PRERELEASE_SUFFIX : ${{ needs.check-update-type.outputs.prerelease }}
405417 UPDATECLI_GITHUB_OWNER : ${{ github.repository_owner }}
0 commit comments