chore(ci): use github app tokens instead of bot user (#2282)

mongodb-js · Nov 27, 2024 · 3f2a35f · 3f2a35f
1 parent 41a1865
commit 3f2a35f
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 22 deletions.
diff --git a/.github/workflows/cron-tasks.yml b/.github/workflows/cron-tasks.yml
@@ -17,18 +17,12 @@ jobs:
       npm_config_foreground_scripts: "true"
       PUPPETEER_SKIP_DOWNLOAD: "true"
     steps:
-      - uses: actions/create-github-app-token@v1
+      - uses: mongodb-js/devtools-shared/actions/setup-bot-token@main
         id: app-token
         with:
           app-id: ${{ vars.DEVTOOLS_BOT_APP_ID }}
           private-key: ${{ secrets.DEVTOOLS_BOT_PRIVATE_KEY }}
 
-      - name: Get GitHub App User ID
-        id: get-user-id
-        run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
-        env:
-          GH_TOKEN: ${{ steps.app-token.outputs.token }}
-
       - uses: actions/checkout@v4
         with:
           # don't checkout a detatched HEAD
@@ -39,11 +33,6 @@ jobs:
           fetch-depth: "0"
           token: ${{ steps.app-token.outputs.token }}
 
-      - name: Set up Git
-        run: |
-          git config --global user.name '${{ steps.app-token.outputs.app-slug }}[bot]'
-          git config --global user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com>'
-
       - uses: actions/setup-node@v4
         with:
           node-version: ^16.x

diff --git a/.github/workflows/update-node-js.yaml b/.github/workflows/update-node-js.yaml
@@ -11,20 +11,17 @@ jobs:
     name: Update Node.js versions
     runs-on: ubuntu-latest
     steps:
+      - uses: mongodb-js/devtools-shared/actions/setup-bot-token@main
+        id: app-token
+        with:
+          app-id: ${{ vars.DEVTOOLS_BOT_APP_ID }}
+          private-key: ${{ secrets.DEVTOOLS_BOT_PRIVATE_KEY }}
+
       - uses: actions/checkout@v4
         with:
           # don't checkout a detatched HEAD
           ref: ${{ github.head_ref }}
 
-          # this is important so git log can pick up on
-          # the whole history to generate the list of AUTHORS
-          fetch-depth: "0"
-
-      - name: Setup git
-        run: |
-          git config --local user.email "[email protected]"
-          git config --local user.name "devtoolsbot"
-
       - uses: actions/setup-node@v4
         with:
           node-version: 20.x
@@ -42,7 +39,7 @@ jobs:
       - name: Create Pull Request
         uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # 7.0.5
         with:
-          token: ${{ secrets.SVC_DEVTOOLSBOT_TOKEN }}
+          token: ${{ steps.app-token.outputs.token }}
           commit-message: "chore: update node.js version"
           branch: ci/update-node-js-versions
           title: "chore: update node.js"