Run placeholder updates on template initialization

[morey-tech]

Replace the hack script used in the devcontainer setup with a GitHub Actions workflow.

# Disable the workflow after it has run.
name: Execute workflow only upon repository initialisation
on:
  push:
    branches:
      - '**'

jobs:
    - name: Disable this workflow
      shell: bash
      run: |
        gh workflow disable -R $GITHUB_REPOSITORY "${{ github.workflow }}"
      env:
        GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

Or

# The workflow runs upon branch/tag creation as well, but it gets canceled because of the conditional expression.
name: Setup repository
on:
  create

jobs:
  create_issue:
    if: github.event.ref == github.event.master_branch
    
    name: Create issue
    runs-on: ubuntu-latest
    permissions:
      issues: write
    steps:
      - uses: imjohnbo/issue-bot@v3
        with:
          title: "Test issue"

Ref: actions/toolkit#1054

[christianh814]

You need "on create` as described HERE

I tried this, it doesn't work for me. Mainly because the default GITHUB_TOKEN that the workflow creates doesn't give permissions to write back to the repo (either via pull request or otherwise). And you HAVE to create a new token that allows this...which, imho, defeats the purpose of doing this in a workflow.

If you can figure it out, lmk, because I spent a day on this to no avail.

[morey-tech]

@christianh814 in your testing did you assign contents: write permissions to the workflow?

[christianh814]

@morey-tech This is what I had that didn't work.

https://github.com/christianh814/kargo-diac-template/blob/32d16b2aeb055677682a3f0e8961ae75c133362c/.github/workflows/personalize.yaml