From 36fc28d25b841f05776222cb008c879b68e5085f Mon Sep 17 00:00:00 2001 From: Dominik Kapusta Date: Wed, 13 Mar 2024 10:55:07 +0100 Subject: [PATCH] Use elevated permissions token --- .github/workflows/hotfix.yml | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/.github/workflows/hotfix.yml b/.github/workflows/hotfix.yml index e2886b1097..11f0b1c821 100644 --- a/.github/workflows/hotfix.yml +++ b/.github/workflows/hotfix.yml @@ -34,26 +34,19 @@ jobs: - name: Prepare fastlane run: bundle install - - name: Find last release version - id: find_last_release - env: - GH_TOKEN: ${{ github.token }} - run: | - last_release="$(gh api repos/${{ github.repository }}/releases/latest | jq -r .tag_name)" - echo "last_release=$last_release" >> $GITHUB_OUTPUT - - name: Make release branch id: make_release_branch env: APPLE_API_KEY_BASE64: ${{ secrets.APPLE_API_KEY_BASE64 }} APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} APPLE_API_KEY_ISSUER: ${{ secrets.APPLE_API_KEY_ISSUER }} - GH_TOKEN: ${{ github.token }} - LAST_RELEASE: ${{ steps.find_last_release.outputs.last_release }} + GH_TOKEN: ${{ secrets.GHA_ELEVATED_PERMISSIONS_TOKEN }} run: | git config --global user.name "Dax the Duck" git config --global user.email "dax@duckduckgo.com" - bundle exec fastlane prepare_hotfix version:"$LAST_RELEASE" + last_release="$(gh api repos/${{ github.repository }}/releases/latest | jq -r .tag_name)" + echo "last_release=$last_release" >> $GITHUB_OUTPUT + bundle exec fastlane prepare_hotfix version:"$last_release" - name: Create release task id: create_release_task @@ -91,7 +84,7 @@ jobs: uses: ./.github/actions/asana-add-comment env: BRANCH: ${{ steps.make_release_branch.outputs.release_branch_name }} - RELEASE_TAG: ${{ steps.find_last_release.outputs.last_release }} + RELEASE_TAG: ${{ steps.make_release_branch.outputs.last_release }} WORKFLOW_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} with: access-token: ${{ secrets.ASANA_ACCESS_TOKEN }}