From 3fd4dc6c576a543591c9a574291db1c64c280ab1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Claudio=20Andr=C3=A9?= Date: Fri, 15 Nov 2024 16:38:56 -0300 Subject: [PATCH] revert: fix(ci): use SSH on the merge bot (#608) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit 6579932baa008b74512119bbaa250427c6d1313c. A bot running from a PR fork has no access to secrets. Therefore, #607 is useless. Merge-bot will only be used for merges originating from the upstream repository. It works in this scenario. So I'm reverting #607, as it's neither useful nor necessary. Signed-off-by: Claudio André --- .github/actions/spelling/patterns.txt | 3 --- .github/workflows/merge-bot.yml | 6 ------ 2 files changed, 9 deletions(-) diff --git a/.github/actions/spelling/patterns.txt b/.github/actions/spelling/patterns.txt index e115e431..3d79dfc1 100644 --- a/.github/actions/spelling/patterns.txt +++ b/.github/actions/spelling/patterns.txt @@ -100,6 +100,3 @@ index [0-9a-z]{7,40}\.\.[0-9a-z]{7,40} # hit-count: 1 file-count: 1 # curl arguments \b(?:\\n|)curl(?:\s+-[a-zA-Z]{1,2}\b)*(?:\s+-[a-zA-Z]{3,})(?:\s+-[a-zA-Z]+)* - -# SSH information -SHA256:ok.{42}username@users.noreply.github.com diff --git a/.github/workflows/merge-bot.yml b/.github/workflows/merge-bot.yml index b1dbad6b..d0af0d78 100644 --- a/.github/workflows/merge-bot.yml +++ b/.github/workflows/merge-bot.yml @@ -49,7 +49,6 @@ jobs: egress-policy: block allowed-endpoints: > api.github.com:443 - github.com:22 github.com:443 raw.githubusercontent.com:443 @@ -58,15 +57,10 @@ jobs: GITHUB_CONTEXT: ${{ toJSON(github) }} run: echo "$GITHUB_CONTEXT" - - uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387 # v0.9.0 - with: - ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 ref: main - ssh-key: "SHA256:ok+PGEmHdM/emA1zW4KJFOi59cOhuxk9wB3rrUwi1dg username@users.noreply.github.com" - name: Auto-merge PRs run: |