jprdonnelly/docs
1
0
Fork 0
mirror of synced 2026-01-06 06:02:35 -05:00
Code Issues Projects Releases Wiki Activity

Update PATs to new format (#38179)

Browse Source
This commit is contained in:
Kevin Heis
2023-06-26 07:14:01 -07:00
committed by GitHub
parent 6306828c56
commit 46e84b3ee4
41 changed files with 87 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/actions-scripts/rendered-content-link-checker.js vendored
View File

@@ -158,7 +158,7 @@ if (import.meta.url.endsWith(process.argv[1])) {
* linkReports {boolean} - When createReport is true, link the issue report to previous report(s) via comments
* reportRepository {string} - Repository in form of "owner/repo-name" that report issue will be created in
* reportLabel {string} - Label assigned to report issue,
* reportAuthor {string} - Expected author of previous report issue for linking reports (a bot user like Docubot)
* reportAuthor {string} - Expected author of previous report issue for linking reports (a bot user like docs-bot)
* actionUrl {string} - Used to link report or comment to the action instance for debugging
* actionContext {object} - Event payload context when run from action or injected. Should include { repo, owner }
* verbose {boolean} - Set to true for more verbose logging

2
.github/workflows/add-review-template.yml vendored
View File

@@ -34,6 +34,6 @@ jobs:
run: |
gh pr comment $PR --body "$TEMPLATE"
env:
GITHUB_TOKEN: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_WORKFLOW_READORG }}
PR: ${{ github.event.pull_request.html_url }}
TEMPLATE: ${{ env.TEMPLATE }}

6
.github/workflows/azure-preview-env-deploy.yml vendored
View File

@@ -126,7 +126,7 @@ jobs:
env:
BRANCH_NAME: ${{ env.BRANCH_NAME }}
with:
github-token: ${{ secrets.DOCUBOT_REPO_PAT }}
github-token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
result-encoding: string
script: |
const { BRANCH_NAME } = process.env
@@ -154,7 +154,7 @@ jobs:
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
repository: github/docs-early-access
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
path: docs-early-access
ref: ${{ steps.check-early-access.outputs.result }}
@@ -180,7 +180,7 @@ jobs:
- if: ${{ steps.with-translations.outputs.result == 'true' }}
uses: ./.github/actions/clone-translations
with:
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
- if: ${{ env.IS_PUBLIC_BUILD == 'true' }}
name: Check out user code to temp directory

2
.github/workflows/azure-preview-env-destroy.yml vendored
View File

@@ -68,5 +68,5 @@ jobs:
- uses: strumwolf/delete-deployment-environment@3cb547f8ec03ee6c0473d90cce57c74c688c2510
with:
# The token provided by the workflow does not have the permissions to delete created environments
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
environment: preview-env-${{ env.PR_NUMBER }}

4
.github/workflows/azure-prod-build-deploy.yml vendored
View File

@@ -65,7 +65,7 @@ jobs:
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
repository: github/docs-early-access
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
path: docs-early-access
- name: Merge docs-early-access repo's folders
@@ -77,7 +77,7 @@ jobs:
- uses: ./.github/actions/clone-translations
with:
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
- name: 'Build and push image'
uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671

2
.github/workflows/azure-staging-build-deploy.yml vendored
View File

@@ -83,7 +83,7 @@ jobs:
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
repository: github/docs-early-access
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
path: docs-early-access
ref: main

6
.github/workflows/check-broken-links-github-github.yml vendored
View File

@@ -27,9 +27,9 @@ jobs:
runs-on: ubuntu-latest
env:
# need to use a token from a user with access to github/github for this step
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_FR }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
FIRST_RESPONDER_PROJECT: Docs content first responder
REPORT_AUTHOR: docubot
REPORT_AUTHOR: docs-bot
REPORT_LABEL: github github broken link report
REPORT_REPOSITORY: github/docs-content
steps:
@@ -48,7 +48,7 @@ jobs:
- uses: ./.github/actions/get-docs-early-access
with:
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
- name: Build server
run: npm run build

2
.github/workflows/check-for-spammy-issues.yml vendored
View File

@@ -19,7 +19,7 @@ jobs:
steps:
- uses: actions/github-script@98814c53be79b1d30f795b907e553d8679345975
with:
github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
github-token: ${{ secrets.DOCS_BOT_PAT_WORKFLOW_READORG }}
script: |
const issue = context.payload.issue

2
.github/workflows/close-bad-repo-sync-prs.yml vendored
View File

@@ -23,7 +23,7 @@ jobs:
- name: Close pull request if unwanted
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410
with:
github-token: ${{ secrets.DOCS_BOT_FR }}
github-token: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
script: |
const { owner, repo } = context.repo
const prCreator = context.actor

2
.github/workflows/codeowners-content-strategy.yml vendored
View File

@@ -16,6 +16,6 @@ jobs:
steps:
- name: Add Content Strategy as a reviewer
env:
GH_TOKEN: ${{ secrets.DOCS_BOT_FR }}
GH_TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
PR: ${{ github.event.pull_request.html_url }}
run: gh pr edit $PR --add-reviewer github/docs-content-strategy

2
.github/workflows/codeowners-docs-engineering.yml vendored
View File

@@ -30,7 +30,7 @@ jobs:
if: ${{ github.repository == 'github/docs-internal' && !github.event.pull_request.draft }}
runs-on: ubuntu-latest
env:
GH_TOKEN: ${{ secrets.DOCS_BOT_FR }}
GH_TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
PR: ${{ github.event.pull_request.html_url }}
steps:

2
.github/workflows/confirm-internal-staff-work-in-docs.yml vendored
View File

@@ -27,7 +27,7 @@ jobs:
env:
TEAM_CONTENT_REPO: ${{ secrets.TEAM_CONTENT_REPO }}
with:
github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
github-token: ${{ secrets.DOCS_BOT_PAT_WORKFLOW_READORG }}
script: |
// Only perform this action with GitHub employees
try {

10
.github/workflows/copy-api-issue-to-internal.yml vendored
View File

@@ -22,7 +22,7 @@ jobs:
uses: actions/github-script@98814c53be79b1d30f795b907e553d8679345975
id: triggered-by-member
with:
github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
github-token: ${{secrets.DOCS_BOT_PAT_WORKFLOW_READORG}}
result-encoding: string
script: |
const triggerer_login = context.payload.sender.login
@@ -48,25 +48,25 @@ jobs:
new_issue_url="$(gh issue create --title "$ISSUE_TITLE" --body "$ISSUE_BODY" --repo github/docs-content)"
echo 'NEW_ISSUE='$new_issue_url >> $GITHUB_ENV
env:
GITHUB_TOKEN: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
GITHUB_TOKEN: ${{secrets.DOCS_BOT_PAT_WORKFLOW_READORG}}
ISSUE_TITLE: ${{ github.event.issue.title }}
ISSUE_BODY: ${{ github.event.issue.body }}
- name: Comment on the old issue
run: gh issue comment $OLD_ISSUE --body "Thank you for opening this issue! Updates to the REST API, GraphQL API, and webhook reference documentation must be made internally. I have copied your issue to an internal issue, so I will close this issue."
env:
GITHUB_TOKEN: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
GITHUB_TOKEN: ${{secrets.DOCS_BOT_PAT_WORKFLOW_READORG}}
OLD_ISSUE: ${{ github.event.issue.html_url }}
- name: Close the old issue
run: gh issue close $OLD_ISSUE
env:
GITHUB_TOKEN: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
GITHUB_TOKEN: ${{secrets.DOCS_BOT_PAT_WORKFLOW_READORG}}
OLD_ISSUE: ${{ github.event.issue.html_url }}
- name: Comment on the new issue
run: gh issue comment $NEW_ISSUE --body "This issue was originally opened in the open source repo as $OLD_ISSUE"
env:
GITHUB_TOKEN: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
GITHUB_TOKEN: ${{secrets.DOCS_BOT_PAT_WORKFLOW_READORG}}
NEW_ISSUE: ${{ env.NEW_ISSUE }}
OLD_ISSUE: ${{ github.event.issue.html_url }}

2
.github/workflows/docs-review-collect.yml vendored
View File

@@ -35,7 +35,7 @@ jobs:
run: |
node .github/actions-scripts/fr-add-docs-reviewers-requests.js
env:
TOKEN: ${{ secrets.DOCS_BOT_FR }}
TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
PROJECT_NUMBER: 2936
ORGANIZATION: 'github'
REPO: 'github'

4
.github/workflows/dont-delete-assets.yml vendored
View File

@@ -24,8 +24,8 @@ permissions:
jobs:
dont-delete-assets:
# It's 'docubot' that creates those PR from "Delete orphaned assets"
if: github.event.pull_request.user.login != 'docubot' && (github.repository == 'github/docs-internal' || github.repository == 'github/docs')
# It's 'docs-bot' that creates those PR from "Delete orphaned assets"
if: github.event.pull_request.user.login != 'docs-bot' && (github.repository == 'github/docs-internal' || github.repository == 'github/docs')
runs-on: ubuntu-latest
steps:
- name: Check out repo

6
.github/workflows/enterprise-dates.yml vendored
View File

@@ -46,7 +46,7 @@ jobs:
run: |
src/ghes-releases/scripts/update-enterprise-dates.js
env:
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_FR }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
- name: Create pull request
id: create-pull-request
@@ -69,7 +69,7 @@ jobs:
- name: Enable GitHub auto-merge
if: ${{ steps.create-pull-request.outputs.pull-request-number }}
env:
GITHUB_TOKEN: ${{ secrets.DOCUBOT_REPO_PAT }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
AUTOMERGE_PR_NUMBER: ${{ steps.create-pull-request.outputs.pull-request-number }}
run: node .github/actions-scripts/enable-automerge.js
@@ -84,7 +84,7 @@ jobs:
name: Approve
uses: juliangruber/approve-pull-request-action@dcc4effb325c0b503408619918d56e40653dcc91
with:
github-token: ${{ secrets.DOCUBOT_REPO_PAT }}
github-token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
number: ${{ steps.create-pull-request.outputs.pull-request-number }}
- name: Send Slack notification if workflow fails

10
.github/workflows/first-responder-docs-content.yml vendored
View File

@@ -27,7 +27,7 @@ jobs:
uses: actions/github-script@98814c53be79b1d30f795b907e553d8679345975
id: set-result
with:
github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
github-token: ${{secrets.DOCS_BOT_PAT_WORKFLOW_READORG}}
result-encoding: string
script: |
const repoName = context.payload.repository.name
@@ -52,13 +52,13 @@ jobs:
uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90
if: steps.set-result.outputs.result == 'false'
with:
repo-token: '${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}'
repo-token: '${{ secrets.DOCS_BOT_PAT_WORKFLOW_READORG }}'
add-labels: 'docs-content-fr'
- name: Triage to FR PR project column
uses: rachmari/actions-add-new-issue-to-column@1a459ef92308ba7c9c9dc2fcdd72f232495574a9
if: steps.set-result.outputs.result == 'false'
with:
action-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
action-token: ${{ secrets.DOCS_BOT_PAT_WORKFLOW_READORG }}
project-url: 'https://github.com/orgs/github/projects/1367'
column-name: 'Docs-internal external contributor PRs'
@@ -71,7 +71,7 @@ jobs:
- name: Remove card from project
uses: actions/github-script@98814c53be79b1d30f795b907e553d8679345975
with:
github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
github-token: ${{secrets.DOCS_BOT_PAT_WORKFLOW_READORG}}
result-encoding: string
script: |
const issueToRemove = context.payload.number
@@ -92,5 +92,5 @@ jobs:
if: github.event.action == 'closed'
uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90
with:
repo-token: '${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}'
repo-token: '${{ secrets.DOCS_BOT_PAT_WORKFLOW_READORG }}'
remove-labels: 'docs-content-fr'

2
.github/workflows/hubber-contribution-help.yml vendored
View File

@@ -23,7 +23,7 @@ jobs:
- id: membership_check
uses: actions/github-script@98814c53be79b1d30f795b907e553d8679345975
with:
github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
github-token: ${{ secrets.DOCS_BOT_PAT_WORKFLOW_READORG }}
script: |
try {
await github.rest.teams.getMembershipForUserInOrg({

6
.github/workflows/link-check-daily.yml vendored
View File

@@ -32,7 +32,7 @@ jobs:
id: check-early-access
env:
BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
GITHUB_TOKEN: ${{ secrets.DOCUBOT_REPO_PAT }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
run: node .github/actions-scripts/what-docs-early-access-branch.js
- name: Check out docs-early-access too, if internal repo
@@ -40,7 +40,7 @@ jobs:
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
repository: github/docs-early-access
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
path: docs-early-access
ref: ${{ steps.check-early-access.outputs.branch }}
@@ -61,7 +61,7 @@ jobs:
# Set this to true in repo scope to enable debug logs
# ACTIONS_RUNNER_DEBUG = true
ACTION_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_FR }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
REPORT_AUTHOR: docs-bot
REPORT_LABEL: broken link report
REPORT_REPOSITORY: github/docs-content

6
.github/workflows/link-check-on-pr.yml vendored
View File

@@ -33,15 +33,15 @@ jobs:
- uses: ./.github/actions/get-docs-early-access
if: ${{ github.repository == 'github/docs-internal' }}
with:
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
- name: Link check all pages (internal links only)
id: all_links
env:
LEVEL: 'critical'
ACTION_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_FR }}
SHOULD_COMMENT: ${{ secrets.DOCS_BOT_FR != '' }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
SHOULD_COMMENT: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT != '' }}
CHECK_EXTERNAL_LINKS: false
CREATE_REPORT: false
# Not strictly necessary bit it makes warmServer() a bit faster

2
.github/workflows/main-preview-docker-cache.yml vendored
View File

@@ -55,7 +55,7 @@ jobs:
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
repository: github/docs-early-access
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
path: docs-early-access
ref: main

2
.github/workflows/move-existing-issues-to-the-correct-repo.yml vendored
View File

@@ -20,7 +20,7 @@ jobs:
TEAM_ENGINEERING_REPO: ${{ secrets.TEAM_ENGINEERING_REPO }}
TEAM_CONTENT_REPO: ${{ secrets.TEAM_CONTENT_REPO }}
with:
github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
github-token: ${{ secrets.DOCS_BOT_PAT_WORKFLOW_READORG }}
script: |
const owner = 'github'
const originalRepo = 'docs-internal'

2
.github/workflows/move-help-wanted-issues.yml vendored
View File

@@ -25,4 +25,4 @@ jobs:
with:
project: Docs open source board
column: Help wanted
repo-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
repo-token: ${{ secrets.DOCS_BOT_PAT_WORKFLOW_READORG }}

2
.github/workflows/move-new-issues-to-correct-docs-repo.yml vendored
View File

@@ -26,7 +26,7 @@ jobs:
TEAM_ENGINEERING_REPO: ${{ secrets.TEAM_ENGINEERING_REPO }}
TEAM_CONTENT_REPO: ${{ secrets.TEAM_CONTENT_REPO }}
with:
github-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
github-token: ${{ secrets.DOCS_BOT_PAT_WORKFLOW_READORG }}
script: |
const issueNo = context.issue.number
const owner = 'github'

2
.github/workflows/move-ready-to-merge-pr.yaml vendored
View File

@@ -26,7 +26,7 @@ jobs:
with:
project: Docs open source board
column: Triage
repo-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
repo-token: ${{ secrets.DOCS_BOT_PAT_WORKFLOW_READORG }}
- name: remove label
uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90

2
.github/workflows/notify-about-deployment.yml vendored
View File

@@ -38,7 +38,7 @@ jobs:
id: get-number
timeout-minutes: 3
env:
GITHUB_TOKEN: ${{ secrets.DOCUBOT_REPO_PAT }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
run: .github/actions-scripts/find-past-built-pr.js
- name: Find content directory changes comment

8
.github/workflows/open-enterprise-issue.yml vendored
View File

@@ -28,25 +28,25 @@ jobs:
run: |
.github/actions-scripts/check-for-enterprise-issues-by-label.js
env:
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_FR }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
- name: Update enterprise dates
if: steps.existingIssue.outputs.deprecationIssue == 'false' || steps.existingIssue.outputs.releaseIssue == 'false'
run: |
src/ghes-releases/scripts/update-enterprise-dates.js
env:
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_FR }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
- name: Create an enterprise release issue
if: steps.existingIssue.outputs.releaseIssue == 'false'
run: |
.github/actions-scripts/create-enterprise-issue.js release
env:
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_FR }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
- name: Create an enterprise deprecation issue
if: steps.existingIssue.outputs.deprecationIssue == 'false'
run: |
.github/actions-scripts/create-enterprise-issue.js deprecation
env:
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_FR }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}

2
.github/workflows/optimize-images.yml vendored
View File

@@ -27,7 +27,7 @@ jobs:
# Need to specify a PAT here because otherwise GITHUB_TOKEN is used
# by default. Workflows won't trigger in that case because actions
# performed with GITHUB_TOKEN don't trigger other workflows.
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
- name: Check out base ref
run: git fetch --no-tags --depth=1 origin $GITHUB_BASE_REF

10
.github/workflows/orphaned-assets-check.yml vendored
View File

@@ -22,7 +22,7 @@ jobs:
with:
# Using a PAT is necessary so that the new commit will trigger the
# CI in the PR. (Events from GITHUB_TOKEN don't trigger new workflows.)
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
# It's important because translations are often a bit behind.
# So if a translation is a bit behind, it might still be referencing
@@ -30,14 +30,14 @@ jobs:
- name: Clone all translations
uses: ./.github/actions/clone-translations
with:
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
- uses: ./.github/actions/node-npm-setup
- name: Check for orphaned assets
env:
# Needed for gh
GITHUB_TOKEN: ${{ secrets.DOCUBOT_REPO_PAT }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
run: |
set -e
@@ -49,8 +49,8 @@ jobs:
git status -- ':!translations*' | grep 'nothing to commit' && exit 0
# Replicated from the translation pipeline PR-maker Action
git config --global user.name "docubot"
git config --global user.email "67483024+docubot@users.noreply.github.com"
git config --global user.name "docs-bot"
git config --global user.email "77750099+docs-bot@users.noreply.github.com"
date=$(date '+%Y-%m-%d-%H-%M')
branchname=orphaned-assets-$date-$GITHUB_RUN_ID

4
.github/workflows/os-ready-for-review.yml vendored
View File

@@ -22,7 +22,7 @@ jobs:
uses: actions/github-script@98814c53be79b1d30f795b907e553d8679345975
id: triggered-by-member
with:
github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
github-token: ${{secrets.DOCS_BOT_PAT_WORKFLOW_READORG}}
result-encoding: string
script: |
const triggerer_login = context.payload.sender.login
@@ -59,7 +59,7 @@ jobs:
run: |
node .github/actions-scripts/ready-for-docs-review.js
env:
TOKEN: ${{ secrets.DOCS_BOT_FR }}
TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
PROJECT_NUMBER: 2936
ORGANIZATION: 'github'
ITEM_NODE_ID: ${{ github.event.pull_request.node_id || github.event.issue.node_id }}

4
.github/workflows/ready-for-doc-review.yml vendored
View File

@@ -35,7 +35,7 @@ jobs:
run: |
node .github/actions-scripts/ready-for-docs-review.js
env:
TOKEN: ${{ secrets.DOCS_BOT_FR }}
TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
PROJECT_NUMBER: 2936
ORGANIZATION: 'github'
ITEM_NODE_ID: ${{ github.event.pull_request.node_id }}
@@ -48,6 +48,6 @@ jobs:
if: ${{ failure() }}
uses: rachmari/actions-add-new-issue-to-column@1a459ef92308ba7c9c9dc2fcdd72f232495574a9
with:
action-token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
action-token: ${{ secrets.DOCS_BOT_PAT_WORKFLOW_READORG }}
project-url: 'https://github.com/orgs/github/projects/1367'
column-name: 'Docs-internal external contributor PRs'

4
.github/workflows/remove-from-fr-board.yaml vendored
View File

@@ -20,11 +20,11 @@ jobs:
if: ${{ github.event.client_payload.command.resource.type == 'Issue' }}
run: gh issue edit "$ISSUE_URL" --remove-project "Docs content first responder"
env:
GITHUB_TOKEN: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
GITHUB_TOKEN: ${{secrets.DOCS_BOT_PAT_WORKFLOW_READORG}}
ISSUE_URL: https://github.com/${{ github.event.client_payload.command.repository.full_name }}/issues/${{ github.event.client_payload.command.resource.number }}
- name: Remove PR from board
if: ${{ github.event.client_payload.command.resource.type == 'PullRequest' }}
run: gh pr edit "$PR_URL" --remove-project "Docs content first responder"
env:
GITHUB_TOKEN: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
GITHUB_TOKEN: ${{secrets.DOCS_BOT_PAT_WORKFLOW_READORG}}
PR_URL: https://github.com/${{ github.event.client_payload.command.repository.full_name }}/pull/${{ github.event.client_payload.command.resource.number }}

2
.github/workflows/site-policy-sync.yml vendored
View File

@@ -55,7 +55,7 @@ jobs:
- name: If there are changes to push, create a branch in the public repo and push changes
env:
GITHUB_TOKEN: ${{ secrets.DOCUBOT_REPO_PAT }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
run: |
cd public-repo
git config --local user.name 'site-policy-bot'

8
.github/workflows/sync-codeql-cli.yml vendored
View File

@@ -43,7 +43,7 @@ jobs:
with:
# By default, only the most recent commit of the `main` branch
# will be checked out
token: ${{ secrets.DOCS_BOT_FR }}
token: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
repository: github/semmle-code
path: semmle-code
ref: ${{ github.event.inputs.SOURCE_BRANCH }}
@@ -80,7 +80,7 @@ jobs:
- name: Create pull request
env:
# Needed for gh
GITHUB_TOKEN: ${{ secrets.DOCUBOT_REPO_PAT }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
run: |
# If nothing to commit, exit now. It's fine. No orphans.
changes=$(git diff --name-only | wc -l)
@@ -90,8 +90,8 @@ jobs:
exit 0
fi
git config --global user.name "docubot"
git config --global user.email "67483024+docubot@users.noreply.github.com"
git config --global user.name "docs-bot"
git config --global user.email "77750099+docs-bot@users.noreply.github.com"
branchname=codeql-cli-update-${{ steps.semmle-code.outputs.OPENAPI_COMMIT_SHA }}

6
.github/workflows/sync-graphql.yml vendored
View File

@@ -37,7 +37,7 @@ jobs:
- name: Run updater scripts
env:
# need to use a token from a user with access to github/github for this step
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_FR }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
run: |
src/graphql/scripts/sync.js
- name: Create pull request
@@ -64,7 +64,7 @@ jobs:
- name: Enable GitHub auto-merge
if: ${{ steps.create-pull-request.outputs.pull-request-number }}
env:
GITHUB_TOKEN: ${{ secrets.DOCUBOT_REPO_PAT }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
AUTOMERGE_PR_NUMBER: ${{ steps.create-pull-request.outputs.pull-request-number }}
run: node .github/actions-scripts/enable-automerge.js
@@ -78,7 +78,7 @@ jobs:
name: Approve
uses: juliangruber/approve-pull-request-action@dcc4effb325c0b503408619918d56e40653dcc91
with:
github-token: ${{ secrets.DOCUBOT_REPO_PAT }}
github-token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
number: ${{ steps.create-pull-request.outputs.pull-request-number }}
- name: Send Slack notification if workflow fails
uses: someimportantcompany/github-actions-slack-message@1d367080235edfa53df415bd8e0bbab480f29bad

8
.github/workflows/sync-openapi.yml vendored
View File

@@ -52,7 +52,7 @@ jobs:
- name: Sync the REST, Webhooks, and GitHub Apps schemas
env:
# Needed for gh
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_FR }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_WRITEORG_PROJECT }}
run: |
src/rest/scripts/update-files.js --source-repo rest-api-description --output rest github-apps webhooks rest-redirects
git status
@@ -73,7 +73,7 @@ jobs:
- name: Create pull request
env:
# Needed for gh
GITHUB_TOKEN: ${{ secrets.DOCUBOT_REPO_PAT }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
run: |
# If nothing to commit, exit now. It's fine. No orphans.
changes=$(git diff --name-only | wc -l)
@@ -82,8 +82,8 @@ jobs:
exit 0
fi
git config --global user.name "docubot"
git config --global user.email "67483024+docubot@users.noreply.github.com"
git config --global user.name "docs-bot"
git config --global user.email "77750099+docs-bot@users.noreply.github.com"
branchname=openapi-update-${{ steps.rest-api-description.outputs.OPENAPI_COMMIT_SHA }}

6
.github/workflows/sync-search-elasticsearch.yml vendored
View File

@@ -107,15 +107,15 @@ jobs:
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
repository: github/docs-internal.popular-pages
# This works because user `docubot` has read access to that private repo.
token: ${{ secrets.DOCUBOT_REPO_PAT }}
# This works because user `docs-bot` has read access to that private repo.
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
path: popular-pages
- name: Clone all translations
if: ${{ matrix.language != 'en' }}
uses: ./.github/actions/clone-translations
with:
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
- uses: ./.github/actions/node-npm-setup

4
.github/workflows/sync-search-pr.yml vendored
View File

@@ -43,8 +43,8 @@ jobs:
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
repository: github/docs-internal.popular-pages
# This works because user `docubot` has read access to that private repo.
token: ${{ secrets.DOCUBOT_REPO_PAT }}
# This works because user `docs-bot` has read access to that private repo.
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
path: popular-pages
- uses: ./.github/actions/setup-elasticsearch

4
.github/workflows/test.yml vendored
View File

@@ -88,7 +88,7 @@ jobs:
- uses: ./.github/actions/get-docs-early-access
if: ${{ github.repository == 'github/docs-internal' }}
with:
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
- name: Check the test fixture data (if applicable)
if: ${{ matrix.name == 'rendering-fixtures' }}
@@ -113,7 +113,7 @@ jobs:
if: ${{ matrix.name == 'translations' }}
uses: ./.github/actions/clone-translations
with:
token: ${{ secrets.DOCUBOT_REPO_PAT }}
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
- name: Gather files changed
if: ${{ matrix.name == 'linting' }}

6
.github/workflows/transfer-api-issue-to-openapi.yml vendored
View File

@@ -22,7 +22,7 @@ jobs:
uses: actions/github-script@98814c53be79b1d30f795b907e553d8679345975
id: triggered-by-member
with:
github-token: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
github-token: ${{secrets.DOCS_BOT_PAT_WORKFLOW_READORG}}
result-encoding: string
script: |
const triggerer_login = context.payload.sender.login
@@ -46,7 +46,7 @@ jobs:
- name: Comment on the old issue
run: gh issue comment $OLD_ISSUE --body "Thank you for opening this issue! Changes to the REST API schema can be requested in [github/rest-api-description](https://github.com/github/rest-api-description). I will transfer your issue over to that open source repo."
env:
GITHUB_TOKEN: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
GITHUB_TOKEN: ${{secrets.DOCS_BOT_PAT_WORKFLOW_READORG}}
OLD_ISSUE: ${{ github.event.issue.html_url }}
- name: Transfer the issue to the rest-api-description repo
@@ -54,5 +54,5 @@ jobs:
new_issue_url="$(gh issue transfer $OLD_ISSUE github/rest-api-description)"
echo 'NEW_ISSUE='$new_issue_url >> $GITHUB_ENV
env:
GITHUB_TOKEN: ${{secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES}}
GITHUB_TOKEN: ${{secrets.DOCS_BOT_PAT_WORKFLOW_READORG}}
OLD_ISSUE: ${{ github.event.issue.html_url }}

6
.github/workflows/translation-health-report.yml vendored
View File

@@ -63,15 +63,15 @@ jobs:
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
repository: github/docs-internal.popular-pages
# This works because user `docubot` has read access to that private repo.
token: ${{ secrets.DOCUBOT_REPO_PAT }}
# This works because user `docs-bot` has read access to that private repo.
token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
path: popular-pages
- name: Checkout the language-specific repo
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
repository: ${{ matrix.language_repo }}
token: ${{ secrets.DOCUBOT_READORG_REPO_WORKFLOW_SCOPES }}
token: ${{ secrets.DOCS_BOT_PAT_WORKFLOW_READORG }}
path: ${{ matrix.language_dir }}
- name: Get language SHA