Skip to content

Commit 2a2189b

Browse files
thpiercethpierce
authored
Use PAT in nightly build (#584)
See aws-observability/aws-otel-dotnet-instrumentation#307 By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
1 parent 7c4d60c commit 2a2189b

1 file changed

Lines changed: 18 additions & 4 deletions

File tree

.github/workflows/nightly-build.yml

Lines changed: 18 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -108,12 +108,28 @@ jobs:
108108
if: always() && needs.update-dependencies.outputs.has_changes == 'true'
109109
runs-on: ubuntu-latest
110110
steps:
111+
- name: Configure AWS credentials for BOT secrets
112+
uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0
113+
with:
114+
role-to-assume: ${{ secrets.AWS_ROLE_ARN_SECRETS_MANAGER }}
115+
aws-region: ${{ env.AWS_DEFAULT_REGION }}
116+
117+
- name: Get Bot secrets
118+
uses: aws-actions/aws-secretsmanager-get-secrets@a9a7eb4e2f2871d30dc5b892576fde60a2ecc802 #v2.0.10
119+
id: bot_secrets
120+
with:
121+
secret-ids: |
122+
BOT_TOKEN ,${{ secrets.BOT_TOKEN_SECRET_ARN }}
123+
parse-json-secrets: true
124+
111125
- name: Checkout repository
112126
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #5.0.0
113127
with:
114-
token: ${{ secrets.GITHUB_TOKEN }}
128+
token: ${{ env.BOT_TOKEN_GITHUB_RW_PATOKEN }}
115129

116130
- name: Create or update PR
131+
env:
132+
GITHUB_TOKEN: ${{ env.BOT_TOKEN_GITHUB_RW_PATOKEN }}
117133
run: |
118134
BUILD_STATUS="${{ needs.build-and-test.result }}"
119135
BUILD_EMOJI="${{ needs.build-and-test.result == 'success' && '✅' || '❌' }}"
@@ -145,8 +161,6 @@ jobs:
145161
--base main \
146162
--head "$BRANCH_NAME"
147163
fi
148-
env:
149-
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
150164
151165
publish-nightly-build-status:
152166
name: "Publish Nightly Build Status"
@@ -172,4 +186,4 @@ jobs:
172186
aws cloudwatch put-metric-data --namespace 'ADOT/GitHubActions' \
173187
--metric-name Failure \
174188
--dimensions repository=${{ github.repository }},branch=${{ github.ref_name }},workflow=nightly_build \
175-
--value $value
189+
--value $value

0 commit comments

Comments
 (0)