@@ -197,8 +197,6 @@ jobs:
197197 max-parallel : 1
198198 matrix :
199199 include : " ${{ fromJSON(needs.dump_config.outputs.matrixInclude) }}"
200- permissions :
201- contents : write
202200 outputs :
203201 k9mail_sha : ${{ steps.commit.outputs.k9mail_sha }}
204202 thunderbird_sha : ${{ steps.commit.outputs.thunderbird_sha }}
@@ -207,11 +205,20 @@ jobs:
207205 old_version_code : ${{ steps.new_version_code.outputs.old_version_code }}
208206 new_version_code : ${{ steps.new_version_code.outputs.new_version_code }}
209207 steps :
208+ - name : App Token Generate
209+ uses : actions/create-github-app-token@21cfef2b496dd8ef5b904c159339626a10ad380e # v1.11.6
210+ if : ${{ vars.BOT_CLIENT_ID }}
211+ id : app-token
212+ with :
213+ app-id : ${{ vars.BOT_CLIENT_ID }}
214+ private-key : ${{ secrets.BOT_PRIVATE_KEY }}
215+
210216 - name : Checkout repository
211217 if : ${{ contains(matrix.releaseTarget, 'github') || needs.dump_config.outputs.releaseType == 'daily' }}
212218 uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
213219 with :
214220 fetch-depth : 0
221+ token : ${{ steps.app-token.outputs.token || github.token }}
215222
216223 - name : Copy CI gradle.properties
217224 if : ${{ contains(matrix.releaseTarget, 'github') || needs.dump_config.outputs.releaseType == 'daily' }}
@@ -369,9 +376,11 @@ jobs:
369376 APP_NAME : ${{ matrix.appName }}
370377 FULL_VERSION_NAME : ${{ steps.appinfo.outputs.VERSION_NAME }}${{ steps.bump_version_suffix.outputs.SUFFIX || steps.appinfo.outputs.VERSION_NAME_SUFFIX }}
371378 RELEASE_TYPE : ${{ vars.RELEASE_TYPE }}
379+ APP_SLUG : ${{ steps.app-token.outputs.app-slug || 'github-actions'}}
380+ APP_USER_ID : ${{ vars.BOT_USER_ID || '41898282' }}
372381 run : |
373- git config --global user.name "GitHub Actions Bot "
374- git config --global user.email "41898282+github-actions [bot]@users.noreply.github.com"
382+ git config --global user.name "${APP_SLUG} "
383+ git config --global user.email "${APP_USER_ID}+${APP_SLUG} [bot]@users.noreply.github.com"
375384
376385 # We need the metadata to point to the right application for the release commit
377386 set -x
@@ -756,12 +765,12 @@ jobs:
756765 ls -l uploads/${PKG_FILE_PRETTY}
757766
758767 - name : App Token Generate
759- uses : actions/create-github-app-token@21cfef2b496dd8ef5b904c159339626a10ad380e # v1.11.6
760- if : ${{ contains(matrix.releaseTarget, 'github') && vars.RELEASER_APP_CLIENT_ID }}
768+ uses : actions/create-github-app-token@21cfef2b496dd8ef5b904c159339626a10ad380e # v1.11.6
769+ if : ${{ contains(matrix.releaseTarget, 'github') && vars.BOT_CLIENT_ID }}
761770 id : app-token
762771 with :
763- app-id : ${{ vars.RELEASER_APP_CLIENT_ID }}
764- private-key : ${{ secrets.RELEASER_APP_PRIVATE_KEY }}
772+ app-id : ${{ vars.BOT_CLIENT_ID }}
773+ private-key : ${{ secrets.BOT_PRIVATE_KEY }}
765774
766775 - name : Publish to GitHub Releases
767776 id : publish_gh
0 commit comments