Skip to content

Commit 6db94c1

Browse files
kewischcoreycb
authored andcommitted
Merge pull request #8960 from kewisch/botmobile
Use botmobile for commenting
1 parent aaf1bfe commit 6db94c1

9 files changed

Lines changed: 145 additions & 60 deletions

.github/workflows/daily_builds.yml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,5 +14,4 @@ jobs:
1414
uses: ./.github/workflows/shippable_builds.yml
1515
secrets: inherit
1616
permissions:
17-
contents: write # For release bumps
1817
id-token: write # For GCS publishing (ftp.mo)

.github/workflows/deploy-docs.yml

Lines changed: 18 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -10,20 +10,30 @@ on:
1010

1111
workflow_dispatch:
1212

13-
permissions:
14-
contents: write
15-
1613
concurrency:
1714
group: "pages"
1815
cancel-in-progress: false
1916

17+
18+
environment: botmobile
19+
2020
jobs:
2121
build-docs:
2222
if: ${{ github.repository_owner == 'thunderbird' }}
2323
runs-on: ubuntu-latest
2424
steps:
25+
- name: App token generate
26+
uses: actions/create-github-app-token@21cfef2b496dd8ef5b904c159339626a10ad380e # v1.11.6
27+
if: ${{ vars.BOT_CLIENT_ID }}
28+
id: app-token
29+
with:
30+
app-id: ${{ vars.BOT_CLIENT_ID }}
31+
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
32+
2533
- name: Checkout
2634
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
35+
with:
36+
token: ${{ steps.app-token.outputs.token || github.token }}
2737

2838
- name: Cargo cache
2939
uses: actions-rust-lang/setup-rust-toolchain@9399c7bb15d4c7d47b27263d024f0a4978346ba4 # v1.11.0
@@ -44,9 +54,12 @@ jobs:
4454
rm book/docs/latest/install.sh
4555
4656
- name: Deploy docs to gh-pages
57+
env:
58+
APP_SLUG: ${{ steps.app-token.outputs.app-slug || 'github-actions'}}
59+
APP_USER_ID: ${{ vars.BOT_USER_ID || '41898282' }}
4760
run: |
48-
git config --global user.name "github-actions[bot]"
49-
git config --global user.email "github-actions[bot]@users.noreply.github.com"
61+
git config --global user.name "${APP_SLUG}"
62+
git config --global user.email "${APP_USER_ID}+${APP_SLUG}[bot]@users.noreply.github.com"
5063
5164
# Fetch the gh-pages branch
5265
git fetch origin gh-pages || git checkout --orphan gh-pages

.github/workflows/needinfo-answered.yml

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,8 @@ on:
1010
permissions:
1111
issues: write
1212

13+
environment: botmobile
14+
1315
jobs:
1416
build:
1517
runs-on: ubuntu-latest
@@ -20,9 +22,17 @@ jobs:
2022
issues: write
2123
pull-requests: write
2224
steps:
25+
- name: App token generate
26+
uses: actions/create-github-app-token@21cfef2b496dd8ef5b904c159339626a10ad380e # v1.11.6
27+
if: ${{ vars.BOT_CLIENT_ID }}
28+
id: app-token
29+
with:
30+
app-id: ${{ vars.BOT_CLIENT_ID }}
31+
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
32+
2333
- name: Remove answered label if both exist
2434
env:
2535
ISSUE_NUMBER: ${{ github.event.issue.number }}
26-
GH_TOKEN: ${{ github.token }}
36+
GH_TOKEN: ${{ steps.app-token.outputs.token || github.token }}
2737
run: |
2838
gh issue edit $ISSUE_NUMBER --repo "$GITHUB_REPOSITORY" --remove-label "status: answered"

.github/workflows/needinfo-remove.yml

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,8 @@ permissions:
1010
contents: read
1111
issues: write
1212

13+
environment: botmobile
14+
1315
jobs:
1416
build:
1517
runs-on: ubuntu-latest
@@ -22,9 +24,17 @@ jobs:
2224
issues: write
2325
pull-requests: write
2426
steps:
27+
- name: App token generate
28+
uses: actions/create-github-app-token@21cfef2b496dd8ef5b904c159339626a10ad380e # v1.11.6
29+
if: ${{ vars.BOT_CLIENT_ID }}
30+
id: app-token
31+
with:
32+
app-id: ${{ vars.BOT_CLIENT_ID }}
33+
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
34+
2535
- name: Remove needinfo label and add answered label
2636
env:
2737
ISSUE_NUMBER: ${{ github.event.issue.number }}
28-
GH_TOKEN: ${{ github.token }}
38+
GH_TOKEN: ${{ steps.app-token.outputs.token || github.token }}
2939
run: |
3040
gh issue edit $ISSUE_NUMBER --repo "$GITHUB_REPOSITORY" --remove-label "status: needs information" --add-label "status: answered"

.github/workflows/needinfo-stale.yml

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,17 +10,27 @@ permissions:
1010
contents: read
1111
issues: write
1212

13+
environment: botmobile
14+
1315
jobs:
1416
build:
1517
runs-on: ubuntu-latest
1618
permissions:
1719
issues: write
1820
pull-requests: write
1921
steps:
22+
- name: App token generate
23+
uses: actions/create-github-app-token@21cfef2b496dd8ef5b904c159339626a10ad380e # v1.11.6
24+
if: ${{ vars.BOT_CLIENT_ID }}
25+
id: app-token
26+
with:
27+
app-id: ${{ vars.BOT_CLIENT_ID }}
28+
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
29+
2030
- name: Close old issues with the needinfo tag
21-
uses: imhoffd/needs-reply@71e8d5144caa0d4a1e292348bfafa3866d08c855 # v2.0.0
31+
uses: imhoffd/needs-reply@71e8d5144caa0d4a1e292348bfafa3866d08c855 # v2.0.0
2232
with:
23-
repo-token: ${{ secrets.GITHUB_TOKEN }}
33+
repo-token: ${{ steps.app-token.outputs.token || github.token }}
2434
issue-label: "status: needs information"
2535
days-before-close: 30
2636
close-message: >

.github/workflows/pulls-merged.yml

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -12,16 +12,26 @@ permissions:
1212
pull-requests: write
1313
issues: write
1414

15+
environment: botmobile
16+
1517
jobs:
1618
pull-request-merged:
1719
runs-on: ubuntu-latest
1820

1921
steps:
22+
- name: App token generate
23+
uses: actions/create-github-app-token@21cfef2b496dd8ef5b904c159339626a10ad380e # v1.11.6
24+
if: ${{ vars.BOT_CLIENT_ID }}
25+
id: app-token
26+
with:
27+
app-id: ${{ vars.BOT_CLIENT_ID }}
28+
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
29+
2030
- name: Get active milestone
2131
id: milestone
2232
env:
2333
PR_NUMBER: ${{ github.event.pull_request.number }}
24-
GH_TOKEN: ${{ github.token }}
34+
GH_TOKEN: ${{ steps.app-token.outputs.token || github.token }}
2535
run: |
2636
# The furthest open milestone in the future should be current main
2737
gh api repos/$GITHUB_REPOSITORY/milestones --jq '
@@ -39,7 +49,7 @@ jobs:
3949
github.event.pull_request.author_association != 'COLLABORATOR'
4050
env:
4151
PR_NUMBER: ${{ github.event.pull_request.number }}
42-
GH_TOKEN: ${{ github.token }}
52+
GH_TOKEN: ${{ steps.app-token.outputs.token || github.token }}
4353
MILESTONE: ${{ steps.milestone.outputs.title }}
4454
MESSAGE: >-
4555
Thanks for your contribution! Your pull request has been merged and will be part of
@@ -55,7 +65,7 @@ jobs:
5565
- name: Set active milestone on PR
5666
env:
5767
PR_NUMBER: ${{ github.event.pull_request.number }}
58-
GH_TOKEN: ${{ github.token }}
68+
GH_TOKEN: ${{ steps.app-token.outputs.token || github.token }}
5969
MILESTONE: ${{ steps.milestone.outputs.number }}
6070
run: |
6171
gh api --method PATCH /repos/$GITHUB_REPOSITORY/issues/$PR_NUMBER -f milestone=$MILESTONE

.github/workflows/shippable_builds.yml

Lines changed: 17 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -197,8 +197,6 @@ jobs:
197197
max-parallel: 1
198198
matrix:
199199
include: "${{ fromJSON(needs.dump_config.outputs.matrixInclude) }}"
200-
permissions:
201-
contents: write
202200
outputs:
203201
k9mail_sha: ${{ steps.commit.outputs.k9mail_sha }}
204202
thunderbird_sha: ${{ steps.commit.outputs.thunderbird_sha }}
@@ -207,11 +205,20 @@ jobs:
207205
old_version_code: ${{ steps.new_version_code.outputs.old_version_code }}
208206
new_version_code: ${{ steps.new_version_code.outputs.new_version_code }}
209207
steps:
208+
- name: App Token Generate
209+
uses: actions/create-github-app-token@21cfef2b496dd8ef5b904c159339626a10ad380e # v1.11.6
210+
if: ${{ vars.BOT_CLIENT_ID }}
211+
id: app-token
212+
with:
213+
app-id: ${{ vars.BOT_CLIENT_ID }}
214+
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
215+
210216
- name: Checkout repository
211217
if: ${{ contains(matrix.releaseTarget, 'github') || needs.dump_config.outputs.releaseType == 'daily' }}
212218
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
213219
with:
214220
fetch-depth: 0
221+
token: ${{ steps.app-token.outputs.token || github.token }}
215222

216223
- name: Copy CI gradle.properties
217224
if: ${{ contains(matrix.releaseTarget, 'github') || needs.dump_config.outputs.releaseType == 'daily' }}
@@ -369,9 +376,11 @@ jobs:
369376
APP_NAME: ${{ matrix.appName }}
370377
FULL_VERSION_NAME: ${{ steps.appinfo.outputs.VERSION_NAME }}${{ steps.bump_version_suffix.outputs.SUFFIX || steps.appinfo.outputs.VERSION_NAME_SUFFIX }}
371378
RELEASE_TYPE: ${{ vars.RELEASE_TYPE }}
379+
APP_SLUG: ${{ steps.app-token.outputs.app-slug || 'github-actions'}}
380+
APP_USER_ID: ${{ vars.BOT_USER_ID || '41898282' }}
372381
run: |
373-
git config --global user.name "GitHub Actions Bot"
374-
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
382+
git config --global user.name "${APP_SLUG}"
383+
git config --global user.email "${APP_USER_ID}+${APP_SLUG}[bot]@users.noreply.github.com"
375384
376385
# We need the metadata to point to the right application for the release commit
377386
set -x
@@ -756,12 +765,12 @@ jobs:
756765
ls -l uploads/${PKG_FILE_PRETTY}
757766
758767
- name: App Token Generate
759-
uses: actions/create-github-app-token@21cfef2b496dd8ef5b904c159339626a10ad380e # v1.11.6
760-
if: ${{ contains(matrix.releaseTarget, 'github') && vars.RELEASER_APP_CLIENT_ID }}
768+
uses: actions/create-github-app-token@21cfef2b496dd8ef5b904c159339626a10ad380e # v1.11.6
769+
if: ${{ contains(matrix.releaseTarget, 'github') && vars.BOT_CLIENT_ID }}
761770
id: app-token
762771
with:
763-
app-id: ${{ vars.RELEASER_APP_CLIENT_ID }}
764-
private-key: ${{ secrets.RELEASER_APP_PRIVATE_KEY }}
772+
app-id: ${{ vars.BOT_CLIENT_ID }}
773+
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
765774

766775
- name: Publish to GitHub Releases
767776
id: publish_gh

.github/workflows/uplift-merges.yml

Lines changed: 17 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -11,28 +11,41 @@ on:
1111
permissions:
1212
contents: read
1313

14+
environment: botmobile
15+
1416
jobs:
1517
uplift:
1618
name: Uplift
1719
runs-on: ubuntu-latest
1820
permissions:
1921
pull-requests: write
20-
contents: write
2122
steps:
23+
- name: App token generate
24+
uses: actions/create-github-app-token@21cfef2b496dd8ef5b904c159339626a10ad380e # v1.11.6
25+
if: ${{ !inputs.dryRun && vars.BOT_CLIENT_ID }}
26+
id: app-token
27+
with:
28+
app-id: ${{ vars.BOT_CLIENT_ID }}
29+
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
30+
2231
- name: Checkout repository
2332
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2433
with:
2534
fetch-depth: 0
35+
token: ${{ steps.app-token.outputs.token || github.token }}
2636

2737
- name: Configure for push
2838
if: ${{ !inputs.dryRun }}
39+
env:
40+
APP_SLUG: ${{ steps.app-token.outputs.app-slug || 'github-actions'}}
41+
APP_USER_ID: ${{ vars.BOT_USER_ID || '41898282' }}
2942
run: |
30-
git config --global user.name "GitHub Actions Bot"
31-
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
43+
git config --global user.name "${APP_SLUG}"
44+
git config --global user.email "${APP_USER_ID}+${APP_SLUG}[bot]@users.noreply.github.com"
3245
3346
- name: Run uplift script
3447
env:
35-
GH_TOKEN: ${{ github.token }}
48+
GH_TOKEN: ${{ steps.app-token.outputs.token || github.token }}
3649
DRYRUN: ${{ !inputs.dryRun && '--no-dry-run' || '' }}
3750
BRANCH: ${{ github.ref_name }}
3851
PUSH: ${{ !inputs.dryRun && '--push' || '' }}

0 commit comments

Comments
 (0)