From 999c7f4305e86d7e761972593dffe70b66e24f2c Mon Sep 17 00:00:00 2001 From: Carlos Alexandro Becker Date: Sat, 27 Jun 2026 10:21:46 -0300 Subject: [PATCH] ci: use GORELEASER_APP_ID/GORELEASER_APP_KEY for dist rebuild Use the existing GoReleaser GitHub App secrets instead of dedicated DIST_REBUILD_* ones. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Signed-off-by: Carlos Alexandro Becker --- .github/workflows/rebuild-dist.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/rebuild-dist.yml b/.github/workflows/rebuild-dist.yml index 1bdac77..b1033bf 100644 --- a/.github/workflows/rebuild-dist.yml +++ b/.github/workflows/rebuild-dist.yml @@ -20,9 +20,9 @@ jobs: # not re-trigger checks. Pushing the dist commit therefore uses a GitHub App # token, which is repo-scoped and short-lived, and can re-run workflows. # Configure a GitHub App with contents:write on this repo and set its - # credentials as Dependabot secrets named DIST_REBUILD_APP_ID and - # DIST_REBUILD_APP_PRIVATE_KEY (Dependabot runs only expose Dependabot - # secrets). Until both exist this job is a no-op. + # credentials as Dependabot secrets named GORELEASER_APP_ID and + # GORELEASER_APP_KEY (Dependabot runs only expose Dependabot secrets). + # Until both exist this job is a no-op. rebuild-dist: if: github.actor == 'dependabot[bot]' runs-on: ubuntu-latest @@ -30,22 +30,22 @@ jobs: - name: Check app credentials id: app env: - DIST_REBUILD_APP_ID: ${{ secrets.DIST_REBUILD_APP_ID }} - DIST_REBUILD_APP_PRIVATE_KEY: ${{ secrets.DIST_REBUILD_APP_PRIVATE_KEY }} + GORELEASER_APP_ID: ${{ secrets.GORELEASER_APP_ID }} + GORELEASER_APP_KEY: ${{ secrets.GORELEASER_APP_KEY }} run: | - if [ -n "$DIST_REBUILD_APP_ID" ] && [ -n "$DIST_REBUILD_APP_PRIVATE_KEY" ]; then + if [ -n "$GORELEASER_APP_ID" ] && [ -n "$GORELEASER_APP_KEY" ]; then echo "available=true" >> "$GITHUB_OUTPUT" else echo "available=false" >> "$GITHUB_OUTPUT" - echo "::notice::DIST_REBUILD_APP_ID/DIST_REBUILD_APP_PRIVATE_KEY Dependabot secrets are not set; skipping automatic dist rebuild." + echo "::notice::GORELEASER_APP_ID/GORELEASER_APP_KEY Dependabot secrets are not set; skipping automatic dist rebuild." fi - name: Generate token if: steps.app.outputs.available == 'true' id: token uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 with: - app-id: ${{ secrets.DIST_REBUILD_APP_ID }} - private-key: ${{ secrets.DIST_REBUILD_APP_PRIVATE_KEY }} + app-id: ${{ secrets.GORELEASER_APP_ID }} + private-key: ${{ secrets.GORELEASER_APP_KEY }} - name: Checkout if: steps.app.outputs.available == 'true' uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3