24
24
required : false
25
25
type : string
26
26
secrets :
27
+ github_app_id :
28
+ description : Github App ID to authenticate with
29
+ required : false
30
+ github_app_pem :
31
+ description : GitHub APP pem to authenticate with
32
+ required : false
27
33
helm_repo_token :
28
34
description : GitHub api token to use against the helm-charts repository
29
- required : true
35
+ required : false
30
36
31
37
env :
32
38
CR_CONFIGFILE : " ${{ github.workspace }}/source/${{ inputs.cr_configfile }}"
87
93
release :
88
94
needs : [ setup ]
89
95
runs-on : ubuntu-latest
96
+ env :
97
+ github_app_id : ${{ secrets.github_app_id }}
90
98
if : needs.setup.outputs.changed == 'true'
91
99
steps :
100
+ - name : Create a GitHub App installation access token
101
+ if : env.github_app_id != ''
102
+ uses : tibdex/github-app-token@v2
103
+ id : app-token
104
+ with :
105
+ app_id : ${{ secrets.github_app_id }}
106
+ private_key : ${{ secrets.github_app_pem }}
107
+
108
+ - name : Set the correct token (Github App or PAT)
109
+ run : |
110
+ if [[ "${{ env.github_app_id }}" == '' ]]; then
111
+ echo "AUTHTOKEN=${{ secrets.helm_repo_token }}" >> $GITHUB_ENV
112
+ else
113
+ echo "AUTHTOKEN=${{ steps.app-token.outputs.token }}" >> $GITHUB_ENV
114
+ fi
115
+
92
116
- name : Checkout
93
117
uses : actions/checkout@v2
94
118
with :
@@ -108,7 +132,7 @@ jobs:
108
132
fetch-depth : 0
109
133
repository : grafana/helm-charts
110
134
path : helm-charts
111
- token : ${{ secrets.helm_repo_token }}
135
+ token : ${{ env.AUTHTOKEN }}
112
136
113
137
- name : Configure Git for helm-charts
114
138
run : |
@@ -188,7 +212,7 @@ jobs:
188
212
${{ env.CR_PACKAGE_PATH }}/${{ steps.parse-chart.outputs.packagename }}.tgz.prov
189
213
repository : grafana/helm-charts
190
214
tag_name : ${{ steps.parse-chart.outputs.tagname }}
191
- token : ${{ secrets.helm_repo_token }}
215
+ token : ${{ env.AUTHTOKEN }}
192
216
193
217
- name : Push release tag on origin
194
218
run : |
@@ -199,4 +223,4 @@ jobs:
199
223
- name : Update helm repo index.yaml
200
224
run : |
201
225
cd helm-charts
202
- "${CR_TOOL_PATH}/cr" index --config "${CR_CONFIGFILE}" --token "${{ secrets.helm_repo_token }}" --index-path "${CR_INDEX_PATH}" --package-path "${CR_PACKAGE_PATH}" --push
226
+ "${CR_TOOL_PATH}/cr" index --config "${CR_CONFIGFILE}" --token "${{ env.AUTHTOKEN }}" --index-path "${CR_INDEX_PATH}" --package-path "${CR_PACKAGE_PATH}" --push
0 commit comments