mirror of
https://github.com/tiennm99/ccs.git
synced 2026-07-15 16:19:12 +00:00
Merge pull request #675 from kaitranntt/kai/hotfix-release-token
ci(release): use PAT_TOKEN for semantic-release branch protection bypass
This commit is contained in:
@@ -20,8 +20,9 @@ jobs:
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
# Always use the built-in workflow token; PAT rotation/breakage must not block releases.
|
||||
token: ${{ github.token }}
|
||||
# PAT_TOKEN required: semantic-release pushes version bump commits to main,
|
||||
# which needs branch protection bypass. github.token cannot push to protected branches.
|
||||
token: ${{ secrets.PAT_TOKEN }}
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v4
|
||||
@@ -49,10 +50,10 @@ jobs:
|
||||
id: release
|
||||
env:
|
||||
HUSKY: 0
|
||||
# Use built-in GITHUB_TOKEN for release + issue operations.
|
||||
# Checkout credentials are resolved above with PAT fallback.
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
# PAT_TOKEN bypasses branch protection so semantic-release can push
|
||||
# version bump + CHANGELOG commits directly to main
|
||||
GITHUB_TOKEN: ${{ secrets.PAT_TOKEN }}
|
||||
GH_TOKEN: ${{ secrets.PAT_TOKEN }}
|
||||
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
|
||||
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|
||||
run: |
|
||||
|
||||
Reference in New Issue
Block a user