Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 9 additions & 2 deletions .github/workflows/auto-add-ready-for-doc-review.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,18 @@ jobs:
- name: Check out repo
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0

- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
with:
app-id: ${{ secrets.DOCS_BOT_APP_ID }}
private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}

- name: Check team membership
id: membership_check
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
with:
github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
github-token: ${{ steps.app-token.outputs.token }}
script: |
try {
await github.rest.teams.getMembershipForUserInOrg({
Expand All @@ -48,7 +55,7 @@ jobs:
- name: Add ready-for-doc-review label
if: steps.membership_check.outputs.result == 'false'
env:
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_BASE }}
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
PR_URL: ${{ github.event.pull_request.html_url }}
run: |
gh pr edit $PR_URL --add-label ready-for-doc-review
4 changes: 2 additions & 2 deletions .github/workflows/changelog-agent.yml
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ jobs:
app-id: ${{ secrets.DOCS_BOT_APP_ID }}
private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}
owner: github
repositories: docs-internal,docs-content
repositories: docs-internal,docs-content,docs-engineering

- name: Resolve PR data
id: resolve_pr
Expand Down Expand Up @@ -753,4 +753,4 @@ jobs:
- uses: ./.github/actions/create-workflow-failure-issue
if: ${{ failure() && github.event_name != 'workflow_dispatch' }}
with:
token: ${{ secrets.DOCS_BOT_PAT_BASE }}
token: ${{ steps.app-token.outputs.token }}
11 changes: 9 additions & 2 deletions .github/workflows/changelog-prompt.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,18 @@ jobs:
runs-on: ubuntu-latest

steps:
- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
with:
app-id: ${{ secrets.DOCS_BOT_APP_ID }}
private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}

- name: Check if PR author is in docs-content team
id: check_team
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
with:
github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
github-token: ${{ steps.app-token.outputs.token }}
script: |
try {
const pr = context.payload.pull_request;
Expand All @@ -43,7 +50,7 @@ jobs:

uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
with:
github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
github-token: ${{ steps.app-token.outputs.token }}
script: |
// Get PR author username
const pr = context.payload.pull_request;
Expand Down
9 changes: 8 additions & 1 deletion .github/workflows/check-for-spammy-issues.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,16 @@ jobs:
if: github.repository == 'github/docs'
runs-on: ubuntu-latest
steps:
- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
with:
app-id: ${{ secrets.DOCS_BOT_APP_ID }}
private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}

- uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3
with:
github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
github-token: ${{ steps.app-token.outputs.token }}
script: |

const issue = context.payload.issue
Expand Down
9 changes: 8 additions & 1 deletion .github/workflows/close-bad-repo-sync-prs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,10 +21,17 @@ jobs:
name: Close if invalid repo-sync PR author
runs-on: ubuntu-latest
steps:
- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
with:
app-id: ${{ secrets.DOCS_BOT_APP_ID }}
private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}

- name: Close pull request if unwanted
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3
with:
github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
github-token: ${{ steps.app-token.outputs.token }}
script: |
const { owner, repo } = context.repo
const prCreator = context.actor
Expand Down
11 changes: 10 additions & 1 deletion .github/workflows/confirm-internal-staff-work-in-docs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,12 +23,21 @@ jobs:
continue-on-error: true
if: github.repository == 'github/docs' && github.actor != 'docs-bot'
steps:
- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
with:
app-id: ${{ secrets.DOCS_BOT_APP_ID }}
private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}
owner: github
repositories: ${{ secrets.TEAM_CONTENT_REPO }}

- id: membership_check
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3
env:
TEAM_CONTENT_REPO: ${{ secrets.TEAM_CONTENT_REPO }}
with:
github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
github-token: ${{ steps.app-token.outputs.token }}
script: |
// Only perform this action with GitHub employees
try {
Expand Down
15 changes: 12 additions & 3 deletions .github/workflows/content-pipelines.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,15 @@ jobs:

- uses: ./.github/actions/node-npm-setup

- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
with:
app-id: ${{ secrets.DOCS_BOT_APP_ID }}
private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}
owner: github
repositories: docs-internal,copilot-cli-generated-docs,docs-engineering

- name: Install Copilot CLI
run: npm install -g @github/copilot@prerelease

Expand Down Expand Up @@ -92,7 +101,7 @@ jobs:

- name: Run content pipeline update script
env:
GH_TOKEN: ${{ secrets.DOCS_BOT_PAT_BASE }}
GH_TOKEN: ${{ steps.app-token.outputs.token }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
COPILOT_GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_COPILOT }}
run: npx tsx src/content-pipelines/scripts/update.ts --id "${{ matrix.id }}"
Expand Down Expand Up @@ -140,7 +149,7 @@ jobs:
- name: Create or update PR
if: steps.commit.outputs.has_changes == 'true'
env:
GH_TOKEN: ${{ secrets.DOCS_BOT_PAT_BASE }}
GH_TOKEN: ${{ steps.app-token.outputs.token }}
UPDATE_BRANCH: ${{ steps.branch.outputs.update_branch }}
PIPELINE_ID: ${{ matrix.id }}
SOURCE_REPO: ${{ steps.source-info.outputs.source_repo }}
Expand Down Expand Up @@ -195,4 +204,4 @@ jobs:
- uses: ./.github/actions/create-workflow-failure-issue
if: ${{ failure() && github.event_name != 'workflow_dispatch' }}
with:
token: ${{ secrets.DOCS_BOT_PAT_BASE }}
token: ${{ steps.app-token.outputs.token }}
19 changes: 14 additions & 5 deletions .github/workflows/copy-api-issue-to-internal.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,20 @@ jobs:
runs-on: ubuntu-latest
if: github.event.label.name == 'fix-internally' && github.repository == 'github/docs'
steps:
- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
with:
app-id: ${{ secrets.DOCS_BOT_APP_ID }}
private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}
owner: github
repositories: docs,docs-content

- name: Check if this run was triggered by a member of the docs team
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3
id: triggered-by-member
with:
github-token: ${{secrets.DOCS_BOT_PAT_BASE}}
github-token: ${{ steps.app-token.outputs.token }}
result-encoding: string
script: |
const triggerer_login = context.payload.sender.login
Expand Down Expand Up @@ -50,26 +59,26 @@ jobs:
Copied to this repo by the [$GITHUB_WORKFLOW workflow run]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID)." --repo github/docs-content --label "workflow-generated")"
echo 'NEW_ISSUE='$new_issue_url >> $GITHUB_ENV
env:
GITHUB_TOKEN: ${{secrets.DOCS_BOT_PAT_BASE}}
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
ISSUE_TITLE: ${{ github.event.issue.title }}
ISSUE_BODY: ${{ github.event.issue.body }}

- name: Comment on the old issue
run: gh issue comment $OLD_ISSUE --body "Thank you for opening this issue! Updates to this documentation must be made internally. I have copied your issue to an internal issue, so I will close this issue."
env:
GITHUB_TOKEN: ${{secrets.DOCS_BOT_PAT_BASE}}
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
OLD_ISSUE: ${{ github.event.issue.html_url }}

- name: Close the old issue
run: gh issue close $OLD_ISSUE
env:
GITHUB_TOKEN: ${{secrets.DOCS_BOT_PAT_BASE}}
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
OLD_ISSUE: ${{ github.event.issue.html_url }}

- name: Comment on the new issue
run: gh issue comment $NEW_ISSUE --body "This issue was originally opened in the open source repo as $OLD_ISSUE"
env:
GITHUB_TOKEN: ${{secrets.DOCS_BOT_PAT_BASE}}
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
NEW_ISSUE: ${{ env.NEW_ISSUE }}
OLD_ISSUE: ${{ github.event.issue.html_url }}

Expand Down
19 changes: 14 additions & 5 deletions .github/workflows/create-changelog-pr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,15 @@ jobs:
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0

- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
with:
app-id: ${{ secrets.DOCS_BOT_APP_ID }}
private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}
owner: github
repositories: docs-internal,docs-engineering

- name: 'Ensure ${{ env.CHANGELOG_FILE }} exists'
run: |
if [ ! -f ${{ env.CHANGELOG_FILE }} ]; then
Expand All @@ -36,7 +45,7 @@ jobs:
id: hubber_check
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3
with:
github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
github-token: ${{ steps.app-token.outputs.token }}
script: |
try {
await github.rest.teams.getMembershipForUserInOrg({
Expand Down Expand Up @@ -108,7 +117,7 @@ jobs:
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3
id: create_pull_request
with:
github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
github-token: ${{ steps.app-token.outputs.token }}
script: |
const { data: pullRequest } = await github.rest.pulls.create({
owner: context.repo.owner,
Expand All @@ -129,7 +138,7 @@ jobs:
# Get the number of the PR that was just created:
PULL_REQUEST_NUMBER: ${{ steps.create_pull_request.outputs.pull-request-number }}
with:
github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
github-token: ${{ steps.app-token.outputs.token }}
script: |
await github.rest.issues.addLabels({
owner: context.repo.owner,
Expand All @@ -145,7 +154,7 @@ jobs:
# Reuse the PR number captured earlier
PULL_REQUEST_NUMBER: ${{ steps.create_pull_request.outputs.pull-request-number }}
with:
github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
github-token: ${{ steps.app-token.outputs.token }}
script: |
try {
const username = context.payload.comment.user.login;
Expand All @@ -167,4 +176,4 @@ jobs:
- uses: ./.github/actions/create-workflow-failure-issue
if: ${{ failure() && github.event_name != 'workflow_dispatch' }}
with:
token: ${{ secrets.DOCS_BOT_PAT_BASE }}
token: ${{ steps.app-token.outputs.token }}
13 changes: 11 additions & 2 deletions .github/workflows/docs-review-collect.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,11 +31,20 @@ jobs:
- name: Install dependencies
run: npm ci

- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
with:
app-id: ${{ secrets.DOCS_BOT_APP_ID }}
private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}
owner: github
repositories: audit-log-allowlists,docs-engineering

- name: Run script for audit-log-allowlists
run: |
npm run fr-add-docs-reviewers-requests
env:
TOKEN: ${{ secrets.DOCS_BOT_PAT_BASE }}
TOKEN: ${{ steps.app-token.outputs.token }}
PROJECT_NUMBER: 2936
ORGANIZATION: 'github'
REPO: 'audit-log-allowlists'
Expand All @@ -50,4 +59,4 @@ jobs:
- uses: ./.github/actions/create-workflow-failure-issue
if: ${{ failure() && github.event_name != 'workflow_dispatch' }}
with:
token: ${{ secrets.DOCS_BOT_PAT_BASE }}
token: ${{ steps.app-token.outputs.token }}
11 changes: 9 additions & 2 deletions .github/workflows/feedback-prompt.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,18 @@ jobs:
runs-on: ubuntu-latest

steps:
- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
with:
app-id: ${{ secrets.DOCS_BOT_APP_ID }}
private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}

- name: Check if PR author is in docs-content team
id: check_team
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
with:
github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
github-token: ${{ steps.app-token.outputs.token }}
script: |
try {
const pr = context.payload.pull_request;
Expand All @@ -43,7 +50,7 @@ jobs:

uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
with:
github-token: ${{ secrets.DOCS_BOT_PAT_BASE }}
github-token: ${{ steps.app-token.outputs.token }}
script: |
const pr = context.payload.pull_request;
const prAuthor = pr.user.login;
Expand Down
9 changes: 8 additions & 1 deletion .github/workflows/first-responder-v2-prs-collect.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,12 +26,19 @@ jobs:
- name: Checkout repository
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0

- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
with:
app-id: ${{ secrets.DOCS_BOT_APP_ID }}
private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}

# Add to the FR project
# and set type to "Maintenance"
# and set date to now
- name: Triage to docs-content FR project
env:
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_BASE }}
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
PR_URL: ${{ github.event.pull_request.html_url }}
PROJECT_NUMBER: 11672
PROJECT_ID: PVT_kwDNJr_OAGNkBg
Expand Down
13 changes: 12 additions & 1 deletion .github/workflows/generate-code-scanning-query-lists.yml
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,10 @@ jobs:
- uses: ./.github/actions/install-cocofix
with:
# The Docs Engineering Bot app cannot read the org-scoped
# @github/cocofix package (its Packages permission is repo-level
# only), so this step keeps using the PAT until the app is granted
# organization package read access.
token: ${{ secrets.DOCS_BOT_PAT_BASE }}

- name: Build code scanning security query lists
Expand Down Expand Up @@ -199,9 +203,16 @@ jobs:
run: |
git diff
- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
with:
app-id: ${{ secrets.DOCS_BOT_APP_ID }}
private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}

- name: Create pull request
env:
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_BASE }}
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
DRY_RUN: ${{ github.event_name == 'pull_request'}}
shell: bash
run: |
Expand Down
Loading
Loading