Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: Use GitHub App authentication to checkout nillion repo #55

Merged
merged 1 commit into from
Nov 15, 2024
Merged

ci: Use GitHub App authentication to checkout nillion repo #55

merged 1 commit into from
Nov 15, 2024

Conversation

jwolski2
Copy link
Contributor

@jwolski2 jwolski2 commented Nov 15, 2024
edited by navasvarela
Loading

Changes

This commit switches the build.yml workflow over to use GitHub App tokens to checkout the nillion repo (private) instead of relying on PATs, which expire and have to be manually rotated.

Instead, I created a GitHub App named "Nillion Repo" at the org-level. I gave the app read-only access to the nillion repo. And I added the app's ID and private key to the nada-dsl repo:

  • As a variable: NILLION_REPO_APP_ID
  • And as a secret: NILLION_REPO_APP_PRIVATE_KEY

Merge requirement checklist

  • CONTRIBUTING guidelines followed
  • Unit tests added/updated (if applicable)
  • Backwards compatibility analysis completed (if applicable). "Will this change require recompilation and upload of user programs?"

@jwolski2 jwolski2 requested a review from a team as a code owner November 15, 2024 08:04
@jwolski2 jwolski2 changed the title chore: Use GitHub App authentication to generate "checkout tokens" ci: Use GitHub App authentication to generate "checkout tokens" Nov 15, 2024
@jwolski2 jwolski2 changed the title ci: Use GitHub App authentication to generate "checkout tokens" ci: Use GitHub App authentication to checkout nillion repo Nov 15, 2024
@jwolski2
ci: Use GitHub App authentication to checkout nillion repo
8cad30d 
This commit switches the `build.yml` workflow over to use GitHub App
tokens to checkout the nillion repo (private) instead of relying on
PATs, which expire and have to be manually rotated.

Instead, I created a GitHub App named "Nillion Repo" at the org-level. I
gave the app read-only access to the nillion repo. And I added the app's
ID and private key to the nada-dsl repo:

* As a variable: `NILLION_REPO_APP_ID`
* And as a secret: `NILLION_REPO_APP_PRIVATE_KEY`
@navasvarela navasvarela merged commit 12eec64 into main Nov 15, 2024
4 checks passed
@navasvarela navasvarela deleted the chore/use-github-app-auth branch November 15, 2024 08:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@navasvarela navasvarela navasvarela approved these changes

@lumasepa lumasepa Awaiting requested review from lumasepa

@cmacrae cmacrae Awaiting requested review from cmacrae

@nil-rocha nil-rocha Awaiting requested review from nil-rocha

@Jmgr Jmgr Awaiting requested review from Jmgr Jmgr is a code owner automatically assigned from NillionNetwork/lcx

@manel1874 manel1874 Awaiting requested review from manel1874 manel1874 is a code owner automatically assigned from NillionNetwork/lcx

@jcabrero jcabrero Awaiting requested review from jcabrero jcabrero is a code owner automatically assigned from NillionNetwork/lcx

@pablojhl pablojhl Awaiting requested review from pablojhl pablojhl is a code owner automatically assigned from NillionNetwork/lcx

@nilmemo nilmemo Awaiting requested review from nilmemo nilmemo is a code owner automatically assigned from NillionNetwork/lcx

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jwolski2 @navasvarela