From 3b534980490b163ed2ec480a74f6d73a478b9e49 Mon Sep 17 00:00:00 2001
From: Aaron Lu <50029043+aalu1418@users.noreply.github.com>
Date: Thu, 21 Mar 2024 10:33:03 -0600
Subject: [PATCH] fix: configure git creds (#633)

* fix permissions + add author

* remove: testing on push

* move GATI token to end
---
 .github/workflows/open-pr.yml | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/open-pr.yml b/.github/workflows/open-pr.yml
index 91b136ce0..1da1285af 100644
--- a/.github/workflows/open-pr.yml
+++ b/.github/workflows/open-pr.yml
@@ -14,16 +14,9 @@ jobs:
   create-commits-and-pr:
     permissions:
       id-token: write
-      contents: read
+      contents: write
     runs-on: ubuntu-latest
     steps:
-      - name: Setup GitHub Token
-        id: token
-        uses: smartcontractkit/.github/actions/setup-github-token@9e7cc0779934cae4a9028b8588c9adb64d8ce68c # setup-github-token@0.1.0
-        with:
-          aws-role-arn: ${{ secrets.AWS_OIDC_CHAINLINK_SOLANA_CICD_TOKEN_ISSUER_ROLE_ARN }}
-          aws-lambda-url: ${{ secrets.AWS_RELENG_TEAM_GATI_LAMBDA_URL }}
-          aws-region: ${{ secrets.AWS_REGION }}
       - uses: actions/checkout@v3 # checkout branch that it is called from
       - uses: actions/setup-go@v3
         with:
@@ -40,7 +33,7 @@ jobs:
       - name: Check if changes + PR exists
         id: check
         env:
-          GITHUB_TOKEN: ${{ steps.token.outputs.access-token }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           prs=$(gh pr list \
               --repo "$GITHUB_REPOSITORY" \
@@ -66,13 +59,21 @@ jobs:
           repo: ${{ github.repository }}
           branch: "${{ steps.run.outputs.name }}" 
         env:
-          GITHUB_TOKEN: ${{ steps.token.outputs.access-token }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: "Cleanup branch"
         if: '!steps.check.outputs.skip'
         run: |
           git reset --hard
           git branch --set-upstream-to=origin/${{ steps.run.outputs.name }} 
           git pull
+      - name: Setup GitHub Token
+        if: '!steps.check.outputs.skip'
+        id: token
+        uses: smartcontractkit/.github/actions/setup-github-token@9e7cc0779934cae4a9028b8588c9adb64d8ce68c # setup-github-token@0.1.0
+        with:
+          aws-role-arn: ${{ secrets.AWS_OIDC_CHAINLINK_SOLANA_CICD_TOKEN_ISSUER_ROLE_ARN }}
+          aws-lambda-url: ${{ secrets.AWS_RELENG_TEAM_GATI_LAMBDA_URL }}
+          aws-region: ${{ secrets.AWS_REGION }}
       - name: Create pull request
         if: '!steps.check.outputs.skip'
         uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0