Skip to content

Commit

Permalink
Merge pull request jupyterhub#2709 from consideRatio/pr/use-jupyterhu…
Browse files Browse the repository at this point in the history 
…b-bot-pat

ci: use jupyterhub-bot PAT to trigger github workflow on opened PRs
  • Loading branch information
@consideRatio
consideRatio authored May 18, 2022
2 parents 911e181 + cf1f0df commit a6d1b06
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 32 deletions.
7 changes: 1 addition & 6 deletions .github/workflows/vuln-scan.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,6 @@ jobs:
trivy_image_scan:
if: github.repository == 'jupyterhub/zero-to-jupyterhub-k8s'
runs-on: ubuntu-20.04
# Write permissions granted for the peter-evans/create-pull-request action
# to push to a branch and create/update a PR
permissions:
contents: write
pull-requests: write

strategy:
fail-fast: false
Expand Down Expand Up @@ -197,7 +192,7 @@ jobs:
if: steps.analyze.outputs.proceed == 'yes' && github.event_name != 'pull_request'
uses: peter-evans/create-pull-request@f094b77505fb89581e68a1163fbd2fffece39da1
with:
token: "${{ secrets.GITHUB_TOKEN }}"
token: "${{ secrets.jupyterhub_bot_pat }}"
author: jupyterhub vuln-scan bot <[email protected]>
reviewers: consideratio
branch: vuln-scan-${{ matrix.image_ref }}
Expand Down
28 changes: 2 additions & 26 deletions .github/workflows/watch-dependencies.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,12 +25,6 @@ jobs:
if: github.repository == 'jupyterhub/zero-to-jupyterhub-k8s'
runs-on: ubuntu-20.04

# Write permissions granted for the peter-evans/create-pull-request action
# to push to a branch and create/update a PR
permissions:
contents: write
pull-requests: write

strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -112,7 +106,7 @@ jobs:
if: steps.local.outputs.tag != steps.latest.outputs.tag
uses: peter-evans/[email protected]
with:
token: "${{ secrets.github_token }}"
token: "${{ secrets.jupyterhub_bot_pat }}"
branch: update-image-${{ matrix.name }}
labels: maintenance,dependencies
commit-message: Update ${{ matrix.repository }} version from ${{ steps.local.outputs.tag }} to ${{ steps.latest.outputs.tag }}
Expand All @@ -121,23 +115,11 @@ jobs:
A new ${{ matrix.repository }} image version has been detected, version
`${{ steps.latest.outputs.tag }}`.
Please close and reopen this PR to run tests for now. This PR was
opened with a `secrets.github_token` and will therefore not trigger
other workflows to run. This can be resolved if we create a bot
account and use its personal access token instead.
update-jupyterhub-dependencies:
# Don't run this job on forks
if: github.repository == 'jupyterhub/zero-to-jupyterhub-k8s'
runs-on: ubuntu-20.04

# Write permissions granted for the peter-evans/create-pull-request action
# to push to a branch and create/update a PR
permissions:
contents: write
pull-requests: write

steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v3
Expand Down Expand Up @@ -180,17 +162,11 @@ jobs:
if: steps.local.outputs.version != steps.latest.outputs.version
uses: peter-evans/[email protected]
with:
token: "${{ secrets.github_token }}"
token: "${{ secrets.jupyterhub_bot_pat }}"
branch: update-jupyterhub
labels: maintenance,dependencies
commit-message: Update jupyterhub from ${{ steps.local.outputs.version }} to ${{ steps.latest.outputs.version }}
title: Update jupyterhub from ${{ steps.local.outputs.version }} to ${{ steps.latest.outputs.version }}
body: >-
A new jupyterhub version has been detected, version
`${{ steps.latest.outputs.version }}`.
Please close and reopen this PR to run tests for now. This PR was
opened with a `secrets.github_token` and will therefore not trigger
other workflows to run. This can be resolved if we create a bot
account and use its personal access token instead.

0 comments on commit a6d1b06

Please sign in to comment.