fix: github has a bug that it not allows to use secret as input value…

… on shared workflow
anolilab · Jul 3, 2024 · 5e6cddd · 5e6cddd
1 parent 449f330
commit 5e6cddd
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 22 deletions.
diff --git a/.github/workflows/lock-file-maintenance.md b/.github/workflows/lock-file-maintenance.md
@@ -22,24 +22,12 @@ This is used to ensure that the correct version of node.js is used when running
 
 -   This `input` is optional. (`type:string`, `default:18.x`)
 
-### commit-token
 
-This is used to commit and push changes to a protected branch.
-
--   This `input` is optional. (`type:string`)
-
-By creating a new [Personal Access Token (PAT)](https://github.com/settings/tokens/new), storing the token as a secret in your repository and then passing the new token to the Action step.
-
-```yml
-- uses: "anolilab/workflows/.github/workflows/lock-file-maintenance.yml@main"
-  permissions:
-      contents: "write" # commit and push
-      id-token: "write" # for checkout
-  with:
-      target-repo: "visulima/visulima"
-      commit-token: "${{ secrets.PAT }}"
-  secrets: "inherit"
-```
+> For protected branches, the action will need to be able to commit and push to the repository.
+>
+> By creating a new [Personal Access Token (PAT)](https://github.com/settings/tokens/new), storing the token as a secret in your repository and then passing the new token to the Action step.
+>
+> You need to save the token with the secret name `LOCK_MAINTENANCE_GITHUBG_TOKEN`
 
 ## Usage
 

diff --git a/.github/workflows/lock-file-maintenance.yml b/.github/workflows/lock-file-maintenance.yml
@@ -14,10 +14,6 @@ on: # yamllint disable-line rule:truthy
                 required: false
                 type: "string"
                 default: "18.x"
-            commit-token:
-                description: "The token that will be use for committing and pushing to a protected branch."
-                required: false
-                type: "string"
 
 permissions:
     contents: "read" # for checkout
@@ -39,7 +35,7 @@ jobs:
             - name: "Git checkout"
               uses: "actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332" # v4.1.7
               with:
-                  token: "${{ inputs.commit-token }}"
+                  token: "${{ secrets.LOCK_MAINTENANCE_GITHUBG_TOKEN }}"
               env:
                   GIT_COMMITTER_NAME: "GitHub Actions Shell"
                   GIT_AUTHOR_NAME: "GitHub Actions Shell"