Thanks to visit codestin.com
Credit goes to github.com

Skip to content

workflows/issue-release-workflow: Use GitHub app for generating tokens#193825

Open
tstellar wants to merge 1 commit intollvm:mainfrom
tstellar:issue-release-workflow-app
Open

workflows/issue-release-workflow: Use GitHub app for generating tokens#193825
tstellar wants to merge 1 commit intollvm:mainfrom
tstellar:issue-release-workflow-app

Conversation

@tstellar
Copy link
Copy Markdown
Collaborator

@tstellar tstellar commented Apr 23, 2026

This will allow us to eliminate the RELEASE_WORKFLOW_PR_CREATE secret.

@tstellar
workflows/issue-release-workflow: Use GitHub app for generating tokens
5aa72b3 
This will allow us to eliminate the RELEASE_WORKFLOW_PR_CREATE secret.
@llvmbot
Copy link
Copy Markdown
Member

llvmbot commented Apr 23, 2026

@llvm/pr-subscribers-github-workflow

Author: Tom Stellard (tstellar)

Changes

This will allow us to eliminate the RELEASE_WORKFLOW_PR_CREATE secret.

Full diff: https://github.com/llvm/llvm-project/pull/193825.diff

1 Files Affected:

  • (modified) .github/workflows/issue-release-workflow.yml (+13-1)
diff --git a/.github/workflows/issue-release-workflow.yml b/.github/workflows/issue-release-workflow.yml
index f1d2c1a29971b..828be902f321f 100644
--- a/.github/workflows/issue-release-workflow.yml
+++ b/.github/workflows/issue-release-workflow.yml
@@ -57,12 +57,24 @@ jobs:
           pip install --require-hashes -r ./llvm/utils/git/requirements.txt
           ./llvm/utils/git/github-automation.py --token ${{ github.token }} setup-llvmbot-git
 
+      - id: app-token
+        uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf  #v2.2.1
+        with:
+          app-id: ${{ secrets.LLVM_TOKEN_GENERATOR_CLIENT_ID }}
+          private-key: ${{ secrets.LLVM_TOKEN_GENERATOR_PRIVATE_KEY }}
+          owner: ${{ github.repository_owner }}
+          permission-organization-projects: write
+          permission-pull-requests: write
+          permission-issues: write
+
       - name: Backport Commits
+        env:
+          RELEASE_WORKFLOW_PR_CREATE_TOKEN: ${{ steps.app-token.outputs.token }}
         run: |
           printf "%s" "$COMMENT_BODY" |
           ./llvm/utils/git/github-automation.py \
           --repo "$GITHUB_REPOSITORY" \
-          --token "${{ secrets.RELEASE_WORKFLOW_PR_CREATE }}" \
+          --token "$RELEASE_WORKFLOW_PR_CREATE_TOKEN" \
           release-workflow \
           --branch-repo-token ${{ secrets.RELEASE_WORKFLOW_PUSH_SECRET }} \
           --issue-number ${{ github.event.issue.number }} \

boomanaiden154
boomanaiden154 approved these changes Apr 23, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@boomanaiden154 boomanaiden154 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@boomanaiden154 boomanaiden154 boomanaiden154 approved these changes

@tru tru Awaiting requested review from tru

@c-rhodes c-rhodes Awaiting requested review from c-rhodes

@dyung dyung Awaiting requested review from dyung

Assignees

No one assigned

Labels

github:workflow

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tstellar @llvmbot @boomanaiden154