Uses new syntax for setting environment variable to share data between steps within the update-mycroft-core job
Uses a dedicated bot account to create the PR's to minimize security risk of using a Personal Access Token within Github Secrets.
The longer story
The method I used to assign the VERSION environment variable has been deprecated due to a security vulnerability. This switches to the new syntax outlined here. Even with that change, the environment variable doesn't seem to be accessible between jobs, only between steps within the same job.
Description
outputs
to share data between jobsupdate-mycroft-core
jobThe longer story
The method I used to assign the
VERSION
environment variable has been deprecated due to a security vulnerability. This switches to the new syntax outlined here. Even with that change, the environment variable doesn't seem to be accessible between jobs, only between steps within the same job.During my reading, I also discovered that PR's generated directly by Github Actions apparently cannot trigger other Github Actions. So the use of a 3rd account is a recommended way of working around this: https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#triggering-further-workflow-runs
How to test
See Action output here:
CLA