Closed ALRubinger closed 3 months ago
Done in 5f1424ac8e3851d715368ff03f785bdb6a8d14e5
Man, this was a spectacular finding! Great job on this! Saved us a huuuuge headache avoiding to go to a new workflow with PRs that would need to be merged twice! 👏 👏 👏
This should allow this account only to bypass the
main
branch protections to push release commits tomain
. This is appropriate only in this case because:tbd-releases
account; this is for version management in thepom.xml
only while releasing and taggingtbd-releases
account is not shared amongst TBD ENG; constrained to a very small groupThis addresses the issue we are having now where releasing encounters errors:
https://github.com/TBD54566975/web5-kt/actions/runs/8593572310/job/23545262111#step:6:3973
The
tbd-releases
account should be able to push tomain
as defined by the config:Searching through audit log I discovered why this is failing:
Note
actorId
of41898282
. That maps to thegithub-actions[bot]
: https://api.github.com/user/41898282We have been thinking that we were trying to push using the
tbd-releases
Personal Access Token, and it's not.To fix, set this token in https://github.com/actions/checkout property
token
and see how that works.