dbast
commented
1 year ago @xhochy Oh, I wasn't aware about the CI trigger issue. Thanks!
Closed dbast closed 1 year ago
dbast
commented
1 year ago @xhochy Oh, I wasn't aware about the CI trigger issue. Thanks!
By extending the scope of the per run temporaray default GitHub action token
GITHUB_TOKENthe need of using ssh keys for cloning/pushing updates is eliminated.So no need to manage an extra ssh anymore and this is also a security improvement as ssh keys could be leaked, while the token is only valid during the workflow runs.
This got possible via the changes announced here a while ago: https://github.blog/changelog/2021-04-20-github-actions-control-permissions-for-github_token/