File tree Expand file tree Collapse file tree 3 files changed +57
-21
lines changed
Expand file tree Collapse file tree 3 files changed +57
-21
lines changed Original file line number Diff line number Diff line change @@ -47,21 +47,33 @@ jobs:
4747 exit 1
4848 fi
4949
50- name : Trigger private workflow
50+ name : Parse reviewer repository
51+ id : parse-repo
5152 env :
52- GH_TOKEN : ${{ secrets.SECURITY_REVIEW_APP_TOKEN }}
5353 REVIEWER_REPOSITORY : ${{ secrets.REVIEWER_REPOSITORY }}
5454 run : |
5555 set -euo pipefail
56-
57- if [ -z "${GH_TOKEN:-}" ]; then
58- echo "SECURITY_REVIEW_APP_TOKEN secret is required" >&2
59- exit 1
60- fi
6156 if [ -z "${REVIEWER_REPOSITORY:-}" ]; then
6257 echo "REVIEWER_REPOSITORY secret is required" >&2
6358 exit 1
6459 fi
60+ echo "name=${REVIEWER_REPOSITORY#*/}" >> "$GITHUB_OUTPUT"
61+
62+ name : Create GitHub App token
63+ id : app-token
64+ uses : actions/create-github-app-token@v1
65+ with :
66+ app-id : ${{ vars.MCP_REGISTRY_BOT_APP_ID }}
67+ private-key : ${{ secrets.MCP_REGISTRY_BOT_PRIVATE_KEY }}
68+ owner : docker
69+ repositories : ${{ steps.parse-repo.outputs.name }}
70+
71+ - name : Trigger private workflow
72+ env :
73+ GH_TOKEN : ${{ steps.app-token.outputs.token }}
74+ REVIEWER_REPOSITORY : ${{ secrets.REVIEWER_REPOSITORY }}
75+ run : |
76+ set -euo pipefail
6577
6678 payload=$(jq -n \
6779 --arg pr "${{ github.event.inputs.pull_request_number }}" \
Original file line number Diff line number Diff line change @@ -35,21 +35,33 @@ jobs:
3535 permissions :
3636 contents : read
3737 steps :
38- - name : Trigger private workflow
38+ - name : Parse reviewer repository
39+ id : parse-repo
3940 env :
40- GH_TOKEN : ${{ secrets.SECURITY_REVIEW_APP_TOKEN }}
4141 REVIEWER_REPOSITORY : ${{ secrets.REVIEWER_REPOSITORY }}
4242 run : |
4343 set -euo pipefail
44-
45- if [ -z "${GH_TOKEN:-}" ]; then
46- echo "SECURITY_REVIEW_APP_TOKEN secret is required" >&2
47- exit 1
48- fi
4944 if [ -z "${REVIEWER_REPOSITORY:-}" ]; then
5045 echo "REVIEWER_REPOSITORY secret is required" >&2
5146 exit 1
5247 fi
48+ echo "name=${REVIEWER_REPOSITORY#*/}" >> "$GITHUB_OUTPUT"
49+
50+ name : Create GitHub App token
51+ id : app-token
52+ uses : actions/create-github-app-token@v1
53+ with :
54+ app-id : ${{ vars.MCP_REGISTRY_BOT_APP_ID }}
55+ private-key : ${{ secrets.MCP_REGISTRY_BOT_PRIVATE_KEY }}
56+ owner : docker
57+ repositories : ${{ steps.parse-repo.outputs.name }}
58+
59+ - name : Trigger private workflow
60+ env :
61+ GH_TOKEN : ${{ steps.app-token.outputs.token }}
62+ REVIEWER_REPOSITORY : ${{ secrets.REVIEWER_REPOSITORY }}
63+ run : |
64+ set -euo pipefail
5365
5466 payload=$(jq -n \
5567 --arg servers "${{ github.event.inputs.servers }}" \
Original file line number Diff line number Diff line change @@ -19,21 +19,33 @@ jobs:
1919permissions :
2020 contents : read
2121 steps :
22- - name : Dispatch private workflow
22+ - name : Parse reviewer repository
23+ id : parse-repo
2324 env :
24- GH_TOKEN : ${{ secrets.SECURITY_REVIEW_APP_TOKEN }}
2525 REVIEWER_REPOSITORY : ${{ secrets.REVIEWER_REPOSITORY }}
2626 run : |
2727 set -euo pipefail
28-
29- if [ -z "${GH_TOKEN:-}" ]; then
30- echo "SECURITY_REVIEW_APP_TOKEN secret is required" >&2
31- exit 1
32- fi
3328 if [ -z "${REVIEWER_REPOSITORY:-}" ]; then
3429 echo "REVIEWER_REPOSITORY secret is required" >&2
3530 exit 1
3631 fi
32+ echo "name=${REVIEWER_REPOSITORY#*/}" >> "$GITHUB_OUTPUT"
33+
34+ name : Create GitHub App token
35+ id : app-token
36+ uses : actions/create-github-app-token@v1
37+ with :
38+ app-id : ${{ vars.MCP_REGISTRY_BOT_APP_ID }}
39+ private-key : ${{ secrets.MCP_REGISTRY_BOT_PRIVATE_KEY }}
40+ owner : docker
41+ repositories : ${{ steps.parse-repo.outputs.name }}
42+
43+ - name : Dispatch private workflow
44+ env :
45+ GH_TOKEN : ${{ steps.app-token.outputs.token }}
46+ REVIEWER_REPOSITORY : ${{ secrets.REVIEWER_REPOSITORY }}
47+ run : |
48+ set -euo pipefail
3749
3850 pr_number="${{ github.event.pull_request.number }}"
3951 payload=$(jq -n \
You can’t perform that action at this time.
0 commit comments