mirror of
https://github.com/nix-community/home-manager.git
synced 2026-01-12 01:59:37 +08:00
ci: add 'GitHub App' TODO to update workflow
Using a GitHub App is more secure and idiomatic than using a Personal Access Token or SSH Deploy Key. See https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#triggering-further-workflow-runs and https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#authenticating-with-github-app-generated-tokens
This commit is contained in:
Matt Sturgeon
committed by
Austin Horstman
Austin Horstman
parent
9d2ae59579
commit
7c60ea0296
3
.github/workflows/update-flake.yml
vendored
3
.github/workflows/update-flake.yml
vendored
@@ -17,5 +17,8 @@ jobs:
|
||||
- name: Update flake.lock
|
||||
uses: DeterminateSystems/update-flake-lock@v25
|
||||
with:
|
||||
# NOTE: this uses the GH_TOKEN_FOR_UPDATES because pushing a flake
|
||||
# update PR using GITHUB_TOKEN does not trigger CI.
|
||||
# TODO: consider switching to a GitHub App
|
||||
token: ${{ secrets.GH_TOKEN_FOR_UPDATES }}
|
||||
pr-labels: dependencies
|
||||
|
||||
Reference in New Issue
Block a user