ci: use github app to commit changes in workflow

choffmann · choffmann · commit cd67f9f6c600 · 2025-05-28T15:26:14.000+02:00
diff --git a/.github/workflows/build-and-push-stage.yml b/.github/workflows/build-and-push-stage.yml
@@ -86,17 +86,29 @@ jobs:
           version: 'v4.44.3'
           force: true
 
-      - name: Initialize mandatory git config
-        run: |
-          git config --global user.name 'GitHub Actions'
-          git config --global user.email 'noreply@github.com'
-
       - name: Bump version in values/stage.yaml
         run: yq -i '.deployment.image.tag=strenv(RELEASE_VERSION)' ./k8s/values/stage.yaml
 
+      - uses: actions/create-github-app-token@v2
+        id: app-token
+        with:
+          app-id: ${{ vars.APP_ID }}
+          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+
+      - name: Get GitHub App User ID
+        id: get-user-id
+        run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
+        env:
+          GH_TOKEN: ${{ steps.app-token.outputs.token }}
+
+      - name: Initialize mandatory git config
+        run: |
+          git config --global user.name '${{ steps.app-token.outputs.app-slug }}[bot]'
+          git config --global user.email '${{ steps.get-user-id.outputs.user-id }}+${{ steps.app-token.outputs.app-slug }}[bot]@users.noreply.github.com'
+
       - name: Commit k8s values and push changes
         env:
-          GITHUB_TOKEN: ${{ secrets.GREEN_ECOLUTION_PAT }}
+          GH_TOKEN: ${{ steps.app-token.outputs.token }}
         run: |
           git add ./k8s/values/stage.yaml
           git commit --message "chore: update stage image to version ${{ env.RELEASE_VERSION }}" \
