ci: Use GitHub App token for CI workflow#687
Conversation
|
Warning Rate limit exceededAaron ("AJ") Steers (@aaronsteers) has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 16 minutes and 52 seconds before requesting another review. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. 📒 Files selected for processing (1)
📝 WalkthroughWalkthroughThe workflow for handling pull request test commands was updated to authenticate using a GitHub App token instead of a static personal access token. The job names and outputs were adjusted accordingly, and the dynamic token is now used for posting check statuses in place of the previous static secret. Changes
Sequence Diagram(s)sequenceDiagram
participant Developer
participant GitHub Actions
participant GitHub App
Developer->>GitHub Actions: Open PR / trigger workflow
GitHub Actions->>GitHub App: Authenticate (create-github-app-token)
GitHub App-->>GitHub Actions: Return gh-app-token
GitHub Actions->>GitHub Actions: Run workflow steps (use gh-app-token)
GitHub Actions->>GitHub: Post check status (in_progress/completed) using gh-app-token
Possibly related PRs
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
There was a problem hiding this comment.
Pull Request Overview
This PR replaces the personal access token used in the CI workflow with a GitHub App token to improve security and explicitly defines the repository owner. Key changes include adding a new authentication step using the GitHub App token, updating job outputs to include the new token, and replacing usages of the old token with the new one.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
03f4031
into
main
Replace the personal access token with a GitHub App token for improved security and explicitly define the repository owner in the CI configuration.
Summary by CodeRabbit