mirror of
https://github.com/jorijn/meshcore-stats.git
synced 2026-06-24 03:41:17 +02:00
Jorijn Schrijvershof
2730a9d906
GITHUB_TOKEN cannot trigger other workflows by design. Using a fine-grained PAT (RELEASE_PLEASE_TOKEN) scoped to this repo only allows releases to properly trigger the docker-publish workflow. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
33 lines
983 B
YAML
33 lines
983 B
YAML
name: Release Please
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
# Note: We use a fine-grained PAT (RELEASE_PLEASE_TOKEN) instead of GITHUB_TOKEN
|
|
# because GITHUB_TOKEN cannot trigger other workflows (like docker-publish.yml).
|
|
# This is a GitHub security feature to prevent infinite workflow loops.
|
|
#
|
|
# The PAT requires these permissions (scoped to this repository only):
|
|
# - Contents: Read and write (for creating releases and pushing tags)
|
|
# - Pull requests: Read and write (for creating/updating release PRs)
|
|
#
|
|
# To rotate: Settings > Developer settings > Fine-grained tokens
|
|
# Recommended rotation: Every 90 days
|
|
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
|
|
jobs:
|
|
release-please:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Release Please
|
|
uses: googleapis/release-please-action@v4
|
|
with:
|
|
token: ${{ secrets.RELEASE_PLEASE_TOKEN }}
|
|
config-file: release-please-config.json
|
|
manifest-file: .release-please-manifest.json
|