Update actions/create-github-app-token action to v3#2837
Update actions/create-github-app-token action to v3#2837gardener-ci-robot wants to merge 1 commit intomasterfrom
Conversation
gardener-ci-robot
requested review from
holgerkoser,
klocke-io and
petersutter
as code owners
gardener-prow
bot
added
cla: yes
📝 WalkthroughWalkthroughGitHub App Token action is updated from version v2.2.1 to v3.0.0 across two workflow files. No logic or control-flow changes; token retrieval and subsequent workflow steps remain functionally equivalent. Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~3 minutes Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 inconclusive)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
📝 Coding Plan
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
🧹 Nitpick comments (1)
.github/workflows/cherry-pick-reusable.yaml (1)
29-34: Verify SHA and be aware of proxy breaking changes in v3.0.0.The action is upgraded to v3.0.0 with SHA
f8d387b68d61c58ab83c6c016672934102569859. If workflows run behind a proxy (HTTP_PROXY/HTTPS_PROXY), setNODE_USE_ENV_PROXY=1as an environment variable—v3 removed custom proxy handling. This workflow uses GitHub-hosted runners, so the self-hosted runner version requirement (v2.327.1+) does not apply.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/cherry-pick-reusable.yaml around lines 29 - 34, The workflow updates the create-github-app-token action to v3.0.0 using SHA f8d387b68d61c58ab83c6c016672934102569859; verify that SHA is intentional and correct, and if this workflow may run behind an HTTP/HTTPS proxy add the environment variable NODE_USE_ENV_PROXY=1 to the job or step that uses actions/create-github-app-token (the step with id: token) because v3 removed custom proxy handling.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In @.github/workflows/cherry-pick-reusable.yaml:
- Around line 29-34: The workflow updates the create-github-app-token action to
v3.0.0 using SHA f8d387b68d61c58ab83c6c016672934102569859; verify that SHA is
intentional and correct, and if this workflow may run behind an HTTP/HTTPS proxy
add the environment variable NODE_USE_ENV_PROXY=1 to the job or step that uses
actions/create-github-app-token (the step with id: token) because v3 removed
custom proxy handling.
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 2d79f269-8f28-427c-9d40-47465891181c
📒 Files selected for processing (2)
.github/workflows/cherry-pick-reusable.yaml.github/workflows/prepare-hotfix-branch.yaml
1 participant
This PR contains the following updates:
v2.2.1→v3.0.0Release Notes
actions/create-github-app-token (actions/create-github-app-token)
v3.0.0Compare Source
NODE_USE_ENV_PROXYfor proxy support (#342) (4451bcb)Bug Fixes
BREAKING CHANGES
v2.2.2Compare Source
Bug Fixes
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.