ci: use PUSH_TOKEN for docgen push to bypass branch rules
Problem: the docgen workflow pushes to main using GITHUB_TOKEN, which authenticates as github-actions[bot]. The bot cannot bypass repository rulesets on personal repos, so the push is rejected by required PR, status check, and signature rules. Solution: prefer a PUSH_TOKEN secret (a PAT authenticated as the repo admin, who has bypass permissions) with fallback to GITHUB_TOKEN so the workflow does not break before the secret is created.
This commit is contained in:
parent
642f745038
commit
60aed7d595
GPG key ID:
A6C96C9349D2FC81
1 changed files with 1 additions and 1 deletions
2
.github/workflows/tests.yml
vendored
2
.github/workflows/tests.yml
vendored
|
|
@ -87,7 +87,7 @@ jobs:
|
|||
- name: Commit changes
|
||||
if: ${{ github.ref == 'refs/heads/main' }}
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
GITHUB_TOKEN: ${{ secrets.PUSH_TOKEN || secrets.GITHUB_TOKEN }}
|
||||
COMMIT_MSG: |
|
||||
[docgen] Update docs
|
||||
skip-checks: true
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue