[CI] Use personal access token for backport workflow [fixup #15372] #4
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # WARNING: | |
| # When extending this action, be aware that $GITHUB_TOKEN allows write access to | |
| # the GitHub repository. This means that it should not evaluate user input in a | |
| # way that allows code injection. | |
| name: Backport | |
| on: | |
| pull_request_target: | |
| types: [closed, labeled] | |
| permissions: | |
| contents: write # so it can comment | |
| pull-requests: write # so it can create pull requests | |
| jobs: | |
| backport: | |
| name: Backport Pull Request | |
| if: github.repository_owner == 'crystal-lang' && github.event.pull_request.merged == true && (github.event_name != 'labeled' || startsWith('backport', github.event.label.name)) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| token: ${{ secrets.BACKPORT_ACTION_GITHUB_PAT }} | |
| - name: Create backport PR | |
| uses: korthout/backport-action@be567af183754f6a5d831ae90f648954763f17f5 # v3.1.0 | |
| with: | |
| github_token: ${{ secrets.BACKPORT_ACTION_GITHUB_PAT }} | |
| # Config README: https://github.com/korthout/backport-action#backport-action | |
| copy_labels_pattern: '^(breaking-change|security|topic:.*|kind:.*|platform:.*)$' | |
| copy_milestone: true | |
| pull_description: |- | |
| Automated backport of #${pull_number} to `${target_branch}`, triggered by a label. |