diff options
| author | Yuriy Andamasov <yuriy@vyos.io> | 2026-05-30 12:44:44 +0300 |
|---|---|---|
| committer | Yuriy Andamasov <yuriy@vyos.io> | 2026-05-30 12:44:44 +0300 |
| commit | bbf1b0a43326070bcc958810c3bc70451f76955b (patch) | |
| tree | 0904df9e6d761b27d6f519157d42af7d7f3a742a | |
| parent | b5e2b170016ca3dd011df7de42ec858858564bb7 (diff) | |
| download | vyos-github-actions-chore/T8937-retire-mergify-replaceable-ghas.tar.gz vyos-github-actions-chore/T8937-retire-mergify-replaceable-ghas.zip | |
chore: T8937: retire Mergify-replaceable GHA caller workflowschore/T8937-retire-mergify-replaceable-ghas
Replaces 5 caller workflows now superseded by central Mergify rules.
See https://vyos.dev/T8937 for the design + spec + plan.
Advances: T8937
🤖 Generated by [robots](https://vyos.io)
| -rw-r--r-- | .github/workflows/auto-author-assign.yml | 54 |
1 files changed, 0 insertions, 54 deletions
diff --git a/.github/workflows/auto-author-assign.yml b/.github/workflows/auto-author-assign.yml deleted file mode 100644 index 77021dd..0000000 --- a/.github/workflows/auto-author-assign.yml +++ /dev/null @@ -1,54 +0,0 @@ -name: "PR Triage" -on: - pull_request_target: - types: [opened, reopened, ready_for_review, locked] - -permissions: - pull-requests: write - -jobs: - # https://github.com/marketplace/actions/auto-author-assign - assign-author: - runs-on: ubuntu-latest - steps: - - name: "Assign Author to PR" - uses: toshimaru/auto-author-assign@2daaeb2988aef24bf37e636fe733f365c046aba0 # v1.6.2 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - - # https://github.com/shufo/auto-assign-reviewer-by-files - # - # Auth: mint a vyos-bot[bot] App-installation token via the central - # composite action at vyos/.github/.github/actions/get-token@current. - # Replaces the prior classic PAT (secrets.PR_ACTION_ASSIGN_REVIEWERS) - # which the VyOS-Networks enterprise rejects because its lifetime - # exceeds the 90-day cap on classic PATs ("The 'VyOS Networks' - # enterprise forbids access via a personal access tokens (classic) - # if the token's lifetime is greater than 90 days"). - # - # vyos-bot App permissions include `pull_requests: read+write`, which - # is sufficient for shufo/auto-assign-reviewer-by-files to assign - # reviewers and read the team-based config in .github/reviewers.yml. - # See https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app-installation - # for documentation on GitHub App installation tokens. - assign_reviewer: - runs-on: ubuntu-latest - steps: - - name: Mint vyos-bot installation token - id: token - uses: vyos/.github/.github/actions/get-token@8a437c7bd8ef6f682f87a428f50e24832a0d316d # current branch HEAD as of 2026-05-28 - with: - owner: vyos - client-id: ${{ vars.APP_CLIENT_ID }} - private-key: ${{ secrets.APP_PRIVATE_KEY }} - # Scope the minted token down to only what shufo needs - # (assigning reviewers via the Pull Requests API). - # Defense in depth: pull_request_target events expose secrets, - # so the narrower the token, the smaller the blast radius if - # the downstream action is ever compromised. - permissions: '{"pull_requests":"write"}' - - name: Request review based on files changes and/or groups the author belongs to - uses: shufo/auto-assign-reviewer-by-files@f5f3db9ef06bd72ab6978996988c6462cbdaabf6 # v1.1.4 - with: - token: ${{ steps.token.outputs.token }} - config: .github/reviewers.yml |
