From bfb4d4cf540f13594d334b12f6d549bf6b913787 Mon Sep 17 00:00:00 2001 From: "Martin Hinshelwood nkdAgility.com" Date: Tue, 16 Jul 2024 17:41:02 +0100 Subject: [PATCH] refactor(github workflows): replace env variables with secrets for app-id and private-key in code-review.yml and main.yml This change is done to enhance security by using GitHub secrets instead of environment variables for sensitive data. --- .github/workflows/code-review.yml | 4 ++-- .github/workflows/main.yml | 8 ++------ 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/.github/workflows/code-review.yml b/.github/workflows/code-review.yml index e49834851..9bba61e62 100644 --- a/.github/workflows/code-review.yml +++ b/.github/workflows/code-review.yml @@ -15,8 +15,8 @@ jobs: - uses: actions/create-github-app-token@v1 id: app-token with: - app-id: ${{ env.APP_ID }} - private-key: ${{ env.PRIVATE_KEY }} + app-id: ${{ secrets.NKDAGILITY_BOT_APP_ID }} + private-key: ${{ secrets.NKDAGILITY_BOT_CLIENTSECRET }} - uses: fitomad/github-chatgpt-integration@main with: openai-api-key: ${{ secrets.OPENAI_API_KEY }} diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 88031621f..5050c7845 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -18,10 +18,6 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true -env: - APP_ID: "Iv23li9aYvt0VW9x4Jhh" - PRIVATE_KEY: ${{ secrets.NKDAGILITY_BOT_CLIENTSECRET }} - defaults: run: shell: pwsh @@ -261,8 +257,8 @@ jobs: - uses: actions/create-github-app-token@v1 id: app-token with: - app-id: ${{ env.APP_ID }} - private-key: ${{ env.PRIVATE_KEY }} + app-id: ${{ secrets.NKDAGILITY_BOT_APP_ID }} + private-key: ${{ secrets.NKDAGILITY_BOT_CLIENTSECRET }} - name: "Package Files" shell: pwsh run: |