Conversation
GitHub suppresses workflows triggered by the default GITHUB_TOKEN, so issues opened via create-or-update-issue did not fire listeners such as add-issues-and-prs-to-fs-project-board. Use FILOZZY_RELEASE_PLEASE_PAT_FILOZONE so issue-open events behave like normal user/bot activity. Callers already use secrets: inherit; ensure the secret is available on this repo. Made-with: Cursor
|
FilOz bot has access to the repo: https://github.com/FilOzone/foc-devnet/settings/access PAT has appropriate access: https://github.com/organizations/FilOzone/settings/personal-access-tokens/1277607 |
There was a problem hiding this comment.
Pull request overview
Updates the reusable CI workflow to file/update scenario report issues using a Personal Access Token (PAT) instead of the default github.token, so that downstream automation workflows triggered by issues events (e.g., adding issues to a project board) will run as expected.
Changes:
- Swap
github.tokenforsecrets.FILOZZY_RELEASE_PLEASE_PAT_FILOZONEwhen callingipdxco/create-or-update-issue@v1. - Add inline documentation explaining why a PAT is required for cascading
issues-triggered workflows.
github-project-automation
bot
moved this from 🔎 Awaiting review
to ✔️ Approved by reviewer
in FOC
| # We're not using `github.token` here because it won't trigger other workflows like `add-issues-to-project`. | ||
| # Instead, we use a PAT to trigger other workflows. |
There was a problem hiding this comment.
This doesn't really make sense.
| # Instead, we use a PAT to trigger other workflows. | ||
| # This PAT has permissions to open/update issues, which is why it was used. | ||
| # Alternatively, we could create a more narrowly scoped PAT, but this would be another PAT to setup/manage. | ||
| GITHUB_TOKEN: ${{ secrets.FILOZZY_RELEASE_PLEASE_PAT_FILOZONE }} |
There was a problem hiding this comment.
Looks like the secret is not configured for this repo.
There was a problem hiding this comment.
@galargh : Doh - you're right
Fixed now at https://github.com/organizations/FilOzone/settings/secrets/actions/FILOZZY_RELEASE_PLEASE_PAT
Confirmed at https://github.com/FilOzone/foc-devnet/settings/secrets/actions
Problem
Nightly scenario reporting (via
ci_nightly.yml→ reusableci_run.yml) creates or updates GitHub issues for runs like the frontier/stability reports (similar in spirit to foc-devnet#96).The Add issues and PRs to FS project board workflow (and other
issues: openedautomation) was not running for those issues.Per GitHub Actions behavior, events triggered with the default
GITHUB_TOKEN/github.tokendo not start other workflows (except cases such asworkflow_dispatch/repository_dispatch). Soipdxco/create-or-update-issueusinggithub.tokenproduced issue activity that did not cascade to org/repo workflows that listen for new issues.Specifically I want it so future issues like #95 and #96 show up on our project board.
Change
secrets.FILOZZY_RELEASE_PLEASE_PAT_FILOZONEas the token passed tocreate-or-update-issueso issue open/update behaves like normal bot/user API activity and downstream workflows can run.ci_nightly.ymlandci_pull_request.ymlalready call the reusable workflow withsecrets: inherit; no caller changes.Notes from code review (inline comments in
ci_run.yml)github.tokenhere because it does not trigger other workflows such as add-issues-to-project-style automation.Checklist
FILOZZY_RELEASE_PLEASE_PAT_FILOZONEis configured for FilOzone/foc-localnet (or inherited from org) with sufficient scopes to create/update issues and labels in this repo.Made with Cursor