{TEST} debug app-token probe (do not merge)

[mahmoud-elmorabea]

Temporary de-risking probe stacked on top of ci/github-app-ruleset-migration (#587).

What this proves

1. actions/create-github-app-token mints a token using CIO_APP_CLIENT_ID + CIO_APP_SECRET.
2. outputs.app-slug == cio-mobile-release (the slug on the ruleset bypass list).
3. actions/checkout with token: persists the App token into .git/config — meaning git push from a later step authenticates as the App, not as github-actions[bot].

Hashes are SHA-256 of token bytes; never the tokens themselves.

Do not merge

This PR exists to verify the App identity end-to-end. Once the workflow run is green, the debug workflow gets dropped from the real-fix PR (#587).

[github-actions]

Hey, there @mahmoud-elmorabea 👋🤖. I'm a bot here to help you.

I think the title of this pull request is not in the correct format. Follow the instructions below and then edit the pull request title to a valid format. I'll check again after you make an edit 👍.

This project uses a special format for pull requests titles. Expand this section to learn more (expand by clicking the ᐅ symbol on the left side of this sentence)...

This project uses a special format for pull requests titles. Don't worry, it's easy!

This pull request title should be in this format:

<type>: short description of change being made

If your pull request introduces breaking changes to the code, use this format:

<type>!: short description of breaking change

where <type> is one of the following:

• feat: - A feature is being added or modified by this pull request. Use this if you made any changes to any of the features of the project.

• fix: - A bug is being fixed by this pull request. Use this if you made any fixes to bugs in the project.

• docs: - This pull request is making documentation changes, only.

• refactor: - A change was made that doesn't fix a bug or add a feature.

• test: - Adds missing tests or fixes broken tests.

• style: - Changes that do not effect the code (whitespace, linting, formatting, semi-colons, etc)

• perf: - Changes improve performance of the code.

• build: - Changes to the build system (maven, npm, gulp, etc)

• ci: - Changes to the CI build system (Travis, GitHub Actions, Circle, etc)

• chore: - Other changes to project that don't modify source code or test files.

• revert: - Reverts a previous commit that was made.

Examples:

feat: edit profile photo
refactor!: remove deprecated v1 endpoints
build: update npm dependencies
style: run formatter 

Need more examples? Want to learn more about this format? Check out the official docs.

Note: If your pull request does multiple things such as adding a feature and makes changes to the CI server and fixes some bugs then you might want to consider splitting this pull request up into multiple smaller pull requests.

[github-actions]

Sample app builds 📱

Below you will find the list of the latest versions of the sample apps. It's recommended to always download the latest builds of the sample apps to accurately test the pull request.

---

• Android APN: 588.1.0 (29637329)
• iOS FCM: 588.1.0 (29637329)
• iOS APN: 588.1.0 (29637329)

[mahmoud-elmorabea]

Probe verified — see verdict table. Closing without merge.