@@ -95,13 +95,90 @@ jobs:
9595 aws --region us-west-1 lambda invoke --function-name start-sync-team output.json
9696 cat output.json | python3 -m json.tool
9797
98+ # GitHub tokens generated from GitHub Apps can access resources from one organization,
99+ # so we need to generate a token for each organization.
100+ - name : Generate GitHub token (rust-lang)
101+ uses : actions/create-github-app-token@v1
102+ id : rust-lang-token
103+ with :
104+ # GitHub App ID secret name
105+ app-id : ${{ secrets.SYNC_TEAM_GH_APP_READ_ID }}
106+ # GitHub App private key secret name
107+ private-key : ${{ secrets.SYNC_TEAM_GH_APP_READ_PRIVATE_KEY }}
108+ # Set the owner, so the token can be used in all repositories
109+ owner : rust-lang
110+
111+ - name : Generate GitHub token (rust-lang-ci)
112+ uses : actions/create-github-app-token@v1
113+ id : rust-lang-ci-token
114+ with :
115+ app-id : ${{ secrets.SYNC_TEAM_GH_APP_READ_ID }}
116+ private-key : ${{ secrets.SYNC_TEAM_GH_APP_READ_PRIVATE_KEY }}
117+ owner : rust-lang-ci
118+
119+ - name : Generate GitHub token (rust-lang-deprecated)
120+ uses : actions/create-github-app-token@v1
121+ id : rust-lang-deprecated-token
122+ with :
123+ app-id : ${{ secrets.SYNC_TEAM_GH_APP_READ_ID }}
124+ private-key : ${{ secrets.SYNC_TEAM_GH_APP_READ_PRIVATE_KEY }}
125+ owner : rust-lang-deprecated
126+
127+ - name : Generate GitHub token (rust-lang-nursery)
128+ uses : actions/create-github-app-token@v1
129+ id : rust-lang-nursery-token
130+ with :
131+ app-id : ${{ secrets.SYNC_TEAM_GH_APP_READ_ID }}
132+ private-key : ${{ secrets.SYNC_TEAM_GH_APP_READ_PRIVATE_KEY }}
133+ owner : rust-lang-nursery
134+
135+ - name : Generate GitHub token (bors-rs)
136+ uses : actions/create-github-app-token@v1
137+ id : bors-rs-token
138+ with :
139+ app-id : ${{ secrets.SYNC_TEAM_GH_APP_READ_ID }}
140+ private-key : ${{ secrets.SYNC_TEAM_GH_APP_READ_PRIVATE_KEY }}
141+ owner : bors-rs
142+
143+ - name : Generate GitHub token (rust-analyzer)
144+ uses : actions/create-github-app-token@v1
145+ id : rust-analyzer-token
146+ with :
147+ app-id : ${{ secrets.SYNC_TEAM_GH_APP_READ_ID }}
148+ private-key : ${{ secrets.SYNC_TEAM_GH_APP_READ_PRIVATE_KEY }}
149+ owner : rust-analyzer
150+
151+ - name : Generate GitHub token (rust-embedded)
152+ uses : actions/create-github-app-token@v1
153+ id : rust-embedded-token
154+ with :
155+ app-id : ${{ secrets.SYNC_TEAM_GH_APP_READ_ID }}
156+ private-key : ${{ secrets.SYNC_TEAM_GH_APP_READ_PRIVATE_KEY }}
157+ owner : rust-embedded
158+
159+ - name : Generate GitHub token (rust-dev-tools)
160+ uses : actions/create-github-app-token@v1
161+ id : rust-dev-tools-token
162+ with :
163+ app-id : ${{ secrets.SYNC_TEAM_GH_APP_READ_ID }}
164+ private-key : ${{ secrets.SYNC_TEAM_GH_APP_READ_PRIVATE_KEY }}
165+ owner : rust-dev-tools
166+
98167 - uses : actions/checkout@v4
99168
100- - name : Run sync-team dry-run
169+ - name : Run sync-team (dry-run)
170+ env :
171+ GITHUB_TOKEN_RUST_LANG : ${{ steps.rust-lang-token.outputs.token }}
172+ GITHUB_TOKEN_RUST_LANG_CI : ${{ steps.rust-lang-ci-token.outputs.token }}
173+ GITHUB_TOKEN_RUST_LANG_DEPRECATED : ${{ steps.rust-lang-deprecated-token.outputs.token }}
174+ GITHUB_TOKEN_RUST_LANG_NURSERY : ${{ steps.rust-lang-nursery-token.outputs.token }}
175+ GITHUB_TOKEN_BORS_RS : ${{ steps.bors-rs-token.outputs.token }}
176+ GITHUB_TOKEN_RUST_ANALYZER : ${{ steps.rust-analyzer-token.outputs.token }}
177+ GITHUB_TOKEN_RUST_EMBEDDED : ${{ steps.rust-embedded-token.outputs.token }}
178+ GITHUB_TOKEN_RUST_DEV_TOOLS : ${{ steps.rust-dev-tools-token.outputs.token }}
101179 run : |
102180 cargo run --manifest-path sync-team/Cargo.toml \
103- print-plan \
104- --team-json build
181+ print-plan --team-json build
105182
106183# Summary job for the merge queue.
107184 # ALL THE PREVIOUS JOBS NEED TO BE ADDED TO THE `needs` SECTION OF THIS JOB!
0 commit comments