fix: use Hyper Gonk GitHub App for CI permissions#1256
Conversation
This fixes the issue where CI checks weren't triggered on release PRs created by the changesets action. PRs created with GITHUB_TOKEN don't trigger workflows due to GitHub's security restrictions. Using a GitHub App token (Hyper Gonk) allows CI to run on release PRs.
|
|
Warning Rate limit exceeded@paulbalaji has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 26 minutes and 37 seconds before requesting another review. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. 📒 Files selected for processing (3)
✨ Finishing touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Summary
This PR migrates several workflows to use the Hyper Gonk GitHub App token instead of
GITHUB_TOKENor personal access tokens. This fixes CI not triggering on PRs/commits created by automated workflows.Workflows Updated
release.ymlGITHUB_TOKENcombine.ymlCOMBINE_CI_TOKEN(PAT)update-hyperlane-deps.ymlGITHUB_TOKENWhy This Change?
GitHub's security model prevents
GITHUB_TOKENfrom triggering workflows to avoid infinite loops. This means:Using a GitHub App token (Hyper Gonk) allows CI to run on these automated PRs/commits.
Prerequisites
The following secrets must be configured in the repository:
HYPER_GONK_APP_IDHYPER_GONK_PRIVATE_KEYRelated