diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2a8d3f5..6e5291a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -32,9 +32,10 @@ jobs: run: git config --global core.autocrlf false - name: Checkout current branch (full) - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Java (temurin@11) if: matrix.java == 'temurin@11' @@ -95,9 +96,10 @@ jobs: run: git config --global core.autocrlf false - name: Checkout current branch (full) - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Java (temurin@11) if: matrix.java == 'temurin@11' diff --git a/src/main/scala/sbtghactions/GenerativeKeys.scala b/src/main/scala/sbtghactions/GenerativeKeys.scala index 93b338c..694d26a 100644 --- a/src/main/scala/sbtghactions/GenerativeKeys.scala +++ b/src/main/scala/sbtghactions/GenerativeKeys.scala @@ -63,6 +63,8 @@ trait GenerativeKeys { lazy val githubWorkflowEnv = settingKey[Map[String, String]](s"A map of static environment variable assignments global to the workflow (default: { GITHUB_TOKEN: $${{ secrets.GITHUB_TOKEN }} })") lazy val githubWorkflowAddedJobs = settingKey[Seq[WorkflowJob]]("A list of additional jobs to add to the CI workflow (default: [])") + + lazy val githubWorkflowToken = settingKey[String]("A token for checkout step (default: $${{ secrets.GITHUB_TOKEN }} )") } object GenerativeKeys extends GenerativeKeys diff --git a/src/main/scala/sbtghactions/GenerativePlugin.scala b/src/main/scala/sbtghactions/GenerativePlugin.scala index f635db0..48620be 100644 --- a/src/main/scala/sbtghactions/GenerativePlugin.scala +++ b/src/main/scala/sbtghactions/GenerativePlugin.scala @@ -504,7 +504,10 @@ ${indent(jobs.map(compileJob(_, sbt)).mkString("\n\n"), 1)} githubWorkflowTargetPaths := Paths.None, githubWorkflowEnv := Map("GITHUB_TOKEN" -> s"$${{ secrets.GITHUB_TOKEN }}"), - githubWorkflowAddedJobs := Seq()) + githubWorkflowAddedJobs := Seq(), + + githubWorkflowToken := s"$${{ secrets.GITHUB_TOKEN }}" + ) private lazy val internalTargetAggregation = settingKey[Seq[File]]("Aggregates target directories from all subprojects") @@ -630,7 +633,7 @@ ${indent(jobs.map(compileJob(_, sbt)).mkString("\n\n"), 1)} } autoCrlfOpt ::: - List(WorkflowStep.CheckoutFull) ::: + List(WorkflowStep.CheckoutFull(githubWorkflowToken.value)) ::: WorkflowStep.SetupJava(githubWorkflowJavaVersions.value.toList) ::: githubWorkflowGeneratedCacheSteps.value.toList }, diff --git a/src/main/scala/sbtghactions/WorkflowStep.scala b/src/main/scala/sbtghactions/WorkflowStep.scala index 8dff410..3f4a287 100644 --- a/src/main/scala/sbtghactions/WorkflowStep.scala +++ b/src/main/scala/sbtghactions/WorkflowStep.scala @@ -25,12 +25,18 @@ sealed trait WorkflowStep extends Product with Serializable { object WorkflowStep { - val CheckoutFull: WorkflowStep = Use( - UseRef.Public("actions", "checkout", "v2"), - name = Some("Checkout current branch (full)"), - params = Map("fetch-depth" -> "0")) + def CheckoutFull(token: String): WorkflowStep = { + Use( + UseRef.Public("actions", "checkout", "v3"), + name = Some("Checkout current branch (full)"), + params = Map( + "fetch-depth" -> "0", + "token" -> token + ) + ) + } - val Checkout: WorkflowStep = Use(UseRef.Public("actions", "checkout", "v2"), name = Some("Checkout current branch (fast)")) + val Checkout: WorkflowStep = Use(UseRef.Public("actions", "checkout", "v3"), name = Some("Checkout current branch (fast)")) def SetupJava(versions: List[JavaSpec]): List[WorkflowStep] = versions map { diff --git a/src/sbt-test/sbtghactions/check-and-regenerate/expected-ci.yml b/src/sbt-test/sbtghactions/check-and-regenerate/expected-ci.yml index ee1ed2d..78e1f63 100644 --- a/src/sbt-test/sbtghactions/check-and-regenerate/expected-ci.yml +++ b/src/sbt-test/sbtghactions/check-and-regenerate/expected-ci.yml @@ -35,9 +35,10 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout current branch (full) - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Java (temurin@11) if: matrix.java == 'temurin@11' @@ -94,9 +95,10 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout current branch (full) - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Java (temurin@11) if: matrix.java == 'temurin@11' diff --git a/src/sbt-test/sbtghactions/no-clean/.github/workflows/ci.yml b/src/sbt-test/sbtghactions/no-clean/.github/workflows/ci.yml index 3917583..8d8c2b2 100644 --- a/src/sbt-test/sbtghactions/no-clean/.github/workflows/ci.yml +++ b/src/sbt-test/sbtghactions/no-clean/.github/workflows/ci.yml @@ -27,9 +27,10 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout current branch (full) - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Java (temurin@11) if: matrix.java == 'temurin@11' @@ -77,9 +78,10 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout current branch (full) - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Java (temurin@11) if: matrix.java == 'temurin@11' diff --git a/src/sbt-test/sbtghactions/non-existent-target/.github/workflows/ci.yml b/src/sbt-test/sbtghactions/non-existent-target/.github/workflows/ci.yml index f3ebe4b..8533e12 100644 --- a/src/sbt-test/sbtghactions/non-existent-target/.github/workflows/ci.yml +++ b/src/sbt-test/sbtghactions/non-existent-target/.github/workflows/ci.yml @@ -27,9 +27,10 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout current branch (full) - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Java (temurin@11) if: matrix.java == 'temurin@11' @@ -76,9 +77,10 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout current branch (full) - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Java (temurin@11) if: matrix.java == 'temurin@11' diff --git a/src/sbt-test/sbtghactions/sbt-native-thin-client/.github/workflows/ci.yml b/src/sbt-test/sbtghactions/sbt-native-thin-client/.github/workflows/ci.yml index fde4de8..8015cfb 100644 --- a/src/sbt-test/sbtghactions/sbt-native-thin-client/.github/workflows/ci.yml +++ b/src/sbt-test/sbtghactions/sbt-native-thin-client/.github/workflows/ci.yml @@ -27,9 +27,10 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout current branch (full) - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Java (temurin@11) if: matrix.java == 'temurin@11' @@ -93,9 +94,10 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout current branch (full) - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Java (temurin@11) if: matrix.java == 'temurin@11' diff --git a/src/sbt-test/sbtghactions/suppressed-scala-version/expected-ci.yml b/src/sbt-test/sbtghactions/suppressed-scala-version/expected-ci.yml index 9c88249..11b0472 100644 --- a/src/sbt-test/sbtghactions/suppressed-scala-version/expected-ci.yml +++ b/src/sbt-test/sbtghactions/suppressed-scala-version/expected-ci.yml @@ -28,9 +28,10 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout current branch (full) - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Java (temurin@11) if: matrix.java == 'temurin@11' @@ -78,9 +79,10 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout current branch (full) - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 + token: ${{ secrets.GITHUB_TOKEN }} - name: Setup Java (temurin@11) if: matrix.java == 'temurin@11' diff --git a/src/test/scala/sbtghactions/GenerativePluginSpec.scala b/src/test/scala/sbtghactions/GenerativePluginSpec.scala index e544d96..e5905a7 100644 --- a/src/test/scala/sbtghactions/GenerativePluginSpec.scala +++ b/src/test/scala/sbtghactions/GenerativePluginSpec.scala @@ -475,7 +475,7 @@ class GenerativePluginSpec extends Specification { - run: echo hello - name: Checkout current branch (fast) - uses: actions/checkout@v2""" + uses: actions/checkout@v3""" } "compile a job with one step and three oses" in { @@ -639,7 +639,7 @@ class GenerativePluginSpec extends Specification { - run: echo $${{ matrix.test }} - name: Checkout current branch (fast) - uses: actions/checkout@v2""" + uses: actions/checkout@v3""" } "compile a job with extra runs-on labels" in { @@ -838,7 +838,7 @@ class GenerativePluginSpec extends Specification { - run: echo hello - name: Checkout current branch (fast) - uses: actions/checkout@v2""" + uses: actions/checkout@v3""" } }