diff --git a/.github/workflows/e2e-tests-full.yml b/.github/workflows/e2e-tests-full.yml index b34410e8f..46bbf0d52 100644 --- a/.github/workflows/e2e-tests-full.yml +++ b/.github/workflows/e2e-tests-full.yml @@ -57,6 +57,14 @@ jobs: parse-json-secrets: true - run: npm ci - run: npm run build + - name: Generate GitHub App Token + if: matrix.cdk-source == 'main' + id: app-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ vars.APP_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} + owner: aws - name: Build CDK package from main if: matrix.cdk-source == 'main' run: | @@ -67,7 +75,7 @@ jobs: TARBALL=$(npm pack --pack-destination "$RUNNER_TEMP" | tail -1) echo "CDK_TARBALL=$RUNNER_TEMP/$TARBALL" >> "$GITHUB_ENV" env: - CDK_REPO_TOKEN: ${{ secrets.CDK_REPO_TOKEN }} + CDK_REPO_TOKEN: ${{ steps.app-token.outputs.token }} CDK_REPO: ${{ secrets.CDK_REPO_NAME }} - name: Install CLI globally run: npm install -g "$(npm pack | tail -1)" diff --git a/.github/workflows/e2e-tests.yml b/.github/workflows/e2e-tests.yml index dbae357b0..05ff6bee3 100644 --- a/.github/workflows/e2e-tests.yml +++ b/.github/workflows/e2e-tests.yml @@ -79,8 +79,15 @@ jobs: E2E,${{ secrets.E2E_SECRET_ARN }} parse-json-secrets: true + - name: Generate GitHub App Token + id: app-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ vars.APP_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} + owner: aws # Build @aws/agentcore-cdk from source for cross-package testing. - # Requires secrets: CDK_REPO_NAME (org/repo), CDK_REPO_TOKEN (fine-grained PAT) + # Requires secret: CDK_REPO_NAME (org/repo). Token is generated by the App above. - name: Build CDK package run: | CDK_BRANCH="${{ inputs.cdk_branch || 'main' }}" @@ -92,7 +99,7 @@ jobs: TARBALL=$(npm pack --pack-destination "$RUNNER_TEMP" | tail -1) echo "CDK_TARBALL=$RUNNER_TEMP/$TARBALL" >> "$GITHUB_ENV" env: - CDK_REPO_TOKEN: ${{ secrets.CDK_REPO_TOKEN }} + CDK_REPO_TOKEN: ${{ steps.app-token.outputs.token }} CDK_REPO: ${{ secrets.CDK_REPO_NAME }} - run: npm ci