@@ -2,6 +2,13 @@ name: '[Release Proposal]'
22
33on :
44 workflow_dispatch :
5+ inputs :
6+ authentication :
7+ type : choice
8+ description : Retrieve GitHub token from
9+ options :
10+ - github-app
11+ - octo-sts
512 schedule :
613 - cron : 0 5 * * *
714
@@ -10,7 +17,9 @@ concurrency:
1017 cancel-in-progress : false
1118
1219jobs :
13- create-proposal :
20+ # TODO: Remove this strategy entirely once Octo-STS works properly.
21+ create-proposal-github-app :
22+ if : inputs.authentication == 'github-app'
1423 strategy :
1524 fail-fast : false
1625 matrix :
3847 - run : node scripts/release/proposal ${{ matrix.release-line }} -y ${{ github.event_name == 'workflow_dispatch' && '-f' || '' }}
3948 env :
4049 GITHUB_TOKEN : ${{ steps.app-token.outputs.token }}
50+
51+ create-proposal-octo-sts :
52+ if : inputs.authentication == 'octo-sts'
53+ strategy :
54+ fail-fast : false
55+ matrix :
56+ release-line : ['5']
57+ runs-on : ubuntu-latest
58+ permissions :
59+ id-token : write
60+ steps :
61+ # <TESTING> Only required for debugging, remove afterwards
62+ - name : Debug OIDC Claims
63+ uses : github/actions-oidc-debugger@36a60c31d7af9b718b4ca7152ba24229a15241ad # main
64+ with :
65+ audience : " octo-debugger"
66+ # </TESTING>
67+ - uses : DataDog/dd-octo-sts-action@08f2144903ced3254a3dafec2592563409ba2aa0 # v1.0.1
68+ id : octo-sts
69+ with :
70+ scope : DataDog/dd-trace-js
71+ policy : release-proposal
72+ - uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
73+ with :
74+ fetch-depth : 0
75+ token : ${{ steps.octo-sts.outputs.token }}
76+ - uses : ./.github/actions/node
77+ with :
78+ version : ' '
79+ - uses : ./.github/actions/install/branch-diff
80+ with :
81+ token : ${{ steps.octo-sts.outputs.token }}
82+ - run : node scripts/release/proposal ${{ matrix.release-line }} -y ${{ github.event_name == 'workflow_dispatch' && '-f' || '' }}
83+ env :
84+ GITHUB_TOKEN : ${{ steps.octo-sts.outputs.token }}
0 commit comments