ci: use github secrets for GH token (#262)

elastic · Jun 12, 2024 · 2284ecf · 2284ecf
1 parent 976f819
commit 2284ecf
Showing 1 changed file with 6 additions and 12 deletions.
diff --git a/.github/workflows/pre-post-release.yml b/.github/workflows/pre-post-release.yml
@@ -53,24 +53,16 @@ jobs:
       - validate-tag
     permissions:
       contents: write
+    env:
+      GITHUB_TOKEN: ${{ secrets.RELEASE_GITHUB_TOKEN }}
     steps:
-      - uses: elastic/apm-pipeline-library/.github/actions/github-token@current
-        with:
-          url: ${{ secrets.VAULT_ADDR }}
-          roleId: ${{ secrets.VAULT_ROLE_ID }}
-          secretId: ${{ secrets.VAULT_SECRET_ID }}
-
-      - uses: elastic/apm-pipeline-library/.github/actions/setup-git@current
-        with:
-          username: ${{ env.GIT_USER }}
-          email: ${{ env.GIT_EMAIL }}
-          token: ${{ env.GITHUB_TOKEN }}
-
       - uses: actions/checkout@v4
         with:
           ref: ${{ inputs.ref }}
           token: ${{ env.GITHUB_TOKEN }}
 
+      - uses: elastic/oblt-actions/git/setup@v1
+
       - name: Create the release tag (post phase)
         if: inputs.phase == 'post'
         run: |
@@ -100,3 +92,5 @@ jobs:
 
       - name: Create the ${{ inputs.phase }} release PR
         run: gh pr create --title="${{ inputs.pr_title }}" --base main --head ${{ env.BRANCH_NAME }} -b "${{ inputs.pr_body }}"
+        env:
+          GH_TOKEN: ${{ env.GITHUB_TOKEN }}