fix: update workflows to use GITHUB_TOKEN instead of CHARON_TOKEN for improved compatibility

2025-12-14 00:11:06 +00:00
parent 34dc485387
commit 7ab2ce2617
10 changed files with 31 additions and 31 deletions
--- a/.github/workflows/auto-changelog.yml
+++ b/.github/workflows/auto-changelog.yml
@@ -14,4 +14,4 @@ jobs:
      - name: Draft Release
        uses: release-drafter/release-drafter@b1476f6e6eb133afa41ed8589daba6dc69b4d3f5 # v6
        env:
-          CHARON_TOKEN: ${{ secrets.CHARON_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/auto-versioning.yml
+++ b/.github/workflows/auto-versioning.yml
@@ -68,7 +68,7 @@ jobs:
          # Export the tag for downstream steps
          echo "tag=${TAG}" >> $GITHUB_OUTPUT
        env:
-          CHARON_TOKEN: ${{ secrets.CHARON_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

      - name: Determine tag
        id: determine_tag
@@ -89,14 +89,14 @@ jobs:
        run: |
          TAG=${{ steps.determine_tag.outputs.tag }}
          echo "Checking for release for tag: ${TAG}"
-          STATUS=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: token ${CHARON_TOKEN}" -H "Accept: application/vnd.github+json" "https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/tags/${TAG}") || true
+          STATUS=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: token ${GITHUB_TOKEN}" -H "Accept: application/vnd.github+json" "https://api.github.com/repos/${GITHUB_REPOSITORY}/releases/tags/${TAG}") || true
          if [ "${STATUS}" = "200" ]; then
            echo "exists=true" >> $GITHUB_OUTPUT
          else
            echo "exists=false" >> $GITHUB_OUTPUT
          fi
        env:
-          CHARON_TOKEN: ${{ secrets.CHARON_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

      - name: Create GitHub Release (tag-only, no workspace changes)
        if: ${{ steps.semver.outputs.changed == 'true' && steps.check_release.outputs.exists == 'false' }}
--- a/.github/workflows/propagate-changes.yml
+++ b/.github/workflows/propagate-changes.yml
@@ -157,5 +157,5 @@ jobs:
              }
            }
        env:
-          CHARON_TOKEN: ${{ secrets.CHARON_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          CPMP_TOKEN: ${{ secrets.CPMP_TOKEN }}
--- a/.github/workflows/release-goreleaser.yml
+++ b/.github/workflows/release-goreleaser.yml
@@ -13,10 +13,10 @@ jobs:
  goreleaser:
    runs-on: ubuntu-latest
    env:
-      # Use the built-in CHARON_TOKEN by default for GitHub API operations.
-      # If you need to provide a PAT with elevated permissions, add a CHARON_TOKEN secret
+      # Use the built-in GITHUB_TOKEN by default for GitHub API operations.
+      # If you need to provide a PAT with elevated permissions, add a GITHUB_TOKEN secret
      # at the repo or organization level and update the env here accordingly.
-      CHARON_TOKEN: ${{ secrets.CHARON_TOKEN }}
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    steps:
      - name: Checkout
        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
@@ -47,7 +47,7 @@ jobs:
        with:
          version: 0.13.0

-      # CHARON_TOKEN is set from CHARON_TOKEN or CPMP_TOKEN (fallback), defaulting to GITHUB_TOKEN
+      # GITHUB_TOKEN is set from GITHUB_TOKEN or CPMP_TOKEN (fallback), defaulting to GITHUB_TOKEN


      - name: Run GoReleaser
--- a/.github/workflows/renovate.yml
+++ b/.github/workflows/renovate.yml
@@ -20,10 +20,10 @@ jobs:
          fetch-depth: 1
      - name: Choose Renovate Token
        run: |
-          # Prefer explicit tokens (CHARON_TOKEN > CPMP_TOKEN) if provided; otherwise use the default GITHUB_TOKEN
-          if [ -n "${{ secrets.CHARON_TOKEN }}" ]; then
-            echo "Using CHARON_TOKEN" >&2
-            echo "GITHUB_TOKEN=${{ secrets.CHARON_TOKEN }}" >> $GITHUB_ENV
+          # Prefer explicit tokens (GITHUB_TOKEN > CPMP_TOKEN) if provided; otherwise use the default GITHUB_TOKEN
+          if [ -n "${{ secrets.GITHUB_TOKEN }}" ]; then
+            echo "Using GITHUB_TOKEN" >&2
+            echo "GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" >> $GITHUB_ENV
          else
            echo "Using default GITHUB_TOKEN from Actions" >&2
            echo "GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" >> $GITHUB_ENV
@@ -32,7 +32,7 @@ jobs:
      - name: Fail-fast if token not set
        run: |
          if [ -z "${{ env.GITHUB_TOKEN }}" ]; then
-            echo "ERROR: No Renovate token provided. Set CHARON_TOKEN, CPMP_TOKEN, or rely on default GITHUB_TOKEN." >&2
+            echo "ERROR: No Renovate token provided. Set GITHUB_TOKEN, CPMP_TOKEN, or rely on default GITHUB_TOKEN." >&2
            exit 1
          fi

--- a/.github/workflows/renovate_prune.yml
+++ b/.github/workflows/renovate_prune.yml
@@ -24,17 +24,17 @@ jobs:
    steps:
      - name: Choose GitHub Token
        run: |
-          if [ -n "${{ secrets.CHARON_TOKEN }}" ]; then
-            echo "Using CHARON_TOKEN" >&2
-            echo "CHARON_TOKEN=${{ secrets.CHARON_TOKEN }}" >> $GITHUB_ENV
+          if [ -n "${{ secrets.GITHUB_TOKEN }}" ]; then
+            echo "Using GITHUB_TOKEN" >&2
+            echo "GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" >> $GITHUB_ENV
          else
            echo "Using CPMP_TOKEN fallback" >&2
-            echo "CHARON_TOKEN=${{ secrets.CPMP_TOKEN }}" >> $GITHUB_ENV
+            echo "GITHUB_TOKEN=${{ secrets.CPMP_TOKEN }}" >> $GITHUB_ENV
          fi
      - name: Prune renovate branches
        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
        with:
-          github-token: ${{ env.CHARON_TOKEN }}
+          github-token: ${{ env.GITHUB_TOKEN }}
          script: |
            const owner = context.repo.owner;
            const repo = context.repo.repo;