fix: Improve token selection logic in Renovate workflow for better clarity and error handling

2025-12-08 06:42:14 +00:00
parent 94c1c7884a
commit dbf6b2ff14
1 changed files with 12 additions and 1 deletions
--- a/.github/workflows/renovate.yml
+++ b/.github/workflows/renovate.yml
@@ -20,12 +20,23 @@ jobs:
          fetch-depth: 1
      - name: Choose Renovate Token
        run: |
+          # Prefer explicit tokens (CHARON_TOKEN > CPMP_TOKEN) if provided; otherwise use the default GITHUB_TOKEN
          if [ -n "${{ secrets.CHARON_TOKEN }}" ]; then
            echo "Using CHARON_TOKEN" >&2
            echo "GITHUB_TOKEN=${{ secrets.CHARON_TOKEN }}" >> $GITHUB_ENV
-          else
+          elif [ -n "${{ secrets.CPMP_TOKEN }}" ]; then
            echo "Using CPMP_TOKEN fallback" >&2
            echo "GITHUB_TOKEN=${{ secrets.CPMP_TOKEN }}" >> $GITHUB_ENV
+          else
+            echo "Using default GITHUB_TOKEN from Actions" >&2
+            echo "GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" >> $GITHUB_ENV
+          fi
+
+      - name: Fail-fast if token not set
+        run: |
+          if [ -z "${{ env.GITHUB_TOKEN }}" ]; then
+            echo "ERROR: No Renovate token provided. Set CHARON_TOKEN, CPMP_TOKEN, or rely on default GITHUB_TOKEN." >&2
+            exit 1
          fi

      - name: Run Renovate