From 5d95a32417450dbcc2de75a36f22c1ec58442a9f Mon Sep 17 00:00:00 2001 From: Tyler Erickson <92862+tylere@users.noreply.github.com> Date: Wed, 1 Jul 2026 14:33:26 -0700 Subject: [PATCH 1/4] ci: auto-add issues and PRs to org project #2 Add a workflow that adds newly opened/reopened issues and PRs to org Project #2, plus a workflow_dispatch job to backfill existing open items. Uses the dedicated Source Project Bot GitHub App token. Co-Authored-By: Claude Opus 4.8 (1M context) --- .github/workflows/add-to-project.yml | 58 ++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 .github/workflows/add-to-project.yml diff --git a/.github/workflows/add-to-project.yml b/.github/workflows/add-to-project.yml new file mode 100644 index 00000000..d6e6a7a0 --- /dev/null +++ b/.github/workflows/add-to-project.yml @@ -0,0 +1,58 @@ +name: Add to project + +on: + issues: + types: [opened, reopened, transferred] + pull_request_target: + types: [opened, reopened, ready_for_review] + workflow_dispatch: # on-demand backfill of all open issues & PRs + +permissions: {} # all writes go through the App token, not GITHUB_TOKEN + +concurrency: + group: add-to-project-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }} + cancel-in-progress: false + +jobs: + add-single: + if: github.event_name != 'workflow_dispatch' + name: Add opened issue/PR to project + runs-on: ubuntu-latest + steps: + - uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 + id: app-token + with: + app-id: ${{ vars.SC_PROJECT_BOT_ID }} + private-key: ${{ secrets.SC_PROJECT_BOT_PRIVATE_KEY }} + - uses: actions/add-to-project@5afcf98fcd03f1c2f92c3c83f58ae24323cc57fd # v2.0.0 + with: + project-url: https://github.com/orgs/source-cooperative/projects/2 + github-token: ${{ steps.app-token.outputs.token }} + + backfill: + if: github.event_name == 'workflow_dispatch' + name: Backfill open issues & PRs + runs-on: ubuntu-latest + steps: + - uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 + id: app-token + with: + app-id: ${{ vars.SC_PROJECT_BOT_ID }} + private-key: ${{ secrets.SC_PROJECT_BOT_PRIVATE_KEY }} + - name: Add all open issues and PRs to project + env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} + REPO: ${{ github.repository }} + run: | + set -euo pipefail + PROJECT_ID=$(gh api graphql -f query='query{organization(login:"source-cooperative"){projectV2(number:2){id}}}' -q '.data.organization.projectV2.id') + { + gh issue list --repo "$REPO" --state open --limit 500 --json id -q '.[].id' + gh pr list --repo "$REPO" --state open --limit 500 --json id -q '.[].id' + } | sort -u > ids.txt + echo "Backfilling $(wc -l < ids.txt) items into project $PROJECT_ID" + while read -r CID; do + [ -z "$CID" ] && continue + gh api graphql -f query='mutation($p:ID!,$c:ID!){addProjectV2ItemById(input:{projectId:$p,contentId:$c}){item{id}}}' -f p="$PROJECT_ID" -f c="$CID" >/dev/null + echo "added $CID" + done < ids.txt From 0b234dbcfbf933c9428edbde5ae684c8161112be Mon Sep 17 00:00:00 2001 From: Tyler Erickson <92862+tylere@users.noreply.github.com> Date: Wed, 1 Jul 2026 16:06:47 -0700 Subject: [PATCH 2/4] ci: bump create-github-app-token to v3.2.0 (Node 24) Co-Authored-By: Claude Opus 4.8 (1M context) --- .github/workflows/add-to-project.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/add-to-project.yml b/.github/workflows/add-to-project.yml index d6e6a7a0..d4907188 100644 --- a/.github/workflows/add-to-project.yml +++ b/.github/workflows/add-to-project.yml @@ -19,7 +19,7 @@ jobs: name: Add opened issue/PR to project runs-on: ubuntu-latest steps: - - uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 + - uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 id: app-token with: app-id: ${{ vars.SC_PROJECT_BOT_ID }} @@ -34,7 +34,7 @@ jobs: name: Backfill open issues & PRs runs-on: ubuntu-latest steps: - - uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 + - uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 id: app-token with: app-id: ${{ vars.SC_PROJECT_BOT_ID }} From 9f5662fac1c9f7e5288b84187730ef93955e7526 Mon Sep 17 00:00:00 2001 From: Tyler Erickson <92862+tylere@users.noreply.github.com> Date: Wed, 1 Jul 2026 16:11:00 -0700 Subject: [PATCH 3/4] ci: use client-id instead of deprecated app-id for app token Co-Authored-By: Claude Opus 4.8 (1M context) --- .github/workflows/add-to-project.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/add-to-project.yml b/.github/workflows/add-to-project.yml index d4907188..1262d098 100644 --- a/.github/workflows/add-to-project.yml +++ b/.github/workflows/add-to-project.yml @@ -22,7 +22,7 @@ jobs: - uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 id: app-token with: - app-id: ${{ vars.SC_PROJECT_BOT_ID }} + client-id: ${{ vars.SC_PROJECT_BOT_CLIENT_ID }} private-key: ${{ secrets.SC_PROJECT_BOT_PRIVATE_KEY }} - uses: actions/add-to-project@5afcf98fcd03f1c2f92c3c83f58ae24323cc57fd # v2.0.0 with: @@ -37,7 +37,7 @@ jobs: - uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 id: app-token with: - app-id: ${{ vars.SC_PROJECT_BOT_ID }} + client-id: ${{ vars.SC_PROJECT_BOT_CLIENT_ID }} private-key: ${{ secrets.SC_PROJECT_BOT_PRIVATE_KEY }} - name: Add all open issues and PRs to project env: From 78cc64590174ff8ef77978bbc87bf0bc11fa1e1b Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 1 Jul 2026 23:31:49 +0000 Subject: [PATCH 4/4] fix: use github token for PR title validation --- .github/workflows/conventional-commits.yaml | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/.github/workflows/conventional-commits.yaml b/.github/workflows/conventional-commits.yaml index ad666cf1..e21fe11a 100644 --- a/.github/workflows/conventional-commits.yaml +++ b/.github/workflows/conventional-commits.yaml @@ -8,14 +8,8 @@ jobs: validate-pr-title: runs-on: ubuntu-latest steps: - - uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0 - id: app-token - with: - app-id: ${{ vars.SC_RELEASE_BOT_ID }} - private-key: ${{ secrets.SC_RELEASE_BOT_PRIVATE_KEY }} - - name: PR Conventional Commit Validation uses: ytanikin/pr-conventional-commits@1.4.0 with: task_types: '["feat","fix","docs","test","ci","refactor","perf","chore","revert"]' - token: ${{ steps.app-token.outputs.token }} + token: ${{ github.token }}