From 30aa8c02ab6c94b7a1c33cd7197ee2695d6d98b3 Mon Sep 17 00:00:00 2001 From: Nikolai Emil Damm Date: Wed, 27 May 2026 13:17:33 +0200 Subject: [PATCH] fix(ci): create skills-sync PR with an App token so required CI runs The daily "Update Copilot Skills" workflow opens its PR with the default GITHUB_TOKEN, so the caller's required on: pull_request checks never trigger and the PR (e.g. #1590) lands permanently blocked on missing required checks. Adopt the reusable workflow's use-app-token: true (supported since v4.0.1, the SHA already pinned here) with the org APP_PRIVATE_KEY secret, mirroring the fix already shipped for the plugins repo. Also correct the stale pin comment (the SHA resolves to v4.0.1, not v1.39.0+). Co-Authored-By: Claude Opus 4.7 (1M context) --- .github/workflows/update-skills.yaml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-skills.yaml b/.github/workflows/update-skills.yaml index fdc65a4ed..2dfd8581e 100644 --- a/.github/workflows/update-skills.yaml +++ b/.github/workflows/update-skills.yaml @@ -15,6 +15,12 @@ jobs: permissions: contents: write pull-requests: write - uses: devantler-tech/reusable-workflows/.github/workflows/update-copilot-skills.yaml@e173ff69586caa379a77782b947f1b47166f922e # v1.39.0+ (post skills-lock refactor) + uses: devantler-tech/reusable-workflows/.github/workflows/update-copilot-skills.yaml@e173ff69586caa379a77782b947f1b47166f922e # v4.0.1 with: dir: .agents/skills + # Create the update PR with a GitHub App token so it triggers this + # repo's required CI (a PR opened with GITHUB_TOKEN does not), instead + # of landing permanently blocked on missing required checks. + use-app-token: true + secrets: + APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }}