updating app to use cli-robot-pat

.github/actions/create-pull-request/action.yml

@@ -15,11 +15,8 @@ inputs:
     description: 'The branch to merge into.'
     required: true
     default: 'main'
-  app-id:
-    description: 'The ID of the GitHub App.'
-    required: true
-  private-key:
-    description: 'The private key of the GitHub App.'
+  github-token:
+    description: 'The GitHub token to use for creating the pull request.'
     required: true
   dry-run:
     description: 'Whether to run in dry-run mode.'
@@ -29,20 +26,10 @@ inputs:
 runs:
   using: 'composite'
   steps:
-    - name: 'Generate GitHub App Token'
-      id: 'generate_token'
-      if: "inputs.dry-run == 'false'"
-      uses: 'actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b'
-      with:
-        app-id: '${{ inputs.app-id }}'
-        private-key: '${{ inputs.private-key }}'
-        permission-pull-requests: 'write'
-        permission-contents: 'write'
-
     - name: 'Create and Approve Pull Request'
       if: "inputs.dry-run == 'false'"
       env:
-        GH_TOKEN: '${{ steps.generate_token.outputs.token }}'
+        GH_TOKEN: '${{ inputs.github-token }}'
       shell: 'bash'
       run: |
         set -e

.github/workflows/release-nightly.yml

@@ -80,8 +80,7 @@ jobs:
           branch-name: 'release/${{ steps.nightly_version.outputs.RELEASE_TAG }}'
           pr-title: 'chore(release): bump version to ${{ steps.nightly_version.outputs.RELEASE_VERSION }}'
           pr-body: 'Automated version bump for nightly release.'
-          app-id: '${{ secrets.APP_ID }}'
-          private-key: '${{ secrets.PRIVATE_KEY }}'
+          github-token: '${{ secrets.GEMINI_CLI_ROBOT_GITHUB_PAT }}'
           dry-run: '${{ github.event.inputs.dry_run }}'
 
       - name: 'Create Issue on Failure'

.github/workflows/release-patch-1-create-pr.yml

@@ -52,14 +52,6 @@ jobs:
       - name: 'Install Script Dependencies'
         run: 'npm install yargs'
 
-      - name: 'Generate GitHub App Token'
-        id: 'generate_token'
-        uses: 'actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b'
-        with:
-          app-id: '${{ secrets.APP_ID }}'
-          private-key: '${{ secrets.PRIVATE_KEY }}'
-          permission-pull-requests: 'write'
-          permission-contents: 'write'
 
       - name: 'Configure Git User'
         run: |-
@@ -72,7 +64,7 @@ jobs:
         id: 'create_patch'
         env:
           GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
-          GH_TOKEN: '${{ steps.generate_token.outputs.token }}'
+          GEMINI_CLI_ROBOT_GITHUB_PAT: '${{ secrets.GEMINI_CLI_ROBOT_GITHUB_PAT }}'
         continue-on-error: true
         run: |
           # Capture output and display it in logs using tee

.github/workflows/release-promote.yml

@@ -320,8 +320,7 @@ jobs:
           branch-name: '${{ steps.release_branch.outputs.BRANCH_NAME }}'
           pr-title: 'chore(release): bump version to ${{ needs.calculate-versions.outputs.NEXT_NIGHTLY_VERSION }}'
           pr-body: 'Automated version bump to prepare for the next nightly release.'
-          app-id: '${{ secrets.APP_ID }}'
-          private-key: '${{ secrets.PRIVATE_KEY }}'
+          github-token: '${{ secrets.GEMINI_CLI_ROBOT_GITHUB_PAT }}'
           dry-run: '${{ github.event.inputs.dry_run }}'
 
       - name: 'Create Issue on Failure'

scripts/releasing/create-patch-pr.js

@@ -214,7 +214,9 @@ The commit has been created with conflict markers for easier manual resolution.
   }
 
   const prCommand = `gh pr create --base ${releaseBranch} --head ${hotfixBranch} --title "${prTitle}" --body "${prBody}"`;
-  run(prCommand, dryRun);
+  run(prCommand, dryRun, {
+    env: { GH_TOKEN: process.env.GEMINI_CLI_ROBOT_GITHUB_PAT },
+  });
 
   if (hasConflicts) {
     console.log(