ci(secrets): Use GH App instead of PAT CU-86c5y4a84 (#1)

Author: 7onn

.github/workflows/deploy-production.yaml

@@ -28,13 +28,22 @@ jobs:
         steps:
             - name: Checkout repository
               uses: actions/checkout@v4
+            - name: Generate token
+              id: generate-token
+              uses: actions/create-github-app-token@v2
+              with:
+                app-id: ${{ vars.KITTL_CI_APP_ID }}
+                private-key: ${{ secrets.KITTL_CI_APP_PRIVATE_KEY }}
+                owner: ${{ github.repository_owner }}
+                repositories: |
+                  development-applications-config
             - name: Checkout helm config Repository
               uses: actions/checkout@v4
               with:
                   repository: Kittl/development-applications-config
                   ref: main
                   path: helm-config
-                  token: ${{ secrets.GH_PAT }}
+                  token: ${{ steps.generate-token.outputs.token }}
                   persist-credentials: false
             - name: Update Image Version in the related HelmChart values.yaml
               uses: fjogeleit/yaml-update-action@v0.14.0
@@ -46,5 +55,5 @@ jobs:
                   branch: main
                   createPR: false
                   message: 'Update Image Version to ${{ needs.build-docker-image.outputs.image-tag }}'
-                  token: ${{ secrets.GH_PAT }}
+                  token: ${{ steps.generate-token.outputs.token }}
                   workDir: helm-config

.github/workflows/deploy-staging.yaml

@@ -28,13 +28,22 @@ jobs:
         steps:
             - name: Checkout repository
               uses: actions/checkout@v4
+            - name: Generate token
+              id: generate-token
+              uses: actions/create-github-app-token@v2
+              with:
+                app-id: ${{ vars.KITTL_CI_APP_ID }}
+                private-key: ${{ secrets.KITTL_CI_APP_PRIVATE_KEY }}
+                owner: ${{ github.repository_owner }}
+                repositories: |
+                  development-applications-config
             - name: Checkout helm config Repository
               uses: actions/checkout@v4
               with:
                   repository: Kittl/development-applications-config
                   ref: main
                   path: helm-config
-                  token: ${{ secrets.GH_PAT }}
+                  token: ${{ steps.generate-token.outputs.token }}
                   persist-credentials: false
             - name: Update Image Version in the related HelmChart values.yaml
               uses: fjogeleit/yaml-update-action@v0.14.0
@@ -46,5 +55,5 @@ jobs:
                   branch: main
                   createPR: false
                   message: 'Update Image Version to ${{ needs.build-docker-image.outputs.image-tag }}'
-                  token: ${{ secrets.GH_PAT }}
+                  token: ${{ steps.generate-token.outputs.token }}
                   workDir: helm-config