Replace tibdex/github-app-token with actions/create-github-app-token

[Copilot]

Replace tibdex/github-app-token with actions/create-github-app-token

This PR addresses issue #10061 by replacing the archived tibdex/github-app-token action with actions/create-github-app-token.

Completed:

• Located all instances of tibdex/github-app-token in the repository
• Found 1 occurrence in .github/workflows/serverless-project.yml
• Verified no custom actions use the deprecated action
• Analyzed the current configuration format
• Replaced tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a with actions/create-github-app-token@v2
• Converted configuration format:
  • Changed app_id to app-id
  • Changed private_key to private-key
  • Converted permissions from JSON object to individual permission fields:
    • permission-checks: read
    • permission-contents: write
    • permission-pull-requests: write
  • Converted repositories from JSON array ["observability-test-environments"] to YAML list format
• Validated YAML syntax is correct
• Verified downstream token usage remains compatible (${{ steps.get_token.outputs.token }})

Files modified:

• .github/workflows/serverless-project.yml - Updated GitHub App token generation step

Validation performed:

• ✅ YAML syntax validation passed
• ✅ Verified no more instances of tibdex/github-app-token remain
• ✅ Confirmed output token name compatibility with downstream steps
• ✅ All permission mappings correctly converted

The replacement follows the exact pattern provided in the issue description and maintains full functionality while using the supported actions/create-github-app-token action.

Fixes #10061.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[Copilot]

@v1v 👋 This repository doesn't have Copilot instructions. With Copilot instructions, I can understand the repository better, work faster and produce higher quality PRs.

I can generate a .github/copilot-instructions.md file for you automatically. Click here to open a pre-filled issue and assign it to me. I'll write the instructions, and then tag you for review.

[mergify]

This pull request does not have a backport label. Could you fix it @copilot? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

• backport-./d./d is the label that automatically backports to the 8./d branch. /d is the digit
• backport-active-all is the label that automatically backports to all active branches.
• backport-active-8 is the label that automatically backports to all active minor branches for the 8 major.
• backport-active-9 is the label that automatically backports to all active minor branches for the 9 major.

[fr4nc1sc0-r4m0n]

LGTM

[pierrehilbert]

@v1v What should we do with that PR?

[v1v]

buildkite test this

[swiatekm]

This should be pinned to a specific commit as well.

[v1v]

we follow https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#using-third-party-actions for the majority of the third-party actions, in this case, we don't do that, it's coming from actions and we trust those actions.

[v1v]

buildkite test this

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: f62ebe9

History

• 💛 Build #31649 was flaky 0594117

cc @v1v @Copilot