Skip to content

ci: [SDK-4484] use GH_PUSH_TOKEN for project workflow#179

Merged
fadi-george merged 1 commit into
mainfrom
fadi/sdk-4484
May 7, 2026
Merged

ci: [SDK-4484] use GH_PUSH_TOKEN for project workflow#179
fadi-george merged 1 commit into
mainfrom
fadi/sdk-4484

Conversation

@fadi-george

@fadi-george fadi-george commented May 7, 2026

Copy link
Copy Markdown
Contributor

Description

One Line Summary

Switch the project automation workflow to authenticate with GH_PUSH_TOKEN instead of GH_PROJECTS_TOKEN.

Details

Motivation

The GH_PROJECTS_TOKEN secret is being retired in favor of the GH_PUSH_TOKEN org secret used across the SDK repos for adding issues/PRs to the SDK Cross-Platform Project board. This keeps the .NET SDK aligned with the other SDK repos.

Scope

Only affects .github/workflows/project.yml. No SDK source code, public API, or runtime behavior is changed.

Testing

Manual testing

Will be verified post-merge by opening an issue and confirming the workflow run successfully adds it to the SDK Cross-Platform Project board.

Affected code checklist

  • Notifications
    • Display
    • Open
    • Push Processing
    • Confirm Deliveries
  • Outcomes
  • Sessions
  • In-App Messaging
  • REST API requests
  • Public API changes

Checklist

Overview

  • I have filled out all REQUIRED sections above
  • PR does one thing
  • Any Public API changes are explained in the PR details and conform to existing APIs

Testing

  • I have included test coverage for these changes, or explained why they are not needed (CI-only change)
  • All automated tests pass, or I explained why that is not possible
  • I have personally tested this on my device, or explained why that is not possible (workflow change, validated post-merge)

Final pass

  • Code is as readable as possible.
  • I have reviewed this PR myself, ensuring it meets each checklist item

Made with Cursor

@fadi-george fadi-george requested a review from a team as a code owner May 7, 2026 01:02
claude[bot]
claude Bot reviewed May 7, 2026
View reviewed changes

@claude claude Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM — single-line CI token swap aligning with the org-wide secret rotation.

Extended reasoning...

Overview

The PR changes a single line in .github/workflows/project.yml, swapping the secret name used to authenticate the actions/add-to-project@v1.0.2 step from GH_PROJECTS_TOKEN to GH_PUSH_TOKEN. No SDK source, public API, or runtime behavior is touched.

Security risks

None of substance. Both values are GitHub Actions secrets resolved at runtime; the PR does not expose, log, or print the token. The new secret is the org-standard token already used by sibling SDK repos for the same workflow, so the change reduces token sprawl rather than introducing new exposure.

Level of scrutiny

Low. This is a mechanical CI configuration change with a clearly stated motivation (retirement of GH_PROJECTS_TOKEN), trivially reversible by reverting one line. Verification is appropriately deferred to post-merge by opening an issue and confirming the project board automation still works.

Other factors

No prior reviews on the timeline, no bugs reported by the bug hunting system, and the change matches the description exactly. Safe to shadow-approve.

@fadi-george fadi-george merged commit ac501d7 into main May 7, 2026
6 checks passed
@fadi-george fadi-george deleted the fadi/sdk-4484 branch May 7, 2026 17:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@claude claude[bot] claude[bot] left review comments

@abdulraqeeb33 abdulraqeeb33 abdulraqeeb33 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@fadi-george @abdulraqeeb33