Skip to content

chore: enable self-mutation on fork PRs and use GithubCredentials API #1056

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mrgrain merged 2 commits into from
Jan 23, 2026
Merged

chore: enable self-mutation on fork PRs and use GithubCredentials API #1056

mrgrain merged 2 commits into from
Jan 23, 2026

Conversation

@mrgrain
Copy link
Contributor

@mrgrain mrgrain commented Jan 22, 2026

This PR improves the CI automation workflows by using projen's GithubCredentials API and enabling self-mutation on fork PRs.

The existing self-mutation job in the build workflow only worked for PRs from the same repository. Fork PRs would fail the build if projen-generated files were outdated, with no way to automatically fix them. This change introduces a separate self-mutation workflow that triggers on build completion and can apply patches to fork PRs as well.

Additionally, this migrates all workflow token handling to use projen's GithubCredentials API instead of raw secret references. This provides a consistent way to configure authentication across workflows and enables the use of GitHub environments for secret access control.

Key changes:

  • Add SelfMutationOnForks projen component that creates a dedicated self-mutation workflow
  • Use GithubCredentials.fromPersonalAccessToken() with the automation environment
  • Refactor GitHubToken utility from enum to class using GithubCredentials
  • Update issue-labeler and pr-labeler to use the new credentials API
  • Upgrade projen to 0.99.7 for the GithubCredentials API improvements

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@aws-cdk-automation aws-cdk-automation requested a review from a team January 22, 2026 17:33
@github-actions github-actions bot added the p2 label Jan 22, 2026
@codecov-commenter
Copy link

codecov-commenter commented Jan 22, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 87.69%. Comparing base (1bdbaca) to head (f75a897).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1056      +/-   ##
==========================================
- Coverage   87.70%   87.69%   -0.01%     
==========================================
  Files          72       72              
  Lines       10095    10095              
  Branches     1332     1332              
==========================================
- Hits         8854     8853       -1     
- Misses       1216     1217       +1     
  Partials       25       25
Flag Coverage Δ
suite.unit 87.69% <ø> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@mrgrain mrgrain changed the title chore(ci): enable self-mutation on fork PRs and use GithubCredentials API chore: enable self-mutation on fork PRs and use GithubCredentials API Jan 22, 2026
@mrgrain mrgrain added the pr/exempt-integ-test Skips the integ test steps if set. label Jan 22, 2026
@mrgrain mrgrain closed this Jan 22, 2026
auto-merge was automatically disabled January 22, 2026 17:58

Pull request was closed

@mrgrain mrgrain reopened this Jan 22, 2026
@mrgrain mrgrain added this pull request to the merge queue Jan 23, 2026
Merged via the queue into main with commit e966a35 Jan 23, 2026
36 of 38 checks passed
@mrgrain mrgrain deleted the mrgrain/chore/ci/automation-env branch January 23, 2026 14:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rix0rrr rix0rrr rix0rrr approved these changes

Assignees

No one assigned

Labels

p2 pr/exempt-integ-test Skips the integ test steps if set.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mrgrain @codecov-commenter @rix0rrr