From 2acfd964b95affd355da080ce9ea9bddd776b708 Mon Sep 17 00:00:00 2001
From: Spencer Wilson <spencer.wilson@uwaterloo.ca>
Date: Tue, 30 Jul 2024 13:16:28 -0400
Subject: [PATCH] Fix downstream CI trigger (#1857)

Explicitly use secret variable in GitHub Actions workflow

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>
---
 .github/workflows/commit-to-main.yml | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/commit-to-main.yml b/.github/workflows/commit-to-main.yml
index f36c46b17..7c1daa6f3 100644
--- a/.github/workflows/commit-to-main.yml
+++ b/.github/workflows/commit-to-main.yml
@@ -18,7 +18,7 @@ jobs:
         run: |
           curl --silent \
                --write-out "\n%{response_code}\n" \
-               --user ${BUILD_TRIGGER_TOKEN}: \
+               --user ${{ secrets.BUILD_TRIGGER_TOKEN }}: \
                --request POST \
                --header "Content-Type: application/json" \
                --data '{ "branch": "OQS-OpenSSL_1_1_1-stable", "parameters": { "run_downstream_tests": true } }' \
@@ -28,7 +28,7 @@ jobs:
         run: |
           curl --silent \
                --write-out "\n%{response_code}\n" \
-               --user ${BUILD_TRIGGER_TOKEN}: \
+               --user ${{ secrets.BUILD_TRIGGER_TOKEN }}: \
                --request POST \
                --header "Content-Type: application/json" \
                --data '{ "branch": "master", "parameters": { "run_downstream_tests": true } }' \
@@ -38,7 +38,7 @@ jobs:
         run: |
           curl --silent \
                --write-out "\n%{response_code}\n" \
-               --user ${BUILD_TRIGGER_TOKEN}: \
+               --user ${{ secrets.BUILD_TRIGGER_TOKEN }}: \
                --request POST \
                --header "Content-Type: application/json" \
                --data '{ "branch": "OQS-v8", "parameters": { "run_downstream_tests": true } }' \
@@ -48,7 +48,7 @@ jobs:
         run: |
           curl --silent \
                --write-out "\n%{response_code}\n" \
-               --user ${BUILD_TRIGGER_TOKEN}: \
+               --user ${{ secrets.BUILD_TRIGGER_TOKEN }}: \
                --request POST \
                --header "Content-Type: application/json" \
                --data '{ "branch": "main" }' \
@@ -58,7 +58,7 @@ jobs:
         run: |
           curl --silent \
                --write-out "\n%{response_code}\n" \
-               --user ${BUILD_TRIGGER_TOKEN}: \
+               --user ${{ secrets.BUILD_TRIGGER_TOKEN }}: \
                --request POST \
                --header "Content-Type: application/json" \
                --data '{ "branch": "master" }' \
@@ -68,7 +68,7 @@ jobs:
         run: |
           curl --silent \
                --write-out "\n%{response_code}\n" \
-               --user ${BUILD_TRIGGER_TOKEN}: \
+               --user ${{ secrets.BUILD_TRIGGER_TOKEN }}: \
                --request POST \
                --header "Content-Type: application/json" \
                --data '{ "branch": "master" }' \
@@ -80,7 +80,7 @@ jobs:
                --write-out "\n%{response_code}\n" \
                --request POST \
                --header "Accept: application/vnd.github+json" \
-               --header "Authorization: Bearer $OQSBOT_GITHUB_ACTIONS" \
+               --header "Authorization: Bearer ${{ secrets.OQSBOT_GITHUB_ACTIONS }}" \
                --header "X-GitHub-Api-Version: 2022-11-28" \
                --data '{"event_type":"liboqs-upstream-trigger"}' \
                https://api.github.com/repos/open-quantum-safe/liboqs-python/dispatches | tee curl_out \