From 3f6f65c99e3a92d3f6f6cdc7f7798c395db3bf43 Mon Sep 17 00:00:00 2001
From: Remco Vermeulen <rvermeulen@users.noreply.github.com>
Date: Tue, 9 Apr 2024 16:14:26 -0700
Subject: [PATCH 1/2] Use GitApp token to create PR to bump version

If we use the workflow token to create a PR, the PR will be created but
the checks won't run to prevent infinite loops.
---
 .github/workflows/finalize-release.yml | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/finalize-release.yml b/.github/workflows/finalize-release.yml
index 56b150a702..d3f511caba 100644
--- a/.github/workflows/finalize-release.yml
+++ b/.github/workflows/finalize-release.yml
@@ -99,10 +99,21 @@ jobs:
           next_version=$(python scripts/release/next-version.py --component minor --pre-release dev -- $version)
           echo "NEXT_VERSION=$next_version" >> "$GITHUB_ENV"
         working-directory: tooling 
+      
+      - name: Generate token
+        if: env.HOTFIX_RELEASE == 'false'
+        id: generate-token
+        uses: actions/create-github-app-token@eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e
+        with:
+          app-id: ${{ vars.AUTOMATION_APP_ID }}
+          private-key: ${{ secrets.AUTOMATION_PRIVATE_KEY }}
+          owner: ${{ github.repository_owner }}
+          repositories: "codeql-coding-standards"
 
       - name: Bump main version
+        if: env.HOTFIX_RELEASE == 'false'
         env:
-          GH_TOKEN: ${{ github.token }}
+          GH_TOKEN: ${{ steps.generate-token.outputs.token }}
         run: |
           echo "Bumping main version to $NEXT_VERSION"
 

From ca2f3939b29eb1e5ed51daa799a8344abee35617 Mon Sep 17 00:00:00 2001
From: Remco Vermeulen <rvermeulen@users.noreply.github.com>
Date: Tue, 9 Apr 2024 16:16:05 -0700
Subject: [PATCH 2/2] Remove deprecated workflow

---
 .github/workflows/bump-version.yml | 33 ------------------------------
 1 file changed, 33 deletions(-)
 delete mode 100644 .github/workflows/bump-version.yml

diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml
deleted file mode 100644
index 712dbfe283..0000000000
--- a/.github/workflows/bump-version.yml
+++ /dev/null
@@ -1,33 +0,0 @@
-name: 📦 Bump Workflow
-
-on:
-  workflow_dispatch:
-    inputs:
-      new_version:
-        description: |
-          The version to update to (eg: 2.6.0 or 2.6.0-dev do not include `v`).
-        required: true 
-jobs:
-
-  apply-version-bump:
-    runs-on: ubuntu-22.04
-    name: Apply Version Bump
-    steps:
-        - name: Checkout 
-          uses: actions/checkout@v2
-
-        - name: Apply Bump
-          shell: bash
-          env:
-            NEW_VERSION: ${{ inputs.new_version }}
-          run: |
-            bash ./scripts/release/bump-version.sh "$NEW_VERSION"
-
-        - name: Create Pull Request
-          uses: peter-evans/create-pull-request@v4
-          with: 
-            title: "Release Engineering: Version bump to ${{ github.event.inputs.new_version }}."
-            body: "This PR updates codeql-coding-standards to version ${{ github.event.inputs.new_version }}."
-            commit-message: "Version bump to ${{ github.event.inputs.new_version }}."
-            delete-branch: true
-            branch: "automation/version-bump-${{ github.event.inputs.new_version }}"