From 0c7c875accc73054f6308b88f9cbce4cd509f5cc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Thu, 13 Jan 2022 08:46:19 +0100
Subject: [PATCH] allow to set different github token.

---
 README.md  | 32 ++++++++++++++++++++++++++++++++
 action.yml |  5 +++++
 2 files changed, 37 insertions(+)

diff --git a/README.md b/README.md
index ed01038..7e00323 100644
--- a/README.md
+++ b/README.md
@@ -60,6 +60,38 @@ jobs:
           inputs: input1 input2 input3
 ```
 
+## Example github action tests in created PRs
+
+By default, this action uses an api token provided by github ci to create the
+pull request. By default, Github does not run github actions, i.e. tests, for
+these types of pull requests. However, you can bypass this restriction by
+specifying a personal authentication token (PAT). You can create a token by
+visiting [https://github.com/settings/tokens]() and select at least the scope
+`repo`. Then store this token in your repository secrets (i.e.
+'https://github.com/<USER>/<REPO>/settings/secrets/actions') as
+`GH_TOKEN_FOR_UPDATES`.
+
+```yaml
+name: update-flake-lock
+on:
+  workflow_dispatch: # allows manual triggering
+  schedule:
+    - cron: '0 0 * * 1,4' # Run twice a week
+
+jobs:
+  lockfile:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+      - name: Install Nix
+        uses: cachix/install-nix-action@v16
+      - name: Update flake.lock
+        uses: DeterminateSystems/update-flake-lock@vX
+        with:
+          token: ${{ secrets.GH_TOKEN_FOR_UPDATES }}
+```
+
 ## Running GitHub Actions CI
 
 GitHub Actions will not run workflows when a branch is pushed by or a PR is opened by a GitHub Action. To work around this, try:
diff --git a/action.yml b/action.yml
index 78e3349..ca11224 100644
--- a/action.yml
+++ b/action.yml
@@ -5,6 +5,10 @@ inputs:
     description: 'A space-separated list of inputs to update. Leave empty to update all inputs.'
     required: false
     default: ''
+  token:
+    description: 'GITHUB_TOKEN or a `repo` scoped Personal Access Token (PAT)'
+    required: false
+    default: ${{ github.token }}
 runs:
   using: "composite"
   steps:
@@ -38,6 +42,7 @@ runs:
         branch: update_flake_lock_action
         delete-branch: true
         title: "flake.lock: Update"
+        token: ${{ inputs.token }}
         body: |
           Automated changes by the [update-flake-lock](https://github.com/DeterminateSystems/update-flake-lock) GitHub Action.