ci(ci/cd): Change CI Token Logic

.github/workflows/deploy-main-stage.yml

@@ -9,6 +9,7 @@ env:
   VERSION: ${{ github.sha }}
   CI: CI
   NATIVE_IMAGE_ENABLED: enabled
+  CI_GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }}
 
 permissions:
   packages: write
@@ -24,6 +25,12 @@ jobs:
       contents: read
       security-events: write
     steps:
+      - name: 🔍 CI_GITHUB_TOKEN
+        if: env.CI_GITHUB_TOKEN == ''
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: echo "CI_GITHUB_TOKEN=${GITHUB_TOKEN}" >> $GITHUB_ENV
+
       - name: Checkout source code
         uses: actions/checkout@v4
 
@@ -89,7 +96,7 @@ jobs:
         uses: trstringer/manual-approval@v1
         timeout-minutes: 60
         with:
-          secret: ${{ secrets.GITHUB_TOKEN }}
+          secret: ${{ env.CI_GITHUB_TOKEN }}
           minimum-approvals: 1
           approvers: ${{ github.repository_owner }}
           issue-title: '🚀 Deploying ${{ steps.get_data.outputs.version }} to production'
@@ -106,7 +113,7 @@ jobs:
       - name: Checkout source code
         uses: actions/checkout@v4
         with:
-          token: ${{ secrets.CI_GITHUB_TOKEN }}
+          token: ${{ env.CI_GITHUB_TOKEN }}
 
       - name: Set up JDK
         uses: actions/setup-java@v4
@@ -169,7 +176,7 @@ jobs:
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+          password: ${{ env.CI_GITHUB_TOKEN }}
       - name: Publish container image
         run: docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
       - name: Publish container image (latest)

.github/workflows/dev-commit-stage.yml

@@ -11,6 +11,7 @@ env:
   VERSION: ${{ github.sha }}
   CI: CI
   NATIVE_IMAGE_ENABLED: enabled
+  CI_GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }}
 
 permissions:
   packages: write
@@ -26,6 +27,12 @@ jobs:
       contents: read
       security-events: write
     steps:
+      - name: 🔍 CI_GITHUB_TOKEN
+        if: env.CI_GITHUB_TOKEN == ''
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: echo "CI_GITHUB_TOKEN=${GITHUB_TOKEN}" >> $GITHUB_ENV
+
       - name: Checkout source code
         uses: actions/checkout@v4
 
@@ -97,7 +104,7 @@ jobs:
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+          password: ${{ env.CI_GITHUB_TOKEN }}
       - name: Publish container image
         run: docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
       - name: Publish container image (latest)

.github/workflows/pre-release-stage.yml

@@ -9,6 +9,7 @@ env:
   VERSION: ${{ github.sha }}
   CI: CI
   NATIVE_IMAGE_ENABLED: enabled
+  CI_GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }}
 
 permissions:
   packages: write
@@ -24,6 +25,12 @@ jobs:
       contents: read
       security-events: write
     steps:
+      - name: 🔍 CI_GITHUB_TOKEN
+        if: env.CI_GITHUB_TOKEN == ''
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: echo "CI_GITHUB_TOKEN=${GITHUB_TOKEN}" >> $GITHUB_ENV
+
       - name: Checkout source code
         uses: actions/checkout@v4
 
@@ -83,7 +90,7 @@ jobs:
       - name: Checkout source code
         uses: actions/checkout@v4
         with:
-          token: ${{ secrets.CI_GITHUB_TOKEN }}
+          token: ${{ env.CI_GITHUB_TOKEN }}
 
       - name: Set up JDK
         uses: actions/setup-java@v4
@@ -105,4 +112,4 @@ jobs:
           npm ci
           npx semantic-release
         env:
-          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+          GITHUB_TOKEN: ${{ env.CI_GITHUB_TOKEN }}