From 2f70197c7bcbe3a704e31cde5c8a07baa423ba59 Mon Sep 17 00:00:00 2001
From: Grant Karapetyan <grant.karapetyan@meshinspector.com>
Date: Tue, 31 Mar 2026 14:26:51 +0300
Subject: [PATCH] Try using gh token for CI

---
 .github/workflows/build-test-distribute.yml | 8 ++------
 .github/workflows/distro-release.yml        | 2 +-
 .github/workflows/release-body-update.yml   | 2 +-
 .github/workflows/unity-nuget-test.yml      | 5 +----
 .github/workflows/versioning-release.yml    | 5 +----
 5 files changed, 6 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/build-test-distribute.yml b/.github/workflows/build-test-distribute.yml
index 234e318a7969..6aeaeefb8fcf 100644
--- a/.github/workflows/build-test-distribute.yml
+++ b/.github/workflows/build-test-distribute.yml
@@ -54,8 +54,6 @@ jobs:
       app_version:       ${{ needs.config.outputs.app_version }}
       release_tag:       ${{ needs.config.outputs.release_tag }}
       upload_artifacts:  ${{ needs.config.outputs.upload_artifacts == 'true' }}
-    secrets:
-      BUILD_MACHINE_TOKEN: ${{ secrets.BUILD_MACHINE_TOKEN }}
 
   windows-build-test:
     if: ${{ needs.config.outputs.build_enable_windows == 'true' }}
@@ -254,7 +252,7 @@ jobs:
           shopt -s nullglob
           PKG_FILES="MeshLibDist*.zip MeshLib*.nupkg meshlib*-dev.deb meshlib*-dev.rpm meshlib*.pkg meshlib_*.zip meshlib_*.tar.xz"
           if [ -n "$(echo $PKG_FILES)" ] ; then
-            echo ${{ secrets.BUILD_MACHINE_TOKEN }} | gh auth login --with-token
+            echo ${{ secrets.GITHUB_TOKEN }} | gh auth login --with-token
             gh release upload ${{ needs.config.outputs.release_tag }} $PKG_FILES --clobber
           fi
 
@@ -268,8 +266,6 @@ jobs:
     uses: ./.github/workflows/unity-nuget-test.yml
     with:
       release_tag: ${{ needs.config.outputs.release_tag }}
-    secrets:
-      BUILD_MACHINE_TOKEN: ${{ secrets.BUILD_MACHINE_TOKEN }}
 
   test-distribution:
     if: ${{ !cancelled() && needs.config.outputs.upload_artifacts == 'true' }}
@@ -282,7 +278,7 @@ jobs:
       test_macos:        ${{ needs.config.outputs.build_enable_macos == 'true' }}
       test_windows:      ${{ needs.config.outputs.build_enable_windows == 'true' && needs.config.outputs.build-release-win == 'true' }}
     secrets:
-      GH_TOKEN: ${{ secrets.BUILD_MACHINE_TOKEN }}
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
   update-dev-documentation:
     # !cancelled() need to ignore general fail previous job, because this job depends on one matrix variant (ubuntu 22),
diff --git a/.github/workflows/distro-release.yml b/.github/workflows/distro-release.yml
index b6aff218ed45..cbd1b95bd957 100644
--- a/.github/workflows/distro-release.yml
+++ b/.github/workflows/distro-release.yml
@@ -97,7 +97,7 @@ jobs:
           shopt -s nullglob
           PKG_FILES="MeshLibDist*.zip meshlib_*.zip meshlib_*.tar.xz"
           if [ -n "$(echo $PKG_FILES)" ] ; then
-            echo ${{ secrets.BUILD_MACHINE_TOKEN }} | gh auth login --with-token
+            echo ${{ secrets.GITHUB_TOKEN }} | gh auth login --with-token
             gh release upload ${{ needs.config.outputs.release_tag }} $PKG_FILES --clobber
           fi
 
diff --git a/.github/workflows/release-body-update.yml b/.github/workflows/release-body-update.yml
index 34b4453ea0cf..ea47889b98ef 100644
--- a/.github/workflows/release-body-update.yml
+++ b/.github/workflows/release-body-update.yml
@@ -22,7 +22,7 @@ jobs:
       - name: Determine latest release tag
         id: latest_release
         run: |
-          echo ${{ secrets.BUILD_MACHINE_TOKEN }} | gh auth login --with-token
+          echo ${{ secrets.GITHUB_TOKEN }} | gh auth login --with-token
           LATEST_RELEASE_TAG=$(gh release list --exclude-drafts --repo ${{ github.repository }} --limit 1 | awk '{print $4}')
           echo "::set-output name=tag::${LATEST_RELEASE_TAG}"
 
diff --git a/.github/workflows/unity-nuget-test.yml b/.github/workflows/unity-nuget-test.yml
index 8eadc25bfb8b..303dacc5c955 100644
--- a/.github/workflows/unity-nuget-test.yml
+++ b/.github/workflows/unity-nuget-test.yml
@@ -11,9 +11,6 @@ on:
       release_tag:
         required: true
         type: string
-    secrets:
-      BUILD_MACHINE_TOKEN:
-        required: true
 
 permissions:
   id-token: write
@@ -70,7 +67,7 @@ jobs:
       - name: Download nuget package
         shell: powershell
         env:
-          GH_TOKEN: ${{ secrets.BUILD_MACHINE_TOKEN }}
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           gh release download ${{ inputs.release_tag }} --pattern "*.nupkg" --repo ${{ github.repository }} --clobber
       
diff --git a/.github/workflows/versioning-release.yml b/.github/workflows/versioning-release.yml
index e9c959c15ca4..f2b1e790dc1f 100644
--- a/.github/workflows/versioning-release.yml
+++ b/.github/workflows/versioning-release.yml
@@ -2,9 +2,6 @@ name: Create release
 
 on:
   workflow_call:
-    secrets:
-      BUILD_MACHINE_TOKEN:
-        required: false
     inputs:
       app_version:
         required: true
@@ -43,7 +40,7 @@ jobs:
         id: create_release
         uses: mikepenz/action-gh-release@5c3d16ffbdc3e0fbfe2c8a69a448798f5d9b30c2 # v2.0.0
         env:
-          GITHUB_TOKEN: ${{ secrets.BUILD_MACHINE_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           RELEASE_PATH: https://github.com/${{github.repository}}/releases/download/${{steps.version-tag.outputs.short_version}}
         with:
           name: Release ${{ inputs.release_tag }}