From a6b2ab00f8c87f6656b1dc025e6c7b55b5a333df Mon Sep 17 00:00:00 2001
From: Taylor Jones <tay1orjones@users.noreply.github.com>
Date: Fri, 4 Nov 2022 15:13:43 -0500
Subject: [PATCH] ci(content-sync): use github app for proper permissions scope
 (#3240)

Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com>
---
 .github/workflows/platform-content-sync.yml | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/platform-content-sync.yml b/.github/workflows/platform-content-sync.yml
index 867a4cee7a6..e86b2dcdc08 100644
--- a/.github/workflows/platform-content-sync.yml
+++ b/.github/workflows/platform-content-sync.yml
@@ -7,9 +7,6 @@ on:
     paths:
       - '**.mdx'
 
-permissions:
-  issues: write
-
 jobs:
   if_merged:
     if: github.event.pull_request.merged == true
@@ -19,9 +16,15 @@ jobs:
         with:
           repository: carbon-design-system/carbon-platform
           ref: main
+      - name: Generate token
+        uses: tibdex/github-app-token@v1
+        id: generate_token
+        with:
+          app_id: ${{ secrets.APP_ID }}
+          private_key: ${{ secrets.APP_PRIVATE_KEY }}
       - name: Create issue on platform repo
         run: |
           gh issue create --title "[Content sync]: carbon-website PR ${{ github.event.number }}" --label "role: dev 🤖" --label "service: web-app 🌎" --body 'The following pull request on carbon-website was just merged. It contains .mdx content changes that may need synced to platform.
           - https://www.github.com/carbon-design-system/carbon-website/pull/${{ github.event.number }}'
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}