anothersmith · rprovodenko · Feb 17, 2022 · Feb 17, 2022 · Feb 17, 2022 · Feb 17, 2022
diff --git a/.github/workflows/auto-release-duckdb-bleeding-edge.yml b/.github/workflows/auto-release-duckdb-bleeding-edge.yml
diff --git a/.github/workflows/auto-release.yml b/.github/workflows/auto-release.yml
@@ -11,7 +11,7 @@ jobs:
         with:
           fetch-depth: 0
           ref: master
-          token: ${{secrets.BRANCH_PROTECTION_TOKEN}}
+          token: ${{secrets.RELEASE_JOB_GIT_COMMIT_TOKEN}}
       - name: Setup node
         uses: actions/setup-node@v1
         with:
@@ -32,7 +32,7 @@ jobs:
         uses: benjefferies/branch-protection-bot@master
         if: always()
         with:
-          access_token: ${{ secrets.BRANCH_PROTECTION_TOKEN }}
+          access_token: ${{ secrets.RELEASE_JOB_MASTER_PROTECTION_TOKEN }}
           enforce_admins: false
           branch: master
       - name: Install modules with frozen lockfile and build
@@ -50,16 +50,15 @@ jobs:
           yarn publish --tag provisional-release --access public
         env:
           NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
-          GITHUB_TOKEN: ${{ secrets.UPLOAD_ARTIFACTS_TOKEN }}
           USERNAME: ${{secrets.USERNAME}}
           EMAIL: ${{secrets.EMAIL}}
-          GH_TOKEN: ${{secrets.BRANCH_PROTECTION_TOKEN}}
+          GH_TOKEN: ${{secrets.RELEASE_JOB_UPLOAD_ARTIFACTS_TOKEN}}
           AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID}}
           AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}}
       - name: Enable "include administrators" branch protection
         uses: benjefferies/branch-protection-bot@master
         if: always() # Force to always run this step to ensure "include administrators" is always turned back on
         with:
-          access_token: ${{ secrets.BRANCH_PROTECTION_TOKEN }}
+          access_token: ${{ secrets.RELEASE_JOB_MASTER_PROTECTION_TOKEN }}
           enforce_admins: true
           branch: master
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -37,7 +37,6 @@ jobs:
           yarn lint:check
           yarn test:ci
         env:
-          NODE_AUTH_TOKEN: ${{secrets.GIT_REGISTRY_TOKEN}}
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NODE_AUTH_TOKEN: ${{secrets.BUILD_JOB_GITHUB_REGISTRY_TOKEN}}
           AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID}}
           AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}}