From fa370aec0a06c81390897c687afd39a5ff4379c8 Mon Sep 17 00:00:00 2001
From: amritakumari-devops <amr.ext@wasabi.com>
Date: Mon, 29 Sep 2025 17:49:20 +0530
Subject: [PATCH] feat(AT-6491): Lack of Service Accounts in CI/CD

here is Ticket:
[AT-6491]
---
 .github/workflows/publish-immutable-action.yml | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/publish-immutable-action.yml b/.github/workflows/publish-immutable-action.yml
index 0e65c071..a71a2eb4 100644
--- a/.github/workflows/publish-immutable-action.yml
+++ b/.github/workflows/publish-immutable-action.yml
@@ -7,11 +7,18 @@ on:
 jobs:
   publish:
     runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      id-token: write
-      packages: write
     steps:
       - uses: actions/checkout@v5
+      - name: Create SYNC_BOT_TOKEN
+        id: sync-token
+        uses: actions/create-github-app-token@v2
+        with:
+          app-id: ${{ secrets.SYNC_BOT_APP_ID }}
+          private-key: ${{ secrets.SYNC_BOT_PRIVATE_KEY }}
+          permission-contents: write
+          permission-packages: write
+
       - name: Publish Immutable Action
         uses: actions/publish-immutable-action@v0.0.4
+        with:
+          token: ${{ steps.sync-token.outputs.token }}