naviteq · DovnarAlexander · Mar 27, 2026 · Mar 27, 2026
diff --git a/.github/actions/helm-release-oci/action.yaml b/.github/actions/helm-release-oci/action.yaml
@@ -1,3 +1,4 @@
+---
 name: Helm Release OCI Core
 description: Common Helm OCI release logic without provider-specific authentication
 
@@ -35,6 +36,30 @@ inputs:
     description: Helm chart version (overrides appVersion-derived version when provided)
     required: false
     default: ""
+  commit_author:
+    description: Commit author in "Name <email>" format for version bump commit
+    required: false
+    default: ""
+  commit_user_name:
+    description: Commit username for version bump commit
+    required: false
+    default: ""
+  commit_user_email:
+    description: Commit email for version bump commit
+    required: false
+    default: ""
+  commiter_author:
+    description: Deprecated alias for commit_author
+    required: false
+    default: ""
+  commiter_user_name:
+    description: Deprecated alias for commit_user_name
+    required: false
+    default: ""
+  commiter_user_email:
+    description: Deprecated alias for commit_user_email
+    required: false
+    default: ""
 
 outputs:
   chart_name:
@@ -159,6 +184,9 @@ runs:
       uses: stefanzweifel/git-auto-commit-action@04702edda442b2e678b25b537cec683a1493fcb9 # v7
       with:
         branch: ${{ inputs.bump_version_git_branch != '' && inputs.bump_version_git_branch || github.ref_name }}
+        commit_user_name: ${{ inputs.commit_user_name != '' && inputs.commit_user_name || inputs.commiter_user_name }}
+        commit_user_email: ${{ inputs.commit_user_email != '' && inputs.commit_user_email || inputs.commiter_user_email }}
+        commit_author: ${{ inputs.commit_author != '' && inputs.commit_author || inputs.commiter_author }}
         commit_message: "Helm bumped up version and appVersion [skip ci]"
         file_pattern: "${{ inputs.chart_path }}/Chart.yaml"
 

diff --git a/.github/workflows/create-release.yaml b/.github/workflows/create-release.yaml
@@ -60,6 +60,9 @@ jobs:
         uses: stefanzweifel/git-auto-commit-action@04702edda442b2e678b25b537cec683a1493fcb9 # v7
         with:
           branch: ${{ github.ref_name }}
+          commit_user_name: ${{ steps.app-token.outputs.app-slug != '' && format('{0}[bot]', steps.app-token.outputs.app-slug) || 'github-actions[bot]' }}
+          commit_user_email: ${{ steps.app-token.outputs.app-slug != '' && format('{0}[bot]@users.noreply.github.com', steps.app-token.outputs.app-slug) || 'github-actions[bot]@users.noreply.github.com' }}
+          commit_author: ${{ steps.app-token.outputs.app-slug != '' && format('{0}[bot] <{0}[bot]@users.noreply.github.com>', steps.app-token.outputs.app-slug) || 'github-actions[bot] <github-actions[bot]@users.noreply.github.com>' }}
           commit_message: "chore: pin self reusable references to ${{ steps.tag_version.outputs.new_tag }} SHA [skip ci]"
           file_pattern: ".github/workflows/security-scan.yml .github/workflows/helm-release-github.yaml .github/workflows/helm-release-gar.yaml .github/workflows/helm-release-ecr.yaml"
 

diff --git a/.github/workflows/helm-release-ecr.yaml b/.github/workflows/helm-release-ecr.yaml
@@ -134,7 +134,7 @@ jobs:
 
       - name: Run OCI core
         id: core
-        uses: naviteq/github-actions/.github/actions/helm-release-oci@b22353195d721a9b081039be12ec0ebb038dbe8c
+        uses: naviteq/github-actions/.github/actions/helm-release-oci@f281e51c81dc501c721ff553402dc3b4eab8c68e
         with:
           chart_path: ${{ inputs.chart_path }}
           oci_registry: ${{ inputs.ecr_registry }}
@@ -145,3 +145,6 @@ jobs:
           lint_enabled: ${{ inputs.lint_enabled }}
           lint_values_file: ${{ inputs.lint_values_file }}
           chart_version: ${{ inputs.chart_version }}
+          commit_user_name: ${{ steps.app-token.outputs.app-slug != '' && format('{0}[bot]', steps.app-token.outputs.app-slug) || github.actor }}
+          commit_user_email: ${{ steps.app-token.outputs.app-slug != '' && format('{0}[bot]@users.noreply.github.com', steps.app-token.outputs.app-slug) || format('{0}@users.noreply.github.com', github.actor) }}
+          commit_author: ${{ steps.app-token.outputs.app-slug != '' && format('{0}[bot] <{0}[bot]@users.noreply.github.com>', steps.app-token.outputs.app-slug) || format('{0} <{0}@users.noreply.github.com>', github.actor) }}
diff --git a/.github/workflows/helm-release-gar.yaml b/.github/workflows/helm-release-gar.yaml
@@ -139,7 +139,7 @@ jobs:
 
       - name: Run OCI core
         id: core
-        uses: naviteq/github-actions/.github/actions/helm-release-oci@b22353195d721a9b081039be12ec0ebb038dbe8c
+        uses: naviteq/github-actions/.github/actions/helm-release-oci@f281e51c81dc501c721ff553402dc3b4eab8c68e
         with:
           chart_path: ${{ inputs.chart_path }}
           oci_registry: ${{ inputs.gar_registry }}
@@ -150,3 +150,6 @@ jobs:
           lint_enabled: ${{ inputs.lint_enabled }}
           lint_values_file: ${{ inputs.lint_values_file }}
           chart_version: ${{ inputs.chart_version }}
+          commit_user_name: ${{ steps.app-token.outputs.app-slug != '' && format('{0}[bot]', steps.app-token.outputs.app-slug) || github.actor }}
+          commit_user_email: ${{ steps.app-token.outputs.app-slug != '' && format('{0}[bot]@users.noreply.github.com', steps.app-token.outputs.app-slug) || format('{0}@users.noreply.github.com', github.actor) }}
+          commit_author: ${{ steps.app-token.outputs.app-slug != '' && format('{0}[bot] <{0}[bot]@users.noreply.github.com>', steps.app-token.outputs.app-slug) || format('{0} <{0}@users.noreply.github.com>', github.actor) }}
diff --git a/.github/workflows/helm-release-github.yaml b/.github/workflows/helm-release-github.yaml
@@ -113,7 +113,7 @@ jobs:
 
       - name: Run OCI core
         id: core
-        uses: naviteq/github-actions/.github/actions/helm-release-oci@b22353195d721a9b081039be12ec0ebb038dbe8c
+        uses: naviteq/github-actions/.github/actions/helm-release-oci@f281e51c81dc501c721ff553402dc3b4eab8c68e
         with:
           chart_path: ${{ inputs.chart_path }}
           oci_registry: ${{ inputs.ghcr_registry }}
@@ -124,3 +124,6 @@ jobs:
           lint_enabled: ${{ inputs.lint_enabled }}
           lint_values_file: ${{ inputs.lint_values_file }}
           chart_version: ${{ inputs.chart_version }}
+          commit_user_name: ${{ steps.app-token.outputs.app-slug != '' && format('{0}[bot]', steps.app-token.outputs.app-slug) || github.actor }}
+          commit_user_email: ${{ steps.app-token.outputs.app-slug != '' && format('{0}[bot]@users.noreply.github.com', steps.app-token.outputs.app-slug) || format('{0}@users.noreply.github.com', github.actor) }}
+          commit_author: ${{ steps.app-token.outputs.app-slug != '' && format('{0}[bot] <{0}[bot]@users.noreply.github.com>', steps.app-token.outputs.app-slug) || format('{0} <{0}@users.noreply.github.com>', github.actor) }}
diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
@@ -98,27 +98,27 @@ permissions:
 jobs:
   codeql:
     name: CodeQL
-    uses: naviteq/github-actions/.github/workflows/security-codeql.yml@b22353195d721a9b081039be12ec0ebb038dbe8c
+    uses: ./.github/workflows/security-codeql.yml
     with:
       RUNNER: ${{ inputs.codeql_runner != '' && inputs.codeql_runner || inputs.runner }}
       language: ${{ inputs.codeql_language }}
 
   dependency-review:
     name: Dependency Review
     if: ${{ github.event_name == 'pull_request' || github.event_name == 'pull_request_target' || github.event_name == 'merge_group' }}
-    uses: naviteq/github-actions/.github/workflows/security-dependency-review.yml@b22353195d721a9b081039be12ec0ebb038dbe8c
+    uses: ./.github/workflows/security-dependency-review.yml
     with:
       RUNNER: ${{ inputs.dependency_review_runner != '' && inputs.dependency_review_runner || inputs.runner }}
 
   gitleaks:
     name: Gitleaks
-    uses: naviteq/github-actions/.github/workflows/security-gitleaks.yml@b22353195d721a9b081039be12ec0ebb038dbe8c
+    uses: ./.github/workflows/security-gitleaks.yml
     with:
       RUNNER: ${{ inputs.gitleaks_runner != '' && inputs.gitleaks_runner || inputs.runner }}
 
   trivy:
     name: Trivy
-    uses: naviteq/github-actions/.github/workflows/security-trivy.yml@b22353195d721a9b081039be12ec0ebb038dbe8c
+    uses: ./.github/workflows/security-trivy.yml
     with:
       RUNNER: ${{ inputs.trivy_runner != '' && inputs.trivy_runner || inputs.runner }}
       scan_type: ${{ inputs.trivy_scan_type }}
@@ -131,7 +131,7 @@ jobs:
 
   checkov:
     name: Checkov
-    uses: naviteq/github-actions/.github/workflows/security-checkov.yaml@b22353195d721a9b081039be12ec0ebb038dbe8c
+    uses: ./.github/workflows/security-checkov.yaml
     with:
       RUNNER: ${{ inputs.checkov_runner != '' && inputs.checkov_runner || inputs.runner }}
       directory: ${{ inputs.checkov_directory }}