status-im
/
github-app-token
mirror of https://github.com/status-im/github-app-token.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Impersonate a GitHub App in a GitHub Action
3 Commits 5 Branches 5 Tags 157 KiB
TypeScript 94.4%
JavaScript 5.6%
Go to file
Thibault Derousseaux fbd4e48b2e Shorten description 2020-04-11 15:34:22 +02:00
.github/workflows Initial commit 2020-04-11 14:41:39 +02:00
src Print when token generated successfully 2020-04-11 15:27:00 +02:00
.eslintignore Initial commit 2020-04-11 14:41:39 +02:00
.eslintrc.js Initial commit 2020-04-11 14:41:39 +02:00
.gitignore Initial commit 2020-04-11 14:41:39 +02:00
LICENSE Initial commit 2020-04-11 14:41:39 +02:00
README.md Initial commit 2020-04-11 14:41:39 +02:00
action.yml Shorten description 2020-04-11 15:34:22 +02:00
package.json Shorten description 2020-04-11 15:34:22 +02:00
prettier.config.js Initial commit 2020-04-11 14:41:39 +02:00
tsconfig.json Initial commit 2020-04-11 14:41:39 +02:00
yarn.lock Initial commit 2020-04-11 14:41:39 +02:00

README.md

GitHub App Token

This JavaScript GitHub Action can be used to impersonate a GitHub App when secrets.GITHUB_TOKEN's limitations are too restrictive and a personal access token is not suitable.

secrets.GITHUB_TOKEN has limitations such as not being able to triggering a new workflow from another workflow. A workaround is to use a personal access token from a personal user/bot account. However, for organizations, GitHub Apps are a more appropriate automation solution.

Example Workflow

jobs:
  job:
    runs-on: ubuntu-18.04
    steps:
      - name: Generate token
        id: generate_token
        uses: tibdex/github-app-token@v1
        with:
          app_id: ${{ secrets.APP_ID }}
          private_key: ${{ secrets.PRIVATE_KEY }}
      - name: Use token
        env:
          TOKEN: ${{ steps.generate_token.outputs.token }}
        run: |
          echo "The generated token is masked: ${TOKEN}"