Skip to content

Impersonate a GitHub App in a GitHub Action

License

Notifications You must be signed in to change notification settings

uswitch/github-app-token

 
 

Repository files navigation

GitHub App Token

This JavaScript GitHub Action can be used to impersonate a GitHub App when secrets.GITHUB_TOKEN's limitations are too restrictive and a personal access token is not suitable.

secrets.GITHUB_TOKEN has limitations such as not being able to triggering a new workflow from another workflow. A workaround is to use a personal access token from a personal user/bot account. However, for organizations, GitHub Apps are a more appropriate automation solution.

Example Workflow

jobs:
  job:
    runs-on: ubuntu-18.04
    steps:
      - name: Generate token
        id: generate_token
        uses: tibdex/github-app-token@v1
        with:
          app_id: ${{ secrets.APP_ID }}
          private_key: ${{ secrets.PRIVATE_KEY }}
          # Optional (defaults to the current repository).
          # repository: owner/repo
      - name: Use token
        env:
          TOKEN: ${{ steps.generate_token.outputs.token }}
        run: |
          echo "The generated token is masked: ${TOKEN}"

About

Impersonate a GitHub App in a GitHub Action

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • TypeScript 53.8%
  • JavaScript 46.2%