diff --git a/README.md b/README.md index c75538a..2073f97 100644 --- a/README.md +++ b/README.md @@ -9,10 +9,10 @@ GitHub Action for creating a GitHub App installation access token. In order to use this action, you need to: 1. [Register new GitHub App](https://docs.github.com/apps/creating-github-apps/setting-up-a-github-app/creating-a-github-app). -2. [Store the App's Client ID in your repository environment variables](https://docs.github.com/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables#defining-configuration-variables-for-multiple-workflows) (example: `GITHUB_APP_CLIENT_ID`). -3. [Store the App's private key in your repository secrets](https://docs.github.com/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets?tool=webui#creating-secrets-for-a-repository) (example: `GITHUB_APP_PRIVATE_KEY`). +2. [Store the App's Client ID in your repository variables](https://docs.github.com/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables#defining-configuration-variables-for-multiple-workflows) (example: `APP_CLIENT_ID`). +3. [Store the App's private key in your repository secrets](https://docs.github.com/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets?tool=webui#creating-secrets-for-a-repository) (example: `APP_PRIVATE_KEY`). -> [!IMPORTANT] +> [!IMPORTANT] > An installation access token expires after 1 hour. Please [see this comment](https://github.com/actions/create-github-app-token/issues/121#issuecomment-2043214796) for alternative approaches if you have long-running processes. ### Create a token for the current repository @@ -31,8 +31,8 @@ jobs: - uses: actions/create-github-app-token@v3 id: app-token with: - client-id: ${{ vars.GITHUB_APP_CLIENT_ID }} - private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }} + client-id: ${{ vars.APP_CLIENT_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} - uses: ./actions/staging-tests with: token: ${{ steps.app-token.outputs.token }} @@ -51,8 +51,8 @@ jobs: id: app-token with: # required - client-id: ${{ vars.GITHUB_APP_CLIENT_ID }} - private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }} + client-id: ${{ vars.APP_CLIENT_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} - uses: actions/checkout@v6 with: token: ${{ steps.app-token.outputs.token }} @@ -77,8 +77,8 @@ jobs: id: app-token with: # required - client-id: ${{ vars.GITHUB_APP_CLIENT_ID }} - private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }} + client-id: ${{ vars.APP_CLIENT_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} - name: Get GitHub App User ID id: get-user-id run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT" @@ -102,8 +102,8 @@ jobs: id: app-token with: # required - client-id: ${{ vars.GITHUB_APP_CLIENT_ID }} - private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }} + client-id: ${{ vars.APP_CLIENT_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} - name: Get GitHub App User ID id: get-user-id run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT" @@ -138,8 +138,8 @@ jobs: - uses: actions/create-github-app-token@v3 id: app-token with: - client-id: ${{ vars.GITHUB_APP_CLIENT_ID }} - private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }} + client-id: ${{ vars.APP_CLIENT_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} owner: ${{ github.repository_owner }} - uses: peter-evans/create-or-update-comment@v4 with: @@ -160,8 +160,8 @@ jobs: - uses: actions/create-github-app-token@v3 id: app-token with: - client-id: ${{ vars.GITHUB_APP_CLIENT_ID }} - private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }} + client-id: ${{ vars.APP_CLIENT_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} owner: ${{ github.repository_owner }} repositories: | repo1 @@ -185,8 +185,8 @@ jobs: - uses: actions/create-github-app-token@v3 id: app-token with: - client-id: ${{ vars.GITHUB_APP_CLIENT_ID }} - private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }} + client-id: ${{ vars.APP_CLIENT_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} owner: another-owner - uses: peter-evans/create-or-update-comment@v4 with: @@ -210,8 +210,8 @@ jobs: - uses: actions/create-github-app-token@v3 id: app-token with: - client-id: ${{ vars.GITHUB_APP_CLIENT_ID }} - private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }} + client-id: ${{ vars.APP_CLIENT_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} owner: ${{ github.repository_owner }} permission-issues: write - uses: peter-evans/create-or-update-comment@v4 @@ -252,8 +252,8 @@ jobs: - uses: actions/create-github-app-token@v3 id: app-token with: - client-id: ${{ vars.GITHUB_APP_CLIENT_ID }} - private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }} + client-id: ${{ vars.APP_CLIENT_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} owner: ${{ matrix.owners-and-repos.owner }} repositories: ${{ join(matrix.owners-and-repos.repos) }} - uses: octokit/request-action@v2.x @@ -310,8 +310,8 @@ If you set `HTTP_PROXY` or `HTTPS_PROXY`, also set `NODE_USE_ENV_PROXY: "1"` on NO_PROXY: github.example.com NODE_USE_ENV_PROXY: "1" with: - client-id: ${{ vars.GITHUB_APP_CLIENT_ID }} - private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }} + client-id: ${{ vars.APP_CLIENT_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} ``` ## Inputs @@ -334,14 +334,14 @@ steps: - name: Decode the GitHub App Private Key id: decode run: | - private_key=$(echo "${{ secrets.GITHUB_APP_PRIVATE_KEY }}" | base64 -d | awk 'BEGIN {ORS="\\n"} {print}' | head -c -2) &> /dev/null + private_key=$(echo "${{ secrets.APP_PRIVATE_KEY }}" | base64 -d | awk 'BEGIN {ORS="\\n"} {print}' | head -c -2) &> /dev/null echo "::add-mask::$private_key" echo "private-key=$private_key" >> "$GITHUB_OUTPUT" - name: Generate GitHub App Token id: app-token uses: actions/create-github-app-token@v3 with: - client-id: ${{ vars.GITHUB_APP_CLIENT_ID }} + client-id: ${{ vars.APP_CLIENT_ID }} private-key: ${{ steps.decode.outputs.private-key }} ```