Question about personal access token

[morrowcj]

Problem

I'm trying to implement the add-to-project action to an organization's repository. It appears that, in order to do so, a personal access token is required:

# from action.yaml
github-token:
    required: true
    description: A GitHub personal access token with write access to the project

However, I don't fully understand how to store a PAT in an organization's secret variables. Does the "value" field of the secret variable actually need to be a PAT for this action to work? Since organizations aren't able to generate PATs, does one member of the org need to be responsible for generating and maintaining the token?

[omerbensaadon]

Hey! Yes, one member needs to generate the token and add it as an organization Secret from the Repo settings page

[omerbensaadon]

Check out these docs on encrypted secrets: https://docs.github.com/en/actions/security-guides/encrypted-secrets

[uhbif19]

Cannot GITHUB_TOKEN be used for that?

[saturnflyer]

I'm curious about @uhbif19's question too, @omerbensaadon
Is it required that it be a personal access token and not the GITHUB_TOKEN?

[levibostian]

This comment seems to suggest that, no, GITHUB_TOKEN cannot be used.

[saturnflyer]

Thanks for the update @levibostian

I'm trying this out on a private project with a bot account we use to share the PAT across our organization but the action just isn't running with that change. I'm fairly certain that I haven't set up permissions properly but debugging is difficult.
I'm poring over documentation about secrets/roles/permissions/etc but am commenting here hoping that someone has a straightforward explanation of how to set this up properly.

I'll comment again if I solve my problem.

EDIT: specifically I'm not seeing checks on my PRs but when I look at the Actions tab, I can see this action has failed but reports Could not resolve to a ProjectV2 with the number 9.
Is this a permissions problem?

[ravi-sawlani-yral]

Thanks for the update @levibostian

I'm trying this out on a private project with a bot account we use to share the PAT across our organization but the action just isn't running with that change. I'm fairly certain that I haven't set up permissions properly but debugging is difficult. I'm poring over documentation about secrets/roles/permissions/etc but am commenting here hoping that someone has a straightforward explanation of how to set this up properly.

I'll comment again if I solve my problem.

EDIT: specifically I'm not seeing checks on my PRs but when I look at the Actions tab, I can see this action has failed but reports Could not resolve to a ProjectV2 with the number 9. Is this a permissions problem?

I am facing a similar issue however I am trying to use github app token with org as the owner (essentially it has access to all the repos inside the org) instead of personal access token. I am getting same error message. Was this resolved?

[marywhite]

Cannot GITHUB_TOKEN be used for that?

The GIHUB_TOKEN does not have the correct project permissions. We don't have plans to change that currently.

I can see this action has failed but reports Could not resolve to a ProjectV2 with the number 9.
Is this a permissions problem?

@saturnflyer is this an organization or personal project. Also - can you confirm the permissions for the PAT on the bot account?

I am facing a similar issue however I am trying to use github app token with org as the owner (essentially it has access to all the repos inside the org) instead of personal access token. I am getting same error message. Was this resolved?

Hey @ravi-sawlani-yral, what permissions does your GitHub app have? One additional thing to note is that fine-grained tokens are currently not supported for user-owned projects, so that is something to be aware of (it's on our roadmap!).