feat: add support for enterprise-level GitHub Apps

[theztefan]

This pull request adds support for generating GitHub App installation tokens for enterprise-level installations.

What changed

• Added a new enterprise input to action.yml.
• Wired enterprise through main.js and lib/main.js.
• Added validation so enterprise cannot be combined with owner or repositories.
• Implemented enterprise installation lookup using the direct GitHub API route GET /enterprises/{enterprise}/installation, then used the returned installation ID to mint an installation token through @octokit/auth-app.
• Updated README.md with enterprise installation usage and input documentation.
• Updated dist/main.cjs for the bundled action.
• Shared token creation retry behavior across repository, owner, and enterprise paths so server errors and transient network errors are retried, while client errors fail immediately.

Tests

Added focused test coverage for:

• enterprise token creation
• enterprise token creation with explicit permissions
• enterprise installation not found
• mutual exclusivity with owner
• mutual exclusivity with repositories
• owner installation client errors are not retried
• transient network errors are retried during token creation

Notes

• This keeps the existing repository-scoped token behavior unchanged.
• Owner, repository, and enterprise token creation now share the same retry policy: server errors and recognized transient network errors are retried, while client errors fail immediately. This intentionally fixes the previous owner-path behavior that retried client errors.

Refs:

• https://github.blog/changelog/2025-07-01-enterprise-level-access-for-github-apps-and-installation-automation-apis/
• https://docs.github.com/en/rest/apps/apps?apiVersion=2022-11-28#get-an-enterprise-installation-for-the-authenticated-app

[Copilot]

Pull Request Overview

This pull request adds support for generating GitHub App tokens for enterprise-level installations, allowing GitHub Apps to authenticate with enterprise management APIs. The implementation includes comprehensive input validation to ensure mutual exclusivity with existing repository-scoped functionality.

Key changes include:

• Added enterprise input parameter with validation for mutual exclusivity with owner and repositories
• Implemented enterprise installation discovery by listing all installations and filtering for enterprise type
• Added comprehensive test coverage for success scenarios, error cases, and input validation

Reviewed Changes

Copilot reviewed 13 out of 15 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
action.yml	Added enterprise input definition
main.js	Added enterprise parameter reading and passing
lib/main.js	Core logic for enterprise token generation and validation
package.json	Version bump to 2.0.7
README.md	Documentation for enterprise usage
tests/*.js	Comprehensive test suite for enterprise functionality
tests/snapshots/index.js.md	Test output snapshots for verification

Comments suppressed due to low confidence (1)

[hpsin]

Thanks for this! I'm opening an issue to add the required API for this, since it is a clear gap. No ETA on the resolution I'm afraid.

[parkerbxyz]

Something we might be able to do while we await a dedicated API:

• Add a new experimental-enterprise-installation-id input, so the installation ID can be passed directly to this action.
• Remove the enterprise input (for now).

This should allow people to use this action with enterprise-level GitHub Apps.

[jdesulme]

Is there any update on using this experimental injection of the installation ID? At the very least, it would allow us to use it in the meantime, and we can switch over once a proper API is available. Since the installation ID won't change often for most users, hardcoding it wouldn't be a major issue.

[hpsin]

Hey all,
I have a PR open to add the required api, I'm hoping to ship it this week or next. I'll let you know when I do.

[arturcic]

@hpsin any updates?

[hpsin]

It should get announced today, and should be live on the API docs now - https://docs.github.com/en/enterprise-cloud@latest/rest/apps/apps?apiVersion=2022-11-28#get-an-enterprise-installation-for-the-authenticated-app

[arturcic]

@hpsin any chance to get this one merged/released?

[Copilot]

Copilot's findings

• Files reviewed: 13/15 changed files
• Comments generated: 2

[Copilot]

Copilot's findings

• Files reviewed: 13/15 changed files
• Comments generated: 1

[Copilot]

Copilot's findings

• Files reviewed: 13/15 changed files
• Comments generated: 1

[Copilot]

Copilot's findings

• Files reviewed: 13/15 changed files
• Comments generated: 2

[Copilot]

Copilot's findings

• Files reviewed: 15/18 changed files
• Comments generated: 0 new