Generate GitHub access tokens for your repositories using a GitHub App so you don't have to use a personal access token.
Uses Create an installation access token for an app API
to generate these tokens.
The Generate Tokens workflow runs every 30 minutes,
as tokens expire within an hour.
There are two steps to setting this up for yourself:
- Create and install your GitHub App
- Clone and configure this repository into your organization
After completing these steps,
the access token is available to you as the REPO_GITHUB_TOKEN secret in the configured repositories.
- Under https://github.com/settings/apps, click
New GitHub App- Give your app a name (e.g.
Access Token Generator) WebHook=>Activecan be disabledPermissionsmust be a superset of all permissions you wish to give to your repositories
- Give your app a name (e.g.
- Note
App IDforGH_APP_IDbelow - Generate a private key, and note it for
GH_PRIVATE_KEYbelow- Copy the value in full, including the new line characters
- Generate a client secret, and note it for
GH_CLIENT_SECRETbelow - Install the app into the organization of your choice
- Note the Installation ID in the URL after installation (e.g.
https://github.com/settings/installations/<AppId>) forGH_INSTALLATION_IDbelow
- Note the Installation ID in the URL after installation (e.g.
Create a copy of this repository in your personal space or organization by:
- Clicking the
Use this templateat the main page of this repository OR - Forking this repository OR
- Creating a new repository and using Git commands to populate it
Set the following secrets based on the values noted above:
GH_APP_IDGH_CLIENT_SECRETGH_INSTALLATION_IDGH_PRIVATE_KEY
Update config.yml appropriately for your repositories.
org: the name of your orgtokens: an array of repositories to configurename: name of the secret to use (default:REPO_GITHUB_TOKEN)repository: name of repository to create the token inpermissions: permissions to set for that token (full list)targets: repositories that token has access to (default:[<repository>], i.e. itself only)
