actions/create-github-app-token
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs(readme): document how a Base64 private key could be decoded (#155)

Browse Source 
Addressing this comment
https://github.com/actions/create-github-app-token/issues/42#issuecomment-2214599409

---------

Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
This commit is contained in:
vleon1a
2024-07-12 00:09:08 +02:00
committed by GitHub
parent d0ac2addd1
commit 000e2a0d29
1 changed files with 18 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+18
View File
@@ -278,6 +278,24 @@ jobs:
**Required:** GitHub App private key. Escaped newlines (`\\n`) will be automatically replaced with actual newlines.
Some other actions may require the private key to be Base64 encoded. To avoid recreating a new secret, it can be decoded on the fly, but it needs to be managed securely. Here is an example of how this can be achieved:
```yaml
steps:
- name: Decode the GitHub App Private Key
id: decode
run: |
private_key=$(echo "${{ secrets.PRIVATE_KEY }}" | base64 -d | awk 'BEGIN {ORS="\\n"} {print}' | head -c -2) &> /dev/null
echo "::add-mask::$private_key"
echo "private-key=$private_key" >> "$GITHUB_OUTPUT"
- name: Generate GitHub App Token
id: app-token
uses: actions/create-github-app-token@v1
with:
app-id: ${{ vars.APP_ID }}
private-key: ${{ steps.decode.outputs.private-key }}
```
### `owner`
**Optional:** The owner of the GitHub App installation. If empty, defaults to the current repository owner.