Copilot
e6bd4e6970
GitHub now recommends using a GitHub App's Client ID for authentication.
This PR adds a first-class `client-id` input, keeps `app-id` available
for compatibility, and makes the migration path explicit in both runtime
behavior and documentation.
### Action inputs
- Adds a new `client-id` input
- Removes `required` from `app-id`
- Marks `app-id` as deprecated in `action.yml`
### Runtime behavior
- Updates input parsing to prefer `client-id`
- Falls back to `app-id` for existing workflows
- Adds a clear error when neither `client-id` nor `app-id` is provided
### Docs
- Updates the README to recommend `client-id`
- Switches usage examples to `client-id`
- Documents that `app-id` is deprecated and that `client-id` takes
precedence if both are set
### Regression coverage
- Adds a focused test proving a client-ID-shaped value works through the
new `client-id` input
- Adds coverage for the missing-ID validation path
- Updates snapshots to lock in the new metadata and runtime behavior
### Resulting usage
Users can migrate to the new input name directly:
```yaml
- uses: actions/create-github-app-token@v3
with:
client-id: ${{ vars.GITHUB_APP_CLIENT_ID }}
private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }}
```
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: parkerbxyz <17183625+parkerbxyz@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
1008 B
1008 B
Tests
Add one test file per scenario. You can run them in isolation with:
node tests/post-token-set.test.js
All tests are run together in tests/index.js, which can be executed with Node's built-in test runner
node --test tests/index.js
or with npm
npm test
How the tests work
The output from the tests is captured into a snapshot (tests/index.js.snapshot). It includes all requests sent by our scripts to verify it's working correctly and to prevent regressions.
To update snapshots after an intentional change:
node --test --test-update-snapshots tests/index.js
How to add a new test
We have tests both for the main.js and post.js scripts.
- If you do not expect an error, take main-token-permissions-set.test.js as a starting point.
- If your test has an expected error, take main-missing-client-and-app-id.test.js as a starting point.