Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support authenticating as GitHub Apps instead of using Personal Access Tokens #1311

Open
wants to merge 110 commits into
base: main
Choose a base branch
from
Open

Support authenticating as GitHub Apps instead of using Personal Access Tokens #1311

wants to merge 110 commits into from

Conversation

freddydk
Copy link
Contributor

@freddydk freddydk commented Nov 17, 2024
edited
Loading

This PR is the first part of supporting GitHub Apps for authentication instead of PATs in GhTokenWorkflow.

After this PR, we still need a PAT for running the End 2 End tests, and we will have to have a PAT for End 2 End tests until we no longer support the versions, which doesn't support using GitHub Apps for authentication. The full scenario end 2 end test does use the GitHub app for authentication and does as such test that GhTokenWorkflow can be a GitHub app.

Also, the microsoft owned repositories used in end 2 end (bcsamples-*) are also using the PAT, as we currently do not have the GitHub App installed in the microsoft org. This will be part of a second part of this - to use the PAT in fewer places in the end 2 end tests.

TODO:

  • Documentation

@freddydk freddydk requested a review from mazhelez January 23, 2025 11:28
mazhelez
mazhelez reviewed Jan 23, 2025
View reviewed changes
Copy link
Collaborator

@mazhelez mazhelez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Docs improvements might be needed.
What about the deprecation story of ghTokenWorkflow? Now or later?

Actions/CheckForUpdates/CheckForUpdates.ps1 Outdated Show resolved Hide resolved
Actions/Github-Helper.psm1 Show resolved Hide resolved
RELEASENOTES.md Outdated Show resolved Hide resolved
Actions/Github-Helper.psm1 Show resolved Hide resolved
Scenarios/GhTokenWorkflow.md Outdated Show resolved Hide resolved
Scenarios/GhTokenWorkflow.md Outdated Show resolved Hide resolved
Scenarios/GhTokenWorkflow.md

On github.com, open **Settings** in your repository or organization and select **Secrets**. Choose the New repository or organizational secret button and create a secret called GHTOKENWORKFLOW and paste the GitHub App Auth value into the value field and choose **Add secret**.

![secret](https://github.com/user-attachments/assets/5f2c81c9-dc51-42ac-b98b-415a2f0893ab)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't mind it. I just don't want to deal with tools who will detect it in the future 😄

Scenarios/GhTokenWorkflow.md Outdated Show resolved Hide resolved
Scenarios/GhTokenWorkflow.md Show resolved Hide resolved
e2eTests/scenarios/UseProjectDependencies/runtest.ps1 Show resolved Hide resolved
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mazhelez mazhelez mazhelez left review comments

@aholstrup1 aholstrup1 Awaiting requested review from aholstrup1

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@freddydk @mazhelez @aholstrup1