getsentry / action-github-app-token Goto Github PK
View Code? Open in Web Editor NEWGets a GitHub auth token for a GitHub App installation
Gets a GitHub auth token for a GitHub App installation
Access token works on the "number-two" repository
API returns 404 error because the access token does not have permissions on the "number-two" repository.
This is because this action returns a semi-random installation's token.
It does not look at the Actions environment to get the current repository, or have inputs to determine which repository should be set.
The input scope
looks at the installation information, apparently to match on who installed the app, which seems to be a very limited way to match the app.
For an example Action that does this correctly, see https://github.com/tibdex/github-app-token
v2.0.0
It would work
Errored out.
Ref: https://github.com/samipsolutions/helm-charts/actions/runs/3393940272/jobs/5641874983
Probably related: nodejs/node#43132
N/A
An error message stating that no installations were found.
The error occurs because
action-github-app-token/src/main.ts
Line 25 in 86b9938
Node.js 16 actions are deprecated. Please update action-github-app-token to use Node.js 20.
For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.
The error message Error: Cannot read properties of undefined (reading 'id')
isn't very descriptive. I looked into this action's source code and realized that the app wasn't properly installed to the repo so this line throws:
action-github-app-token/src/main.ts
Line 25 in 86b9938
GitHub Actions: Deprecating save-state and set-output commands
GitHub-hosted runner, ubuntu-20.04
Version 20221002.2
Action runs without warning.
Action gives deprecation warning.
Hi! This action is exactly what I need, thank you for creating and publishing it!
I see the link for the GitHub marketplace is returning not found, and there has been a dependency update since the v1 tag was published.
One question, and one request 😺
Thank you 👍
Hello,
There is an MIT license designation in the project's package.json, but this alone can be considered ambiguous or insufficient for organizations that are concerned about copyright laws.
A full license document would be preferable so that the full details and terms can be made clear. Can you please add one?
Thanks!
How do you use Sentry?
Sentry SaaS (sentry.io) or self-hosted/on-premise (which version?)
Which SDK and version?
e.g: JavaScript 5.11.1, .NET 1.2.0
What you thought would happen.
What actually happened. Maybe a screenshot/recording? Maybe some logs?
getsentry/action-github-app-token@v3
getsentry/action-github-app-token@v3
, unable to find version v3
No such error happens.
2024-02-02T08:29:43.4845300Z Requested labels: ubuntu-latest
2024-02-02T08:29:43.4845578Z Job defined at: kyanny/didactic-telegram/.github/workflows/blank.yml@refs/heads/main
2024-02-02T08:29:43.4845726Z Waiting for a runner to pick up this job...
2024-02-02T08:29:44.0233056Z Job is waiting for a hosted runner to come online.
2024-02-02T08:29:47.3523742Z Job is about to start running on the hosted runner: GitHub Actions 24 (hosted)
2024-02-02T08:29:49.1220089Z Current runner version: '2.312.0'
2024-02-02T08:29:49.1247090Z ##[group]Operating System
2024-02-02T08:29:49.1247940Z Ubuntu
2024-02-02T08:29:49.1248565Z 22.04.3
2024-02-02T08:29:49.1249098Z LTS
2024-02-02T08:29:49.1249703Z ##[endgroup]
2024-02-02T08:29:49.1250331Z ##[group]Runner Image
2024-02-02T08:29:49.1250989Z Image: ubuntu-22.04
2024-02-02T08:29:49.1251652Z Version: 20240126.1.0
2024-02-02T08:29:49.1252954Z Included Software: https://github.com/actions/runner-images/blob/ubuntu22/20240126.1/images/ubuntu/Ubuntu2204-Readme.md
2024-02-02T08:29:49.1254705Z Image Release: https://github.com/actions/runner-images/releases/tag/ubuntu22%2F20240126.1
2024-02-02T08:29:49.1255846Z ##[endgroup]
2024-02-02T08:29:49.1256465Z ##[group]Runner Image Provisioner
2024-02-02T08:29:49.1257266Z 2.0.341.1
2024-02-02T08:29:49.1257868Z ##[endgroup]
2024-02-02T08:29:49.1259153Z ##[group]GITHUB_TOKEN Permissions
2024-02-02T08:29:49.1260989Z Contents: read
2024-02-02T08:29:49.1261731Z Metadata: read
2024-02-02T08:29:49.1262556Z Packages: read
2024-02-02T08:29:49.1263254Z ##[endgroup]
2024-02-02T08:29:49.1266445Z Secret source: Actions
2024-02-02T08:29:49.1267367Z Prepare workflow directory
2024-02-02T08:29:49.1889460Z Prepare all required actions
2024-02-02T08:29:49.2045501Z Getting action download info
2024-02-02T08:29:49.4361635Z ##[error]Unable to resolve action `getsentry/action-github-app-token@v3`, unable to find version `v3`
What version are you running? Etc.
Node.js 12 actions are deprecated. For more information see: https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/. Please update the following actions to use Node.js 16: getsentry/action-github-app-token
What you thought would happen.
What actually happened. Maybe a screenshot/recording? Maybe some logs?
Inspired by tibdex/github-app-token
, I propose that a permissions
input is added to be able to configure a desired subset of permissions that should be issued to the token.
- uses: getsentry/action-github-app-token@v2
with:
app_id: ${{ secrets.APP_ID }}
private_key: ${{ secrets.APP_PRIVATE_KEY }}
permissions: |
{"contents": "read"}
Per octokit/auth-app.js, it appears that a permissions argument can be specified to the appOctokit.auth
call. I believe having a permissions
input that is a JSON map of desired permissions would be the easiest adoption of this function.
Could you please add a "v2" tag pointing to the latest "v2" version as you have with "v1"?
This will allow us to keep the version tag in our workflows constant as we pick up enhancements/fixes on the major version.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.