Add built-in support for basic auth #144
Conversation
There was a problem hiding this comment.
I would not add this feature to this action, but we can document the workflow in the README.
It's similar to this pull request: #137 which we closed in favor of #142
I would suggest to add a step which pipes the string x-access-token:${{ steps.app-token.outputs.token }} | bash64 and writes that to a new output as in did in #142
In future, can you please create an issue first before a pull request? We appreciate the effort you put into it, but having a discussion first might help prevent unnecessary work and frustration.
| ref: ${{ github.head_ref }} | ||
| # Access allowed to private submodules in the current owner's installation | ||
| submodules: recursive | ||
| # Make sure the value of GITHUB_TOKEN will not be persisted in repo's config | ||
| persist-credentials: false | ||
| ``` |
There was a problem hiding this comment.
Please remove unrelated changes
| ref: ${{ github.head_ref }} | |
| # Access allowed to private submodules in the current owner's installation | |
| submodules: recursive | |
| # Make sure the value of GITHUB_TOKEN will not be persisted in repo's config | |
| persist-credentials: false | |
| ``` |
| @@ -99,11 +99,37 @@ jobs: | |||
| app-id: ${{ vars.APP_ID }} | |||
| private-key: ${{ secrets.PRIVATE_KEY }} | |||
| owner: ${{ github.repository_owner }} | |||
| - uses: peter-evans/create-or-update-comment@v3 | |||
| - uses: actions/checkout@v4 | |||
There was a problem hiding this comment.
| - uses: actions/checkout@v4 | |
| - uses: peter-evans/create-or-update-comment@v4 |
Unfortunately, that's not cross-platform (doesn't work on Windows). - name: Prepare basic auth credentials
id: basic-auth-creds
uses: actions/github-script@v7
with:
script: return btoa("x-access-token:${{ steps.app-token.outputs.token }}")
result-encoding: string
- name: Checkout with private submodules
env:
GIT_CONFIG_COUNT: 1
GIT_CONFIG_KEY_0: http.https://github.com/.extraheader
GIT_CONFIG_VALUE_0: "AUTHORIZATION: basic ${{ steps.basic-auth-creds.outputs.result }}"
# Access allowed to private submodules in the current owner's installation
run: git clone --recurse-submodules --shallow-submodules https://github.com/${{ github.repository }}
Sure, no worries. I'll close the PR. A README addition would be helpful, indeed. |
This allows using the encoded token for basic auth-based git access.
This is useful for scripts expecting to be able to access private git repos. My specific case was using CPM.cmake in a repo that brings in other private repos as dependencies.
While the encoding to make this work is very simple, the documentation for it is sparse and it is not trivial to figure out, so there's value in providing this out of the box.