Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support fine-grained tokens #2

Closed
spenserblack opened this issue Feb 15, 2023 · 5 comments
Closed

Support fine-grained tokens #2

spenserblack opened this issue Feb 15, 2023 · 5 comments
Labels
enhancement New feature or request icebox Issues that are not a priority

Comments

@spenserblack
Copy link
Owner

Here are some notes on fine-grained token support
@spenserblack spenserblack added the enhancement New feature or request label Feb 15, 2023
@jcbhmr
Copy link
Contributor

jcbhmr commented Mar 13, 2023
edited
Loading

I'd like to note that currently

actions-wiki/action.yml

Line 33 in 98f0591

git remote add origin https://${{ inputs.token }}@${{ inputs.repository }}.wiki.git

you use the https://TOKEN@github.com/user/repo format, when it should be https://USER:TOKEN@github.com/user/repo for constructing the auth URL so that the TOKEN part is in the password slot of the user:password auth thing. https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token#using-a-personal-access-token-on-the-command-line

Once you have a token, you can enter it instead of your password when performing Git operations over HTTPS.

For example, on the command line you would enter the following:

$ git clone https://github.com/USERNAME/REPO.git
Username: YOUR_USERNAME
Password: YOUR_TOKEN

in this case, I think you can use $GITHUB_ACTOR to use the current trigger-er user as the username. That's what I think is best practice (I vaguely remember seeing that pattern used before) but I can't point to a specific "best practice because $X does it this way" on this. The alternative is GITHUB_REPOSITORY_OWNER which doesn't seem as semantically correct but idk.

this could be the cause of some of the confusion in #1 ??? maybe? idk. particularily this though jumps out as a misconfig with the user/pass thing

image

the error makes sense that "cant find password" would mean that it literally cant find the password since its in the username slot misplaced...

@jcbhmr jcbhmr mentioned this issue Mar 15, 2023
Closed
@jcbhmr
Copy link
Contributor

jcbhmr commented Mar 21, 2023

ref #22 with related discussion about dummy user https://x:$TOKEN@github.com/user/repo.git working

@jcbhmr jcbhmr mentioned this issue Apr 13, 2023
Closed
@spenserblack spenserblack added the icebox Issues that are not a priority label Apr 18, 2023
@jcbhmr jcbhmr mentioned this issue May 2, 2023
Closed
12 tasks
@jcbhmr
Copy link
Contributor

jcbhmr commented May 16, 2023

heres my (admittedly imcomplete) writeup of the github token madness: https://github.com/Andrew-Chen-Wang/github-wiki-action/blob/jcbhmr/wiki/Home.md

@spenserblack
Copy link
Owner Author

Looks like the link is invalid. Could you find a permalink?

@jcbhmr
Copy link
Contributor

jcbhmr commented May 19, 2023
edited
Loading

whoops! I merged the jcbhmr branch stuff into the main branch and then deleted it. Oopsies for spreading bad links. https://github.com/Andrew-Chen-Wang/github-wiki-action/wiki

@jcbhmr jcbhmr mentioned this issue May 23, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request icebox Issues that are not a priority
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add github-server-url option (and more)
Merge Andrew-Chen-Wang/github-wiki-action
2 participants
@spenserblack @jcbhmr