This post goes over how to generate an app token in GitHub Actions with Create GitHub App Token.
Prerequisites
Follow the steps:
- Register a new GitHub App
- Store your App ID in your repository secrets
- Store your App private key in your repository secrets
Create GitHub App Token
Use actions/create-github-app-token with actions/checkout:
- name: Create GitHub App token
uses: actions/create-github-app-token@v2
id: app-token
with:
app-id: ${{ secrets.GITHUB_APP_ID }}
private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }}
- name: Checkout repository
uses: actions/checkout@v6
with:
token: ${{ steps.app-token.outputs.token }}
Set owner and/or repositories to set the token access scope:
# Create a token for a given repository in the current owner's installation
- name: Create GitHub App token
uses: actions/create-github-app-token@v2
id: app-token
with:
app-id: ${{ secrets.GITHUB_APP_ID }}
private-key: ${{ secrets.GITHUB_APP_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
repositories: |
my-private-repo
- name: Configure Git
run: git config --global url."https://x-access-token:${{ steps.app-token.outputs.token }}@github.com/".insteadOf "[email protected]:"
- name: Run Git commands
run: |
git clone [email protected]:${{ github.repository_owner }}/my-private-repo.git
# do some stuff...
git push
If owner is set and repositories is empty, access will be scoped to all repositories in the provided repository owner’s installation.
If owner and repositories are empty, access will be scoped to only the current repository.