diff --git a/content/apps/creating-github-apps/authenticating-with-a-github-app/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow.md b/content/apps/creating-github-apps/authenticating-with-a-github-app/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow.md index 55c1a136b6c6..6e32865ca934 100644 --- a/content/apps/creating-github-apps/authenticating-with-a-github-app/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow.md +++ b/content/apps/creating-github-apps/authenticating-with-a-github-app/making-authenticated-api-requests-with-a-github-app-in-a-github-actions-workflow.md @@ -29,13 +29,18 @@ In order to use a {% data variables.product.prodname_github_app %} to make authe 1. Install the {% data variables.product.prodname_github_app %} on your user account or organization and grant it access to any repositories that you want your workflow to access. For more information, see "[AUTOTITLE](/apps/maintaining-github-apps/installing-github-apps#installing-your-private-github-app-on-your-repository)." 1. In your {% data variables.product.prodname_actions %} workflow, create an installation access token, which you can use to make API requests. - To do this, you can use a {% data variables.product.company_short %}-owned action as demonstrated in the following example. If you prefer to not use this action, you can fork and modify the [`actions/create-github-app-token` action](https://github.com/actions/create-github-app-token), or you can write a script to make your workflow create an installation token manually. For more information, see "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app-installation)." + {% ifversion ghes < 3.12 %}To do this, you can use a pre-made action as demonstrated in the following example. If you prefer to not use a third party action, you can fork and modify the `tibdex/github-app-token` action, or you can write a script to make your workflow create an installation token manually. For more information, see "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app-installation)."{% else %}To do this, you can use a {% data variables.product.company_short %}-owned action as demonstrated in the following example. If you prefer to not use this action, you can fork and modify the [`actions/create-github-app-token` action](https://github.com/actions/create-github-app-token), or you can write a script to make your workflow create an installation token manually. For more information, see "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app-installation)."{% endif %} - The following example workflow uses the `actions/create-github-app-token` action to generate an installation access token. Then, the workflow uses the token to make an API request via the {% data variables.product.prodname_cli %}. + The following example workflow uses the {% ifversion ghes < 3.12 %}`tibdex/github-app-token`{% else %}`actions/create-github-app-token`{% endif %} action to generate an installation access token. Then, the workflow uses the token to make an API request via the {% data variables.product.prodname_cli %}. In the following workflow, replace `APP_ID` with the name of the secret where you stored your app ID. Replace `APP_PRIVATE_KEY` with the name of the secret where you stored your app private key. ```yaml copy +{% ifversion ghes < 3.12 %} +{% data reusables.actions.actions-not-certified-by-github-comment %} + +{% data reusables.actions.actions-use-sha-pinning-comment %} +{% endif %} on: workflow_dispatch: jobs: @@ -44,7 +49,7 @@ jobs: steps: - name: Generate a token id: generate_token - uses: actions/create-github-app-token@v1 + uses: {% ifversion ghes < 3.12 %}tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92{% else %}actions/create-github-app-token@v1{% endif %} with: app_id: {% raw %}${{ secrets.APP_ID }}{% endraw %} private_key: {% raw %}${{ secrets.APP_PRIVATE_KEY }}{% endraw %} diff --git a/content/issues/planning-and-tracking-with-projects/automating-your-project/automating-projects-using-actions.md b/content/issues/planning-and-tracking-with-projects/automating-your-project/automating-projects-using-actions.md index a5c2d010212c..92b15ebbe120 100644 --- a/content/issues/planning-and-tracking-with-projects/automating-your-project/automating-projects-using-actions.md +++ b/content/issues/planning-and-tracking-with-projects/automating-your-project/automating-projects-using-actions.md @@ -52,6 +52,15 @@ For more information about authenticating in a {% data variables.product.prodnam 1. Generate a private key for your app. Store the contents of the resulting file as a secret in your repository or organization. (Store the entire contents of the file, including `-----BEGIN RSA PRIVATE KEY-----` and `-----END RSA PRIVATE KEY-----`.) In the following workflow, replace `APP_PEM` with the name of the secret. For more information, see "[AUTOTITLE](/apps/creating-github-apps/authenticating-with-a-github-app/managing-private-keys-for-github-apps)." 1. In the following workflow, replace `YOUR_ORGANIZATION` with the name of your organization. For example, `octo-org`. Replace `YOUR_PROJECT_NUMBER` with your project number. To find the project number, look at the project URL. For example, `https://github.com/orgs/octo-org/projects/5` has a project number of 1. In order for this specific example to work, your project must also have a "Date posted" date field. + {% ifversion ghes < 3.12 %}{% note %} + + **Notes:** + + - {% data reusables.actions.actions-not-certified-by-github %} + - {% data reusables.actions.actions-use-sha-pinning %} + + {% endnote %}{% endif %} + ```yaml annotate copy # name: Add PR to project @@ -64,14 +73,14 @@ jobs: track_pr: runs-on: ubuntu-latest steps: - # Uses the [actions/create-github-app-token](https://github.com/marketplace/actions/create-github-app-token) action to generate an installation access token for your app from the app ID and private key. The installation access token is accessed later in the workflow as `{% raw %}${{ steps.generate_token.outputs.token }}{% endraw %}`. + # Uses the {% ifversion ghes < 3.12 %}[tibdex/github-app-token](https://github.com/tibdex/github-app-token){% else %}[actions/create-github-app-token](https://github.com/marketplace/actions/create-github-app-token){% endif %} action to generate an installation access token for your app from the app ID and private key. The installation access token is accessed later in the workflow as `{% raw %}${{ steps.generate_token.outputs.token }}{% endraw %}`. # #Replace `APP_ID` with the name of the secret that contains your app ID. # #Replace `APP_PEM` with the name of the secret that contains your app private key. - name: Generate token id: generate_token - uses: actions/create-github-app-token@v1 + uses: {% ifversion ghes < 3.12 %}tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92{% else %}actions/create-github-app-token@v1{% endif %} with: app_id: {% raw %}${{ secrets.APP_ID }}{% endraw %} private_key: {% raw %}${{ secrets.APP_PEM }}{% endraw %} diff --git a/content/rest/quickstart.md b/content/rest/quickstart.md index bef440d73f5c..1cf16f400b1a 100644 --- a/content/rest/quickstart.md +++ b/content/rest/quickstart.md @@ -82,6 +82,11 @@ If you are authenticating with a {% data variables.product.prodname_github_app % 1. Add a step to generate a token, and use that token instead of `GITHUB_TOKEN`. Note that this token will expire after 60 minutes. For example: ```yaml + {% ifversion ghes < 3.12 %} + {% data reusables.actions.actions-not-certified-by-github-comment %} + + {% data reusables.actions.actions-use-sha-pinning-comment %} + {% endif %} on: workflow_dispatch: jobs: @@ -90,7 +95,7 @@ If you are authenticating with a {% data variables.product.prodname_github_app % steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@v1 + uses: {% ifversion ghes < 3.12 %}tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92{% else %}actions/create-github-app-token@v1{% endif %} with: app_id: {% raw %}${{ secrets.APP_ID }}{% endraw %} private_key: {% raw %}${{ secrets.APP_PEM }}{% endraw %} @@ -224,6 +229,11 @@ If you are authenticating with a {% data variables.product.prodname_github_app % 1. Add a step to generate a token, and use that token instead of `GITHUB_TOKEN`. Note that this token will expire after 60 minutes. For example: ```yaml + {% ifversion ghes < 3.12 %} + {% data reusables.actions.actions-not-certified-by-github-comment %} + + {% data reusables.actions.actions-use-sha-pinning-comment %} + {% endif %} on: workflow_dispatch: jobs: @@ -244,7 +254,7 @@ If you are authenticating with a {% data variables.product.prodname_github_app % - name: Generate token id: generate_token - uses: actions/create-github-app-token@v1 + uses: {% ifversion ghes < 3.12 %}tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92{% else %}actions/create-github-app-token@v1{% endif %} with: app_id: {% raw %}${{ secrets.APP_ID }}{% endraw %} private_key: {% raw %}${{ secrets.APP_PEM }}{% endraw %} @@ -350,6 +360,11 @@ If you are authenticating with a {% data variables.product.prodname_github_app % 1. Add a step to generate a token, and use that token instead of `GITHUB_TOKEN`. Note that this token will expire after 60 minutes. For example: ```yaml + {% ifversion ghes < 3.12 %} + {% data reusables.actions.actions-not-certified-by-github-comment %} + + {% data reusables.actions.actions-use-sha-pinning-comment %} + {% endif %} on: workflow_dispatch: jobs: @@ -358,7 +373,7 @@ If you are authenticating with a {% data variables.product.prodname_github_app % steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@v1 + uses: {% ifversion ghes < 3.12 %}tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92{% else %}actions/create-github-app-token@v1{% endif %} with: app_id: {% raw %}${{ secrets.APP_ID }}{% endraw %} private_key: {% raw %}${{ secrets.APP_PEM }}{% endraw %}