A NodeJS helper application to generate access tokens from GitHub apps and access private repositories.
- Go to your account or organization settings.
- Go to
Developer settings
. - Click on
New GitHub App
. - Enter the application name and an optional description.
- Leave
Callback URL
empty. - Turn on
Expire user authorization tokens
checkbox. - Ensure to give Read-Only permissions to
Actions
,Contents
,Metadata
,Packages
andSecrets
. Adjust the rest on your needs. - For the rest of the options, adjust to your needs.
- For organizations, may be convenient to enable subscription to events like
Push
andRelease
. - In
Where can this GitHub App be installed?
, selectOnly on this account
.
- Leave
- Click on
Create GitHub App
to save the new app. - Yoy will be forwarded to the application general settings edit page.
- Take note of the Application ID.
- Scroll to almost the bottom of the page and click on
Generate a private key
. Save the file on a safe place. - Select
Install App
from the left menu and click on the Install App button next to your account/organization name. - Select the repositories you want the app to access and click on the
Install
button. - Once installed, you will be redirected to a page with an url like this
https://github.com/.../settings/installations/#####
. - Take note of the number at the end. It is the Installation ID.
At this point you must have:
- The application ID.
- The installation ID.
- A file containing a RSA private key.
Run npx https://github.com/randlabs/github-app-installation-access-token gen-cred -a {APP-ID} -i {INSTALLATION-ID} -k "{PRIVATE-KEY}"
And the base64 encoded credentials token will be written into the console output.
Run npx https://github.com/randlabs/github-app-installation-access-token get -a {APP-ID} -i {INSTALLATION-ID} -k {PRIVATE-KEY}
or npx https://github.com/randlabs/github-app-installation-access-token get-with-cred -c {BASE64-ENCODED-CREDENTIALS}
To get an access token that will be written into the console output.
The common approach is to save the output into an environment variable and use it to access allowed repositories like the following example:
git clone https://x-access-token:<token>@github.com/owner/repo.git
- The
-k, --privateKey
parameter accepts a file reference if you prefix the value with@
. - Use NodeJS v16 or later.
See LICENSE
file for licensing details.