actions · danra · May 24, 2024 · May 24, 2024 · gr2m · Jun 19, 2024
@@ -99,11 +99,37 @@ jobs:
           app-id: ${{ vars.APP_ID }}
           private-key: ${{ secrets.PRIVATE_KEY }}
           owner: ${{ github.repository_owner }}
-      - uses: peter-evans/create-or-update-comment@v3
+      - uses: actions/checkout@v4
-      - uses: actions/checkout@v4
+      - uses: peter-evans/create-or-update-comment@v4
-      - uses: actions/checkout@v4
+      - uses: peter-evans/create-or-update-comment@v4
         with:
           token: ${{ steps.app-token.outputs.token }}
-          issue-number: ${{ github.event.issue.number }}
-          body: "Hello, World!"
+          ref: ${{ github.head_ref }}
+          # Access allowed to private submodules in the current owner's installation
+          submodules: recursive
+          # Make sure the value of GITHUB_TOKEN will not be persisted in repo's config
+          persist-credentials: false
+```
-          ref: ${{ github.head_ref }}
-          # Access allowed to private submodules in the current owner's installation
-          submodules: recursive
-          # Make sure the value of GITHUB_TOKEN will not be persisted in repo's config
-          persist-credentials: false
-```
-          ref: ${{ github.head_ref }}
-          # Access allowed to private submodules in the current owner's installation
-          submodules: recursive
-          # Make sure the value of GITHUB_TOKEN will not be persisted in repo's config
-          persist-credentials: false
-```
+
+### Use token for all repositories in the current owner's installation, encoded for http basic auth
+
+```yaml
+on: [pull_request]
+
+jobs:
+  auto-format:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/create-github-app-token@v1
+        id: app-token
+        with:
+          app-id: ${{ vars.APP_ID }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
+          owner: ${{ github.repository_owner }}
+      - env:
+          GIT_CONFIG_COUNT: 1
+          GIT_CONFIG_KEY_0: http.https://github.com/.extraheader
+          GIT_CONFIG_VALUE_0: "AUTHORIZATION: basic ${{ steps.app-token.outputs.basic-auth-credentials }}"
+        # Access allowed to private submodules in the current owner's installation
+        run: git clone --recurse-submodules --shallow-submodules https://github.com/${{ github.repository }}
 ```
 
 ### Create a token for multiple repositories in the current owner's installation

@@ -40,6 +40,8 @@ inputs:
 outputs:
   token:
     description: "GitHub installation access token"
+  basic-auth-credentials:
+    description: "HTTP basic auth credentials using the access token"
   installation-id:
     description: "GitHub App installation ID"
   app-slug:

@@ -39747,8 +39747,11 @@ async function main(appId2, privateKey2, owner2, repositories2, core3, createApp
       retries: 3
     }));
   }
+  let basicAuthCredentials = btoa("x-access-token:" + authentication.token);
   core3.setSecret(authentication.token);
+  core3.setSecret(basicAuthCredentials);
   core3.setOutput("token", authentication.token);
+  core3.setOutput("basic-auth-credentials", basicAuthCredentials);
   core3.setOutput("installation-id", installationId);
   core3.setOutput("app-slug", appSlug);
   if (!skipTokenRevoke2) {

@@ -94,10 +94,14 @@ export async function main(
     }));
   }
 
+  let basicAuthCredentials = btoa("x-access-token:" + authentication.token)
+
   // Register the token with the runner as a secret to ensure it is masked in logs
   core.setSecret(authentication.token);
+  core.setSecret(basicAuthCredentials);
 
   core.setOutput("token", authentication.token);
+  core.setOutput("basic-auth-credentials", basicAuthCredentials);
   core.setOutput("installation-id", installationId);
   core.setOutput("app-slug", appSlug);