Return the GitHub App user id #148
Comments
|
Here's how my bot signature is generated. function set_dco_signature {
if [[ $TOKEN == ghp_* ]]; then
# https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/
# What starts with 'ghp_' is the GitHub personal access token
response=$(curl -s -H "Authorization: token $TOKEN" "$GITHUB_URL/user")
elif [[ $APP_SLUG ]]; then
CommitBot=$APP_SLUG
else
CommitBot="github-actions"
fi
if [[ $CommitBot ]]; then
response=$(curl -s -H "Authorization: token $TOKEN" "$GITHUB_URL/users/$CommitBot\[bot\]")
fi
CommitBot=$(echo "$response" | jq -r '.login')
id=$(echo "$response" | jq -r '.id')
echo "Signed-off-by: $CommitBot <$id+$CommitBot@users.noreply.github.com>"
} |
Exactly, which is why I think it makes sense to return it as an output to the action 😄 |
|
I agree it would be convenient to add the app's user ID to the output, but it would require an additional request that most users won't need. I suggest we document that approach first in the README, with an extra step to retrieve the user ID using https://github.com/octokit/request-action/ or something similar. |
Maybe we could add an additional input to request it? |
|
@vleon1a You can try this. - name: Generate GitHub App Token
id: generate-token
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
with:
app-id: ${{ secrets.SEMANTIC_RELEASE_APP_ID }}
private-key: ${{ secrets.SEMANTIC_RELEASE_PRIVATE_KEY }}
- name: Get bot Id
id: get-bot-id
uses: octokit/request-action@v2
with:
route: GET /users/${{ steps.generate-token.outputs.app-slug }}[bot]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: GitHub Release
env:
GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }}
GIT_AUTHOR_NAME: ${{ steps.generate-token.outputs.app-slug }}[bot]
GIT_AUTHOR_EMAIL: ${{ fromJson(steps.get-bot-id.outputs.data).id }}+${{ steps.generate-token.outputs.app-slug }}[bot]@users.noreply.github.com
GIT_COMMITTER_NAME: ${{ steps.generate-token.outputs.app-slug }}[bot]
GIT_COMMITTER_EMAIL: ${{ fromJson(steps.get-bot-id.outputs.data).id }}+${{ steps.generate-token.outputs.app-slug }}[bot]@users.noreply.github.com
run: npx semantic-release |
Yes, that would work indeed, but my initial thought was that as the action returns metadata already it would make sense, even if it requires one additional call. |
Actions are composable, I'd rather document how to get what you want in our README as it is a common request, but not add more code to this action I think @maboloshi suggestion above is great on how to get the app user ID. By the way, for @semantic-release specifically, I don't think it's necessary unless you use the |
Thanks, I can open a PR to mention this to the readme file then. |
|
It looks like #145 is already doing this, probably with a preference for the |
|
Closing as the readme has been updated in #145 |
Hello,
The action returns additional outputs thanks to #105, but it would be great to return also the GitHub App user id, which we can fetch using the GH CLI for instance with
gh api "/users/<app-slug>[bot]" --jq .id.The rationale is that to get the commit authenticated properly, we have to use the user id and not the installation id (as also mentioned in this discussion. This was discussed in the mentioned PR, but somehow only the installation id was added to the outputs.
This is currently how I implemented it:
Which leads to commits not properly associated with the GitHub App. So we would need to use the
user-idinstead of theinstallation-idin the emailThe text was updated successfully, but these errors were encountered: