A github app wrapper to generate short lived token
Project description
Github Token App
Github Token App is a package for generating short lived github tokens (expires in 1 hour) with minimum necessary permissions.
Currently, the code generates read and write github token to the specific list of repositories.
- An example of read github token is git clone.
- An example of write github token is git push.
The github token app also provides a CLI which can be used to generate a github token to authenticate to github.
Installation
pip install github-token-app
Required Environment Variables
- BASE64_PRIVATE_PEM_KEY: This is the private pem key for the github-app encoded in base64.
- GITHUB_APP_ID: App ID
- INSTALLATION_ID: Installation Id for App/Org Pair (if you don't know, it can be generated from the second step below)
What the code does?
-
The code is for authenticating a github app as an installation. Installations are created from a Github app settings (Install App).
-
Under Install App, click on the account settings. You will find the installation ID in the URL https://github.com/apps/my-app-name/installations/**INSTALLATION_ID**. Set the INSTALLATION_ID as environment variable based on your required access.
Alternatively, the code contains
get_installationsfunction which can be called by CLI commandgta installations. It returns a response of list of installations. Theidattributes in the responses are the installation ids. -
Finally, there are three methods read, write and write-pr. That generates token to perform respective actions to specific repositories.
Commands
- read
Generates token which grants read-only access to specified Github Repository
gta read [list of repositories]
gta read my-private-repo
- write
Generates token which grants write access to specified Github Repository
gta write [list of repositories]
gta write my-private-repo
- write-pr
Generate token which grants write access to specified Github Repository along with permission to create prs.
gta write-pr [list of repositories]
gta write-pr my-private-repo
Using the generated token
- Cloning a repository
git clone https://x-access-token:$GITHUB_TOKEN@github.com/my-org/my-private-repo.git
- Writing to a repository
git remote set-url origin "https://x-access-token:${GITHUB_TOKEN}@github.com/my-org/my-private-repo.git"
git config --global user.email "<>"
git config --global user.name "my-username"
Contribution
Please read the CLA carefully before submitting your contribution to Mercari. Under any circumstances, by submitting your contribution, you are deemed to accept and agree to be bound by the terms and conditions of the CLA.
License
Copyright 2021 Mercari, Inc.
Licensed under the MIT License.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file github-token-app-0.2.0.tar.gz.
File metadata
- Download URL: github-token-app-0.2.0.tar.gz
- Upload date:
- Size: 5.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.8.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | aee611bca05109b17e521f78c8cecef087b6fb8dd2ba58374f2906853a3680b0 |
|
| MD5 | 62b3e54a78119f9f63e1761baf76071c |
|
| BLAKE2b-256 | e7d9d1c7daf1b5738c9686f8fb986a022e5f5cc10ff8b692425fe061ce03c5f4 |
File details
Details for the file github_token_app-0.2.0-py3-none-any.whl.
File metadata
- Download URL: github_token_app-0.2.0-py3-none-any.whl
- Upload date:
- Size: 6.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.8.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 638497a331b3430df68cf6632d86a06319b6b4d586cee62264f9c5fc4800266f |
|
| MD5 | 875fc1bf4fb576cdb6d853f96187da92 |
|
| BLAKE2b-256 | 0d989e2ddabecdc910e6a1833680e1a60965563ada284fb0bf2fd4312ef4bc4e |
