Skip to content

Setup Access Token

Jump to bottom
Adam Ormsby edited this page Mar 9, 2024 · 2 revisions

Github's docs on Personal Access Tokens (PAT) can be a bit obtuse. Here are some steps to set up a PAT to use this action with a private upstream repo.

Let's assume you have two repos - the target (that you want to update) and the upstream (where updates are coming from). The upstream repo is private. It requires authentication to get data from it.

  1. Create a new PAT with an account that has admin permissions for the upstream repo. Give the PAT the necessary permissions. (At least read from repos.)
  2. Copy the new PAT after it's created. Hold on to it for a minute.
  3. In the target repo where your action workflow is running open Settings -> Secrets.
  4. Click New Repository Secret (top right corner)
  5. Paste your PAT into the box.
  6. Name your token something clear - like MY_TOKEN_FOR_UPSTREAM_SYNC. Save.
  7. In your workflow where you've added the action as a step include the input upstream_repo_access_token: ${{ MY_TOKEN_FOR_UPSTREAM_SYNC }}
  8. Run the workflow in test mode to verify.

DO NOT set upstream_repo_access_token: ${{ secrets.GITHUB_TOKEN}}! That's a special environment variable from Github for the action runner. That should always be set as target_repo_token: ${{ secrets.GITHUB_TOKEN }}.

Alternatively: Use a Github App in your workflow to generate a temporary access token.

Clone this wiki locally