Skip to content

Support Dual Authentication (GitHub App and Direct Token) #7

New issue
New issue
Open
Feature
Open
Support Dual Authentication (GitHub App and Direct Token)#7
Feature
Assignees
piraz
Labels
enhancementNew feature or request
@piraz

Description

@piraz
piraz
opened on Mar 8, 2026

Enable the action to authenticate using either a direct GitHub Token (PAT/GITHUB_TOKEN) or a GitHub App. This simplifies onboarding for users who prefer token-based setups while maintaining the secure GitHub App flow.

Key Changes:

  1. Inputs: Add github-token to action.yml and make app-id/private-key optional.
  2. Precedence:
    • Priority 1: Use github-token (Direct Auth).
    • Priority 2: Fallback to app-id + private-key (App Auth).
  3. Security: Mask the token (passed or generated) with core.setSecret.
  4. Operations: Use the token for both GitHub API calls (Octokit) and Git push (remote URL).

Metadata

Metadata

Assignees

Labels

enhancementNew feature or request

Type

Feature

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions