API to generate runners token? #26751
-
It would be very useful to have an api endpoint that would allow me to generate setup tokens for self-hosted Actions Runners dynamically and allow me to have packerized AMIs that automagically pull the token and connect to github. The inability to do this currently drastically limits their usefulness for me. |
Beta Was this translation helpful? Give feedback.
Replies: 16 comments
-
There is no Github API to generate tokens. When you want to setup self-hosted runner, you can go to repo Settings > Actions > Self-hosted runners section, clicking on “Add runner” button. Then there is a token for you to use in Configure steps. For more information of Adding self-hosted runners, please refer to https://help.github.com/cn/actions/automating-your-workflow-with-github-actions/adding-self-hosted-runners |
Beta Was this translation helpful? Give feedback.
-
I know there isn’t an api. That’s why I said it would be useful to have one. |
Beta Was this translation helpful? Give feedback.
-
Sorry to tell you that as a security precaution, Github doesn’t provide an API to create personal access token. You need to follow the steps to create a PAT through web site. https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line |
Beta Was this translation helpful? Give feedback.
-
So a normal PAT can be used for this purpose of registering a self hosted action runner? Does it need any specific permissions in order to do this? |
Beta Was this translation helpful? Give feedback.
-
I don’t entirely understand how allowing api access to retrieve a token would be less secure than, say, using api access to interact with branches and repos and pull requests. There are already authenticated endpoints that plenty of automation users leverage. |
Beta Was this translation helpful? Give feedback.
-
I’ve confirmed that PAT tokens cannot currently be used for this purpose, only the tokens obtained via Actions > Add Runner work. Which is a bit of a problem for us as they appear to be short lived. |
Beta Was this translation helpful? Give feedback.
-
An API for this is on the roadmap. I don’t have a timeline to share at the moment. But we’ll be posting to the Changelog when this is available. And to clear up some of the confusion around PATs/runner tokens. The runner token provided via the UI is a temporary token that expires after 60 minutes. It only has the ability to register runners. PATs are not able to register runners. |
Beta Was this translation helpful? Give feedback.
-
Perfect, good to know. Thanks! |
Beta Was this translation helpful? Give feedback.
-
Good to hear there will be an api to generate these tokens. We are trying to have self hosted action runners in aws fargate and so short lived tokens present a problem as the the runner tasks are transient. Also it would be benefitial to be able to scale them up and down as and when needed. Without the token api (or much longer lived tokens) this currently isn’t possible. |
Beta Was this translation helpful? Give feedback.
-
Also looking forward to this feature. I was also looking to provision short lived runners, but cannot easily without the token generation API. |
Beta Was this translation helpful? Give feedback.
-
Hey guys, glad to here there is an API on the roadmap. Is there any ETA, so I know when about I can make the provisioning fully automated? Thanks guys, Michael |
Beta Was this translation helpful? Give feedback.
-
I asked GitHub support for an ETA, should be sometime next week. \o/ |
Beta Was this translation helpful? Give feedback.
-
The GitHub Actions API has shipped https://developer.github.com/v3/actions/self_hosted_runners/ |
Beta Was this translation helpful? Give feedback.
-
The generated self-hosted using API, is 130 characters long, way longer then the one generated on "Settings -> Action -> Add runner ", doesn’t seems to work either, any ideas why? |
Beta Was this translation helpful? Give feedback.
-
Is there a GraphQL API endpoint? |
Beta Was this translation helpful? Give feedback.
-
Anyone successfully using the API with a token? I'm getting a strange response:
But the operation I am trying to do, listing organization runners is not related to a repository but rather an organization's runners. A repository is not even mentioned in the API request. I've even gone overboard and allowed every scope possible: in an effort to debug but still get the same error above. |
Beta Was this translation helpful? Give feedback.
An API for this is on the roadmap. I don’t have a timeline to share at the moment. But we’ll be posting to the Changelog when this is available.
And to clear up some of the confusion around PATs/runner tokens. The runner token provided via the UI is a temporary token that expires after 60 minutes. It only has the ability to register runners.
PATs are not able to register runners.