Can we use the github app or oauth app instead of github PAT to generate the RUNNER_TOKEN? #24743
-
Can we use the github app or oauth app instead of github PAT to generate the RUNNER_TOKEN? The problem with PAT is that none of our Github organization admins want to give the PAT. I am trying to register the self-hosted runner (Docker container) at the organization level using this API. (I am following this article except for the k8s part.). If I use the personal access token of the Github organization admin, it works. But we don’t want to use it from the docker runner since it’s the “personal” access token. I have looked at Oauth App device flow but it needs some manual things like entering the code and etc. |
Beta Was this translation helpful? Give feedback.
Replies: 5 comments
-
Here is an overview of the entire process for creating a self-hosted registration token using an App:
|
Beta Was this translation helpful? Give feedback.
-
Thanks, @github-support. Do you have a bash script instead of Ruby to genereate the JWT? I tried to use this one https://gist.github.com/michaelsync/4ad968e96631dbb9638e57de29b6b937 but didn’t work. I am getting this error. My bash works fine with PAT (both repo level or org level).
|
Beta Was this translation helpful? Give feedback.
-
No worries. I found a way to do it. Thanks. |
Beta Was this translation helpful? Give feedback.
-
Have you found the way to do it? Could you share? |
Beta Was this translation helpful? Give feedback.
-
@apostoins It has been a while. I think I have used this github-actions-self-hosted-runner-container/entrypoint.sh at ae6c023f0985d1b5d35731f592d2abe577a86b98 · michaelsync/github-actions-self-hosted-runner-container · GitHub or one of those files from that repo. I was trying to register the runner at the organization level or repo. I managed to get it working but I need to clean up the files and arrange it properly if I get some times. |
Beta Was this translation helpful? Give feedback.
Here is an overview of the entire process for creating a self-hosted registration token using an App:
Create a GitHub App
Create a PEM for that app: https://docs.github.com/en/free-pro-team@latest/developers/apps/authenticating-with-github-apps#generating-a-private-key
Install that app onto your account
Based on Auth as a GitHub App, copy the ruby script and generate a JWT token
Retrieve the installation ID using the JWT with auth as Bearer
https://docs.github.com/en/free-pro-team@latest/rest/reference/apps#list-installations-for-the-authenticated-app
Create an access token for the installation
https://docs.github.com/en/free-pro-team@latest/rest/reference/apps#create-an-insta…