-
Hi, I’m having this question because of the Codecov uploader security breach, which has exposed all environment variables (including If it’s not generated on each run, is there any way to regenerate it? Thanks! |
Beta Was this translation helpful? Give feedback.
Replies: 4 comments
-
Yes, see Authentication in a workflow - GitHub Docs
|
Beta Was this translation helpful? Give feedback.
-
Hi @ylemkimon, I read that article but it wasn’t clear to me that the token was rotated because I’m not familiar with the internals of how GitHub Apps works. Are you sure the documentation there really implies that the token is different for each run/GitHub App installation? Thanks! |
Beta Was this translation helpful? Give feedback.
-
Yes. If in doubt, you can always test it yourself, e.g., |
Beta Was this translation helpful? Give feedback.
-
Thanks again for the answer. I thought of doing something like that to get some empirical proof, but then only because an experiment showed something doesn’t mean it is guaranteed to change, so I have more peace of mind if there is a guarantee that different tokens will be created for different runs. In any case, I consider this question answered, so thanks again! |
Beta Was this translation helpful? Give feedback.
Yes, see Authentication in a workflow - GitHub Docs