{"id":19652689,"url":"https://github.com/advanced-security/github-app-auth","last_synced_at":"2025-04-28T17:30:52.805Z","repository":{"id":64304537,"uuid":"431906620","full_name":"advanced-security/github-app-auth","owner":"advanced-security","description":"Utility to generate tokens to interact with the GitHub API via GitHub App integration","archived":false,"fork":false,"pushed_at":"2024-04-19T12:29:00.000Z","size":33,"stargazers_count":5,"open_issues_count":1,"forks_count":3,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-06-20T07:58:15.411Z","etag":null,"topics":["authentication","ci-cd","github","github-api","github-app"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/advanced-security.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2021-11-25T16:14:35.000Z","updated_at":"2023-12-05T15:46:33.000Z","dependencies_parsed_at":"2023-11-22T02:29:50.373Z","dependency_job_id":"a0f86772-a879-4c03-a01f-3f929f548f25","html_url":"https://github.com/advanced-security/github-app-auth","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/advanced-security%2Fgithub-app-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/advanced-security%2Fgithub-app-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/advanced-security%2Fgithub-app-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/advanced-security%2Fgithub-app-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/advanced-security","download_url":"https://codeload.github.com/advanced-security/github-app-auth/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224124862,"owners_count":17259746,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","ci-cd","github","github-api","github-app"],"created_at":"2024-11-11T15:11:45.489Z","updated_at":"2024-11-11T15:11:46.197Z","avatar_url":"https://github.com/advanced-security.png","language":"Go","readme":"# GitHub App Authentication for integration with GitHub\n\n## Introduction\n\nGitHub Apps are the officially recommended way to integrate with GitHub because of their support for granular permissions to access data. For more information see [About Apps](https://docs.github.com/en/developers/apps/getting-started-with-apps/about-apps)\n\nThe `github-app-auth` application is specifically designed to enable integration of third-party CI/CD systems with GitHub by generating a token that can be used to interact with the GitHub API available to GitHub Apps.\nA list of endpoints available to GitHub Apps is documented [here](https://docs.github.com/en/rest/overview/endpoints-available-for-github-apps)\n\n## Examples\n\n### Retrieving a list of repositories with the GH CLI\n\nThe [GitHub CLI](https://cli.github.com/) allows for convenient access to GitHub from the command line.\nWe can retrieve a list of repositories the GitHub App has permission to access by invoking it with the `GITHUB_TOKEN` environment variable set to the installation token generated by `github-app-auth`.\n\n```bash\nGITHUB_TOKEN=$(github-app-auth \u003capp-id\u003e \u003cprivate-key\u003e) gh repo list\n```\n\n- `\u003capp-id\u003e` is the GitHub App ID\n- `\u003cprivate-key\u003e` is the path to the GitHub App PEM encoded private key\n\n### Uploading a SARIF file\n\nThe GitHub [documentation](https://docs.github.com/en/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system#uploading-results-to-github) for using CodeQL in a CI system provides the following example for uploading results.\n\n```bash\necho \"$UPLOAD_TOKEN\" | codeql github upload-results --repository=\u003crepository-name\u003e \\\n      --ref=\u003cref\u003e --commit=\u003ccommit\u003e --sarif=\u003cfile\u003e \\\n      --github-auth-stdin\n```\n\nThe `$UPLOAD_TOKEN` must be a token with the `security_events` scope as described in the CodeQL manual [here](https://codeql.github.com/docs/codeql-cli/manual/github-upload-results/).\n\nWith `github-app-auth` application that relies on a GitHub App to generate a token the example becomes.\n\n```bash\ngithub-app-auth \u003capp-id\u003e \u003cprivate-key\u003e | codeql github upload-results --repository=\u003crepository-name\u003e \\\n      --ref=\u003cref\u003e --commit=\u003ccommit\u003e --sarif=\u003cfile\u003e \\\n      --github-auth-stdin\n```\n\n- `\u003capp-id\u003e` is the GitHub App ID\n- `\u003cprivate-key\u003e` is the path to the GitHub App PEM encoded private key\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadvanced-security%2Fgithub-app-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fadvanced-security%2Fgithub-app-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadvanced-security%2Fgithub-app-auth/lists"}