Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/techprober/app-token-generator

A serverless function that offers the end-user a way to dynamically generate a Github Access Token for use cases in any back-end system
https://github.com/techprober/app-token-generator

cicd containerization github-application oauth-function serverless

Last synced: about 1 month ago
JSON representation

A serverless function that offers the end-user a way to dynamically generate a Github Access Token for use cases in any back-end system

Host: GitHub
URL: https://github.com/techprober/app-token-generator
Owner: techprober
License: mit
Created: 2022-02-02T09:26:54.000Z (almost 3 years ago)
Default Branch: master
Last Pushed: 2022-02-03T08:48:44.000Z (almost 3 years ago)
Last Synced: 2023-03-05T23:19:28.699Z (almost 2 years ago)
Topics: cicd, containerization, github-application, oauth-function, serverless
Language: Makefile
Homepage:
Size: 16.6 KB
Stars: 2
Watchers: 0
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

🔐 App Token Generator

A tool to generate Github Access Token on the fly

License

## Introduction

#### Background

Using default settings with GitHub Apps may put you at risk of leaking data between GitHub App installations. GitHub allows developers to create what is referred to as a GitHub app. A GitHub app can be installed on a GitHub organization or a personal GitHub account. Once installed, the GitHub app can request a new token for each installation of the app. The GitHub App has a private key that is used to generate a GitHub App token. This token can be used for a subset of the GitHub APIs.

#### Application

`App Token Generator` is a serverless function offers the end-user a way to dynamically generate a Github Access Token tailored to be used in any back-end system. It can also be intergrated in the standard CICD Pipeline as a seperate step or stage.

## Local Setup

#### Pre-requisite

- Put `private-key.pem` associtated to your Github Application under the project root path

#### Run

```bash
GITHUB_APP_KEY=private-key.pem APP_ID= ./handler.rb
```

## Containerization

Build the image

```bash
docker build -t app-token-generator:latest .
```

Run the application as a container

```bash
docker run --rm -it \
--name app-token-generator \
-e APP_ID= \
-e GITHUB_APP_KEY= \
-v $(PWD)/private-key.pem: \
quay.io/techprober/app-token-generator:latest
```

## References

- [GitHub Apps - How to avoid leaking your customer’s source code with GitHub apps](https://roadie.io/blog/avoid-leaking-github-org-data/)
- [GitHub Docs - Authenticating with github apps](https://docs.github.com/en/developers/apps/building-github-apps/authenticating-with-github-apps#generating-a-private-key)
- [GitHub API Docs - Create an installation access token for an app](https://docs.github.com/en/rest/reference/apps#create-an-installation-access-token-for-an-app)