DEV Community

Cover image for Use token for Github Actions with private repositories 🔐
Jesús Mejías Leiva
Jesús Mejías Leiva

Posted on • Edited on

Use token for Github Actions with private repositories 🔐

#productivity #github #webdev

Introduction

In this tutorial I will show how to use the api that github offers us through its token, to apply an action for the continuous deployment of private repositories.

Create token

  • Open settings of our account.

Alt Text

  • Click on the Developer settings option.

Alt Text

  • Click on the Personal access tokens option .

Alt Text

  • Click on generate new token and copy and save it to use it.

Create secret keys needed to use them in the actions

  • Open the settings of our project and click on the Secrets section.Open the settings of our project and click on the Secrets section. In my case I have the following secret keys:

Alt Text

Repository url via API

To download the latest changes from the private repository we will use the github api together with our previously generated and configured token, so that it is as follows:

  • git pull https://${{ secrets.GIT_TOKEN }}:x-oauth-basic@github.com/susomejias/portfolio.git master

Example for a deployment of a private repository in a VPS

  • Within our project we will create a folder called .github and in another one called workflows the latter will contain the files for our actions.

  • In this example we will create a file called ci.yml which will contain the functionality of the action.

  • In my case I have used the example of the action that I use for the deployment of my portfolio:

name: CI

on: [push]

jobs:
  deploy:
    if: github.ref == 'refs/heads/master'
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@master
      - name: Push to server
        uses: appleboy/ssh-action@master
        with:
          host: ${{ secrets.SERVER_IP }}
          username: ${{ secrets.SERVER_USERNAME }}
          password: ${{ secrets.SERVER_PASSWORD }}
          script: cd ${{ secrets.PROJECT_PATH }} && git pull https://${{ secrets.GIT_TOKEN }}:x-oauth-basic@github.com/susomejias/portfolio.git master && npm install && ng build --prod && cp htaccess dist/portfolio/
Enter fullscreen mode Exit fullscreen mode

Perform a upload to test the new action

Alt Text

Thanks for reading me. 😊

Top comments (4)

Collapse
 
wilsonpage profile image
Wilson Page

If you're using actions/checkout@v2 you now need to use the following config to prevent your inline token being overridden and npm/yarn failing to reach your private repo:

- uses: actions/checkout@v2
  with:
    persist-credentials: false
Enter fullscreen mode Exit fullscreen mode
Collapse
 
alohe profile image
Alohe

Wow this is waay better than the github doc, Thank You.

Collapse
 
susomejias profile image
Jesús Mejías Leiva

Thanks for your comment! 🤗

Collapse
 
antonzhukov profile image
Anton Zhukov • Edited

Thanks mate!! You saved my ass. I'd spent several hours before I found your post. Btw persist-credentials: false comment from above didn't work for me.