Merge branch 'gh-action'

.github/workflows/test-action.yml

@@ -0,0 +1,25 @@
+name: Test Action
+
+on:
+  pull_request:
+  push:
+    branches:
+      - master
+
+jobs:
+  test_action:
+    name: Run
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Get GITHUB_TOKEN for Github Apps
+        uses: nabeken/go-github-apps@v0
+        id: go-github-apps
+        with:
+          installation_id: ${{ secrets.installation_id }}
+          app_id: ${{ secrets.app_id }}
+          private_key: ${{ secrets.private_key }}
+
+      - name: Test Github API call
+        run: |
+          curl --fail -H 'Authorization: token ${{ steps.go-github-apps.outputs.app_github_token }}' https://api.github.com/

README.md

@@ -4,8 +4,8 @@
 
 When you want to call Github APIs from machines, you would want an access token which independs of a real account.
 Github provides several ways to issue tokens, for example:
-- Issue Personal Access Token via machine-user: Before Github Apps exists, this is typical method to issue a token but it consumes one user seats.
-- Create Github Apps and issue a token for the app: This is a new way and recommended way. The problem is [it's not that easy to issue a token](https://docs.github.com/en/developers/apps/authenticating-with-github-apps#authenticating-as-a-github-app) just to automate small stuff.
+- **Personal Access Token via machine-user**: Before Github Apps exists, this is typical method to issue a token but it consumes one user seats.
+- **Github Apps**: This is a new and recommended way. The problem is [it's not that easy to issue a token](https://docs.github.com/en/developers/apps/authenticating-with-github-apps#authenticating-as-a-github-app) just to automate small stuff.
 
 This command-line tool allows you to get a token with just providing `App ID`, `Installation ID` and the private key.
 
@@ -43,6 +43,25 @@ curl -sSLf https://raw.githubusercontent.com/nabeken/go-github-apps/master/insta
 sudo cp go-github-apps /usr/local/bin
 ```
 
+## Github Actions
+
+You can automate issuing a token with Github Actions.
+
+Example:
+```yml
+- name: Get GITHUB_TOKEN for Github Apps
+  uses: nabeken/go-github-apps@v0
+  id: go-github-apps
+  with:
+    installation_id: ${{ secrets.installation_id }}
+    app_id: ${{ secrets.app_id }}
+    private_key: ${{ secrets.private_key }}
+
+- name: Test Github API call
+  run: |
+    curl --fail -H 'Authorization: token ${{ steps.go-github-apps.outputs.app_github_token }}' https://api.github.com/
+```
+
 ## AppID and Installation ID
 
 You can find how to get those ID at https://github.com/bradleyfalzon/ghinstallation#what-is-app-id-and-installation-id

action.yml

@@ -0,0 +1,30 @@
+inputs:
+  version:
+    description: "A version to install"
+    default: "0.1.1"
+  installation_id:
+    description: "Github Apps Installation ID"
+  app_id:
+    description: "Github Apps App ID"
+  private_key:
+    description: "Github Apps Private Key"
+
+outputs:
+  app_github_token:
+    description: "GITHUB_TOKEN for your Github Apps"
+    value: ${{ steps.go-github-apps.outputs.github_token }}
+
+runs:
+  using: "composite"
+  steps:
+    - run: |
+        curl -sSLf https://raw.githubusercontent.com/nabeken/go-github-apps/master/install-via-release.sh | bash -s -- -v v${{ inputs.version }}
+        sudo cp go-github-apps /usr/local/bin
+      shell: bash
+    - id: go-github-apps
+      run: |
+        T=$(mktemp)
+        trap "rm -f $T" 1 2 3 15
+        env GITHUB_PRIV_KEY="${{ inputs.private_key }}" go-github-apps -inst-id ${{ inputs.installation_id }} -app-id ${{ inputs.app_id }} > $T
+        echo "::set-output name=github_token::$(cat $T)"
+      shell: bash