actions/renovatebot-github
1
0
Fork 0
mirror of https://github.com/renovatebot/github-action.git synced 2025-12-16 08:52:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Link the readme to the Renovate GitHub App documentation (#655)

Browse source 
Closes https://github.com/renovatebot/github-action/issues/653
This commit is contained in:
Glenn McDonald 2022-11-25 18:16:57 +11:00 committed by GitHub
parent b67941a4f2
commit 9eeffc5474
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

10
README.md
View file

@ -84,13 +84,7 @@ jobs:
## Example with GitHub App
Instead of using a Personal Access Token (PAT) that is tied to a particular user you can use a [GitHub App](https://docs.github.com/en/developers/apps/building-github-apps) where permissions can be even better tuned. [Create a new app](https://docs.github.com/en/developers/apps/creating-a-github-app) and give it the following permissions:
| Permission | Level |
| --------------- | -------------- |
| `Contents` | `Read & write` |
| `Metadata` | `Read-only` |
| `Pull requests` | `Read & write` |
Instead of using a Personal Access Token (PAT) that is tied to a particular user you can use a [GitHub App](https://docs.github.com/en/developers/apps/building-github-apps) where permissions can be even better tuned. [Create a new app](https://docs.github.com/en/developers/apps/creating-a-github-app) and configure the app permissions and your `config.js` as described in the [Renovate documentation](https://docs.renovatebot.com/modules/platform/github/#running-as-a-github-app).
Store the app ID as a secret with name `APP_ID` and generate a new private key for the app and add it as a secret to the repository as `APP_PEM` in the repository where the action will run from. Note that `APP_PEM` needs to be base64 encoded. You can encode your private key file like this from the terminal on Linux (omit the `-w 0` if you're on a Mac):
@ -98,6 +92,8 @@ Store the app ID as a secret with name `APP_ID` and generate a new private key f
cat your_app_key.pem | base64 -w 0
```
Adjust your Renovate configuration file to specify the username of your bot.
Going forward we will be using the [machine-learning-apps/actions-app-token](https://github.com/machine-learning-apps/actions-app-token) action in order to exchange the GitHub App certificate for an access token that renovate can use.
The final workflow will look like this: