Question about personal access token
morrowcj opened this issue · comments
Problem
I'm trying to implement the add-to-project
action to an organization's repository. It appears that, in order to do so, a personal access token is required:
# from action.yaml
github-token:
required: true
description: A GitHub personal access token with write access to the project
However, I don't fully understand how to store a PAT in an organization's secret variables. Does the "value" field of the secret variable actually need to be a PAT for this action to work? Since organizations aren't able to generate PATs, does one member of the org need to be responsible for generating and maintaining the token?
Hey! Yes, one member needs to generate the token and add it as an organization Secret from the Repo settings page
Check out these docs on encrypted secrets: https://docs.github.com/en/actions/security-guides/encrypted-secrets
Cannot GITHUB_TOKEN
be used for that?
I'm curious about @uhbif19's question too, @omerbensaadon
Is it required that it be a personal access token and not the GITHUB_TOKEN
?
This comment seems to suggest that, no, GITHUB_TOKEN
cannot be used.
Thanks for the update @levibostian
I'm trying this out on a private project with a bot account we use to share the PAT across our organization but the action just isn't running with that change. I'm fairly certain that I haven't set up permissions properly but debugging is difficult.
I'm poring over documentation about secrets/roles/permissions/etc but am commenting here hoping that someone has a straightforward explanation of how to set this up properly.
I'll comment again if I solve my problem.
EDIT: specifically I'm not seeing checks on my PRs but when I look at the Actions tab, I can see this action has failed but reports Could not resolve to a ProjectV2 with the number 9.
Is this a permissions problem?