Login/Register
How to correctly set a Github App committer to show the app created the commit?
Asked Answered
Solved githubgithub-apigithub-app
G

3

5

When using the GitHub Api you can supply the author and committer information, such as when you PUT a content file.

I want to be able to use the GitHub App as the committer so that people understand the commit was done using the third-party tool and the author information is kept as the authenticated user.

Currently I am using the app name as the name of the committer and an email for the apps' domain. But that does not tie the commit to the app at all (ex: I would have to create a bot account with that email to get it show any kind of profile, etc but that would not really be tied to my Github App).

What is the correct way to do this? Or should I not be trying to use the App as the committer and just use the authenticated user as the committer?

Genesia answered 1/4, 2021 at 16:49 Comment(1)
If I understand well, you are trying a bot to create a commit, right? If so, you can use GitHub Actions as the committer (if you use GitHub Actions). Or, you can create another bot profile for it which would be the best option actually.Veneering
L
3

You could use the same content api you mentioned, to figure out what you need. The response you get by creating a file is a json that will tell you the user-id that was assigned to your github app. Pay attention to the author object under commit, you should see something like this:

    curl \
      -X PUT \
      -H "Authorization: token ${TOKEN}" \
      -H "Accept: application/vnd.github.v3+json" \
      https://api.github.com/repos/msgongora/fubectl/contents/test-file \
      -d '{"message":"message","content":"Y29udGVudA==","branch":"mrsg"}'

    {
      "content": {
      ...
      "commit": {
            ...
            "author": {
                "name": "myciapp[bot]",
                "email": "1234545665+myciapp[bot]@users.noreply.github.com",
                "date": "2021-04-07T06:28:18Z"
            },
    ...
    }

Once you have that, you can set the name and email for your app as if you were setting it for a regular user:

git config --global user.name "myciapp[bot]"
git config --global user.email 1234545665+myciapp[bot]@users.noreply.github.com
Lavonna answered 7/4, 2021 at 7:23 Comment(0)
B
15

While you need to use a token if you want to commit through GitHub's API, you do not actually need to go through the hassle of dealing with your app's private key and creating a JWT when all you need is the ID for...

git config --global user.name "myciapp[bot]"
git config --global user.email 123456789+myciapp[bot]@users.noreply.github.com

To get that ID (123456789 above), simply call:

https://api.github.com/users/myciapp[bot]

Replacing myciapp above with the name of your app, but leaving the [bot] suffix in place. You do not even need to run this request with an auth token - it returns public info, and your app's "user" ID is part of that.

Beitch answered 14/10, 2022 at 15:3 Comment(3)
Does this apply to OAuth Apps as well? I am not sure if they even have a username.Steel
@JoachimBreitner It does not apply to OAuth Apps. You're correct that OAuth apps don't have any identity/username of their own the way that GitHub Apps do. OAuth Apps are only able to act on behalf of users.Ambrosius
Important to note that this ID is NOT the GitHub App ID. Had a couple hours of headache with that.Pervious
L
3

You could use the same content api you mentioned, to figure out what you need. The response you get by creating a file is a json that will tell you the user-id that was assigned to your github app. Pay attention to the author object under commit, you should see something like this:

    curl \
      -X PUT \
      -H "Authorization: token ${TOKEN}" \
      -H "Accept: application/vnd.github.v3+json" \
      https://api.github.com/repos/msgongora/fubectl/contents/test-file \
      -d '{"message":"message","content":"Y29udGVudA==","branch":"mrsg"}'

    {
      "content": {
      ...
      "commit": {
            ...
            "author": {
                "name": "myciapp[bot]",
                "email": "1234545665+myciapp[bot]@users.noreply.github.com",
                "date": "2021-04-07T06:28:18Z"
            },
    ...
    }

Once you have that, you can set the name and email for your app as if you were setting it for a regular user:

git config --global user.name "myciapp[bot]"
git config --global user.email 1234545665+myciapp[bot]@users.noreply.github.com
Lavonna answered 7/4, 2021 at 7:23 Comment(0)
A
0

If you are confused as to how to get TOKEN from Marcel's example, as I was, here's a command that you can run from shell. You'll need your app id (numbers), app private key, and your repo name.

export APP_ID=123456
export APP_SECRET="$(cat app.private-key.pem)"
export GH_REPO=owner/repo
export TOKEN=$(bash get_github_app_token.sh)
curl -X PUT \
    -H "Authorization: token ${TOKEN}" \
    -H "Accept: application/vnd.github.v3+json" \
    https://api.github.com/repos/$GH_REPO/contents/test-file \
    -d '{"message":"message","content":"Y29udGVudA==","branch":"test"}'

This will create a commit on branch test. The branch must exist. The command will return a JSON that has wanted credentials. This needs open-ssl, jq, curl, and this neat script.

Astera answered 22/5, 2022 at 18:14 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.