Home > Back-end >  Generate Github self-hosted runner token automatically
Generate Github self-hosted runner token automatically

Time:10-17

I'm attempting to create a Terraform-integrated script that will create and configure a Google Cloud VM that will install Github Runner as self-hosted. The repository is under my workplace's 'organization' and it is closed to the public. Everything goes smoothly until I need to configure the runner. In repository instructions for creating self-hosted runner written as this:

# Create the runner and start the configuration experience
$ ./config.cmd --url https://github.com/my_work_place_organizaiton_name/repository_name --token ASZER2QS4UVEAL3YLMZ3DIMUIC

The issue is that, because it is an unattended script, it will run entirely on its own with no strings attached, and everything should be generated as automatically as possible. So I need a way to generate/retrieve this token ASZER2QS4UVEAL3YLMZ3DIMUIC automatically.

I think I found a way (correct me if I wrong) here: Create a registration token for an organization. So far so good. I managed to create a powershell script to execute all steps in new Github self-hosted runner until the step where I need to generate token. Once I run the command (even in Github CLI) I get an error back like this:

gh api --method POST -H "Accept: application/vnd.github json" /orgs/my_work_place_organizaiton_name/actions/runners/registration-token
{
  "message": "Must have admin rights to Repository.",
  "documentation_url": "https://docs.github.com/rest/reference/actions#create-a-registration-token-for-an-organization"
}
gh: Must have admin rights to Repository. (HTTP 403)
gh: This API operation needs the "admin:org" scope. To request it, run:  gh auth refresh -h github.com -s admin:org

I am an admin in this repository but not in the organization, and I am afraid that no one will grant me admin access to the organization, and even more, I cannot simply put admin:org credentials in some script - this is a "no go."

So, my question is, how can I fully automate the generation of this Github token (which is generated for everyone in the instructions page without any admin privileges)?

CodePudding user response:

After a lot of try and catches it seems I found an answer. What is work for me is generating token for repository and not generating token for repository in organization.

According to Github documentation: Create a registration token for a repository this is a POST request you must send from Github CLI for example:

gh api \
  --method POST \
  -H "Accept: application/vnd.github json" \
  /repos/OWNER/REPO/actions/runners/registration-token

and according to documentation:
OWNER string Required The account owner of the repository. The name is not case sensitive.
REPO string Required The name of the repository. The name is not case sensitive.

So I put my organization name as an OWNER and not my username and voila ! it is worked !

so - instead sending request as:

/repos/my_user_name/REPO/actions/runners/registration-token

I send it as:

/repos/my_organization_name/REPO/actions/runners/registration-token

and immediately get a valid token back.

Page link:https//www.codepudding.com/Backend/578222.html

Prev:Why can't I put in my password to push my changes?
Next:How can I convert chars(pointer) to strings in C - to be used in strcmp
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding