Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Inconsistent usages of ACTIONS_ID_TOKEN_REQUEST_TOKEN and ACTIONS_RUNTIME_TOKEN #32573

Closed
1 task done
jiasli opened this issue Apr 18, 2024 · 12 comments
Closed
1 task done

Inconsistent usages of ACTIONS_ID_TOKEN_REQUEST_TOKEN and ACTIONS_RUNTIME_TOKEN #32573

jiasli opened this issue Apr 18, 2024 · 12 comments
Labels
actions This issue or pull request should be reviewed by the docs actions team content This issue or pull request belongs to the Docs Content team fix-internally Triggers a workflow to copy the issue internally and close the current issue needs SME This proposal needs review from a subject matter expert triage Do not begin working on this issue until triaged by the team waiting for review Issue/PR is waiting for a writer's review

Comments

@jiasli
Copy link

jiasli commented Apr 18, 2024

Code of Conduct

What article on docs.github.com is affected?

https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers

What part(s) of the article would you like to see updated?

First it says using environment variable ACTIONS_ID_TOKEN_REQUEST_TOKEN:

https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers#adding-permissions-settings

Using environment variables on the runner (ACTIONS_ID_TOKEN_REQUEST_URL and ACTIONS_ID_TOKEN_REQUEST_TOKEN).

Later on, it says using ACTIONS_RUNTIME_TOKEN:

https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers#using-custom-actions

Alternatively, you can use the following environment variables to retrieve the token: ACTIONS_RUNTIME_TOKEN, ACTIONS_ID_TOKEN_REQUEST_URL.

I checked in an actual run and saw they contain the same value, but the document should be consistent on which environment variable should be used.

Additional information

No response
@jiasli jiasli added the content This issue or pull request belongs to the Docs Content team label Apr 18, 2024
@welcome Welcome
Copy link

welcome bot commented Apr 18, 2024

Thanks for opening this issue. A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.
@github-actions github-actions bot added the triage Do not begin working on this issue until triaged by the team label Apr 18, 2024
This was referenced Apr 18, 2024
Merged
Draft
Sami1404 referenced this issue Apr 18, 2024
@stevecat
Add steps for adding your ORCID iD to your profile (#49428)
1a56717
@nguyenalex836 nguyenalex836 added actions This issue or pull request should be reviewed by the docs actions team waiting for review Issue/PR is waiting for a writer's review and removed triage Do not begin working on this issue until triaged by the team labels Apr 18, 2024
@nguyenalex836
Copy link
Contributor

@jiasli Thank you for opening this issue! I'll get this triaged for review ✨
@azanhayat

This comment was marked as spam.

Sign in to view
@A111one

This comment was marked as spam.

Sign in to view
@t-me-c-2093488272-77

This comment was marked as spam.

Sign in to view
@t-me-c-2093488272-77

This comment was marked as spam.

Sign in to view
@t-me-c-2093488272-77

This comment was marked as spam.

Sign in to view
@SiaraMist SiaraMist added the needs SME This proposal needs review from a subject matter expert label May 30, 2024
@github-actions GitHub Actions
Copy link
Contributor

Thanks for opening an issue! We've triaged this issue for technical review by a subject matter expert 👀
@github-actions GitHub Actions
Copy link
Contributor

This is a gentle bump for the docs team that this issue is waiting for technical review.
@github-actions github-actions bot added the SME stale The request for an SME has staled label Jun 28, 2024
@nguyenalex836 nguyenalex836 removed the SME stale The request for an SME has staled label Jun 28, 2024
@lucavallin
Copy link
Contributor

lucavallin commented Jul 12, 2024
edited
Loading

ACTIONS_ID_TOKEN_REQUEST_URL(results) and ACTIONS_ID_TOKEN_REQUEST_TOKEN (results) seem the most common to me based on how they're used in the code and docs. ACTIONS_RUNTIME_TOKEN is used less often and seemingly more for "internal stuff".

This comment is not based on hard science - I'd like @github/actions-runtime opinion on this to be sure.
@jc-clark
Copy link
Contributor

Thanks for chiming in with this info, @lucavallin. Based on this, I think it's okay for us to update this. Since this article is restricted by a CODEOWNERS file, we will transfer this internally and work on this fix.
@jc-clark jc-clark reopened this Jul 18, 2024
@jc-clark jc-clark added the fix-internally Triggers a workflow to copy the issue internally and close the current issue label Jul 18, 2024
@docs-bot
Copy link
Collaborator

Thank you for opening this issue! Updates to this documentation must be made internally. I have copied your issue to an internal issue, so I will close this issue.
@github-actions github-actions bot added the triage Do not begin working on this issue until triaged by the team label Jul 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
actions This issue or pull request should be reviewed by the docs actions team content This issue or pull request belongs to the Docs Content team fix-internally Triggers a workflow to copy the issue internally and close the current issue needs SME This proposal needs review from a subject matter expert triage Do not begin working on this issue until triaged by the team waiting for review Issue/PR is waiting for a writer's review
10 participants
@jiasli @lucavallin @jc-clark @docs-bot @SiaraMist @nguyenalex836 @A111one @azanhayat @t-me-c-2093488272-77 and others