docs icon indicating copy to clipboard operation
docs copied to clipboard
verified publisher icon github

Ambiguous documentation for automatic token auth

Open zefir-git opened this issue 9 months ago • 10 comments

Code of Conduct

What article on docs.github.com is affected?

https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication

What part(s) of the article would you like to see updated?

Fails to explain how (and whether at all) the token generated by the run will provide the GitHub token to steps that call actions that use a Docker image, such as:

runs:
  using: docker
  image: docker://…

It is unclear whether the GITHUB_TOKEN will be created as an env variable in the container, thus enabling Automatic token authentication (without manually passing the token as action input). Only using ${{ secrets.GITHUB_TOKEN }} and github.token is documented, which is not something that appears as something one can access in non-JavaScript actions.

Additional information

No response

zefir-git avatar Apr 16 '25 08:04 zefir-git

Thanks for opening this issue. A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.

welcome[bot] avatar Apr 16 '25 08:04 welcome[bot]

Thanks for opening an issue! I'll get this triaged for review.

Sharra-writes avatar Apr 16 '25 20:04 Sharra-writes

A stale label has been added to this issue and it has been closed, because it has been open for 30 days with no activity. If you think this issue should remain open, please add a new comment.

github-actions[bot] avatar May 19 '25 16:05 github-actions[bot]

A stale label has been added to this issue and it has been closed, because it has been open for 30 days with no activity. If you think this issue should remain open, please add a new comment.

github-actions[bot] avatar Jun 19 '25 16:06 github-actions[bot]

A stale label has been added to this issue, because it has been open for 30 days with no activity. If you think this issue should remain open, please add a new comment.

github-actions[bot] avatar Jul 22 '25 16:07 github-actions[bot]

Not stale

zefir-git avatar Jul 22 '25 18:07 zefir-git

A stale label has been added to this issue, because it has been open for 30 days with no activity. If you think this issue should remain open, please add a new comment.

github-actions[bot] avatar Aug 26 '25 16:08 github-actions[bot]

A stale label has been added to this issue, because it has been open for 30 days with no activity. If you think this issue should remain open, please add a new comment.

github-actions[bot] avatar Oct 07 '25 16:10 github-actions[bot]