Skip to content

Ambiguous documentation for automatic token auth #37573

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
1 task done
zefir-git opened this issue Apr 16, 2025 · 2 comments
Open
1 task done

Ambiguous documentation for automatic token auth #37573

zefir-git opened this issue Apr 16, 2025 · 2 comments
Labels
content This issue or pull request belongs to the Docs Content team github_actions Pull requests that update GitHub Actions code

Comments

@zefir-git
Copy link

zefir-git commented Apr 16, 2025
edited
Loading

Code of Conduct

What article on docs.github.com. is affected?

https://docs.github.com./en/actions/security-for-github-actions/security-guides/automatic-token-authentication

What part(s) of the article would you like to see updated?

Fails to explain how (and whether at all) the token generated by the run will provide the GitHub token to steps that call actions that use a Docker image, such as:

runs:
  using: docker
  image: docker://…

It is unclear whether the GITHUB_TOKEN will be created as an env variable in the container, thus enabling Automatic token authentication (without manually passing the token as action input). Only using ${{ secrets.GITHUB_TOKEN }} and github.token is documented, which is not something that appears as something one can access in non-JavaScript actions.

Additional information

No response
@zefir-git zefir-git added the content This issue or pull request belongs to the Docs Content team label Apr 16, 2025
@welcome Welcome
Copy link

welcome bot commented Apr 16, 2025

Thanks for opening this issue. A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.

@github-actions github-actions bot added the triage Do not begin working on this issue until triaged by the team label Apr 16, 2025
@Sharra-writes
Copy link
Contributor

Thanks for opening an issue! I'll get this triaged for review.

@Sharra-writes Sharra-writes added github_actions Pull requests that update GitHub Actions code and removed triage Do not begin working on this issue until triaged by the team labels Apr 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
content This issue or pull request belongs to the Docs Content team github_actions Pull requests that update GitHub Actions code
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zefir-git @Sharra-writes