You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+5-1Lines changed: 5 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -20,7 +20,7 @@ For the repository `https://github.com/cpina/push-to-another-repository-output`
20
20
### `destination-repository-name` (argument)
21
21
For the repository `https://github.com/cpina/push-to-another-repository-output` is `push-to-another-repository-output`
22
22
23
-
*Warning:* this Github Action currently deletes all the files and directories in the destination repository. The idea is to copy from an `output` directory into the `destination-repository-name` having a copy without any previous files there.
23
+
*Warning:* this GitHub Action currently deletes all the files and directories in the destination repository. The idea is to copy from an `output` directory into the `destination-repository-name` having a copy without any previous files there.
24
24
25
25
### `user-email` (argument)
26
26
The email that will be used for the commit in the destination-repository-name.
@@ -52,11 +52,15 @@ Generate your personal token following the steps:
52
52
* Click on "Personal Access Tokens" (also available at https://github.com/settings/tokens)
53
53
* Generate a new token, choose "Repo". Copy the token.
54
54
55
+
⚠️ : The "Personal Access Token" that you just generated gives access to any repository to which you have access (it's not possible to restrict it to one repository). Technically anyone with *write* access to a repository where the token is made available via "Add a new secret" (next step), might manage to access it. The action also uses the token; you can verify how it is used in entrypoint.sh . I'm in the process of implementing deploy keys which would allow it to give access to only the destination repository. Updates on https://github.com/cpina/github-action-push-to-another-repository/issues/66 . Possible workaround for now: use a specific GitHub user who has access only to the destination repository.
56
+
55
57
Then make the token available to the Github Action following the steps:
56
58
* Go to the Github page for the repository that you push from, click on "Settings"
57
59
* On the left hand side pane click on "Secrets"
58
60
* Click on "Add a new secret" and name it "API_TOKEN_GITHUB"
0 commit comments