Skip to content

@community GitHub Community

(Reusable) Workflows & GITHUB_TOKEN: advice to use PAT in docs? #21068

Answered by airtower-luna
ringods asked this question in Enterprise
(Reusable) Workflows & GITHUB_TOKEN: advice to use PAT in docs? #21068
@ringods ringods
Jul 22, 2022 · 2 comments · 3 replies
Answered by airtower-luna Return to top
Discussion options

ringods
Jul 22, 2022

You must be logged in to vote
Answered by airtower-luna Jul 26, 2022

The main reasons I'm aware of:

  • Accessing a private repository other than the one running the workflow. The GITHUB_TOKEN is scoped to the repository, so it can't do that.
  • Making events caused by the workflow (e.g. a push to the repository) trigger additional workflows. Activities authorized with the GITHUB_TOKEN never do that to avoid unintentional recursive runs.

From a security point of view it's certainly good to carefully consider whether those are really necessary. 🙂

View full answer

Replies: 2 comments 3 replies

Comment options

airtower-luna
Jul 26, 2022

You must be logged in to vote
3 replies
@Adminyoungmarsnet
Comment options

Adminyoungmarsnet Mar 28, 2023

@abhinandpn

This comment was marked as off-topic.

Sign in to view
@dangthanhvinh003
Comment options

dangthanhvinh003 Jul 11, 2024

Answer selected by ringods

This comment has been minimized.

Sign in to view
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Actions Build, test, and automate your deployment pipeline with world-class CI/CD Enterprise Discussions related to GitHub Enterprise Cloud and Enterprise Server Product Feedback Enterprise Admin Topics specifically related to GitHub Enterprise administration
5 participants
@ringods @airtower-luna @abhinandpn @Adminyoungmarsnet @dangthanhvinh003