Loading nixos/modules/services/continuous-integration/github-runner/options.nix +3 −2 Original line number Diff line number Diff line Loading @@ -42,13 +42,14 @@ with lib; type = types.path; description = lib.mdDoc '' The full path to a file which contains either a runner registration token or a personal access token (PAT). (fine-grained) personal access token (PAT). The file should contain exactly one line with the token without any newline. If a registration token is given, it can be used to re-register a runner of the same name but is time-limited. If the file contains a PAT, the service creates a new registration token on startup as needed. Make sure the PAT has a scope of `admin:org` for organization-wide registrations or a scope of `repo` for a single repository. `repo` for a single repository. Fine-grained PATs need read and write permission to the "Adminstration" resources. Changing this option or the file's content triggers a new runner registration. ''; Loading nixos/modules/services/continuous-integration/github-runner/service.nix +2 −2 Original line number Diff line number Diff line Loading @@ -134,10 +134,10 @@ with lib; ${optionalString (cfg.runnerGroup != null) "--runnergroup ${escapeShellArg cfg.runnerGroup}"} ${optionalString cfg.ephemeral "--ephemeral"} ) # If the token file contains a PAT (i.e., it starts with "ghp_"), we have to use the --pat option, # If the token file contains a PAT (i.e., it starts with "ghp_" or "github_pat_"), we have to use the --pat option, # if it is not a PAT, we assume it contains a registration token and use the --token option token=$(<"${newConfigTokenPath}") if [[ "$token" =~ ^ghp_* ]]; then if [[ "$token" =~ ^ghp_* ]] || [[ "$token" =~ ^github_pat_* ]]; then args+=(--pat "$token") else args+=(--token "$token") Loading Loading
nixos/modules/services/continuous-integration/github-runner/options.nix +3 −2 Original line number Diff line number Diff line Loading @@ -42,13 +42,14 @@ with lib; type = types.path; description = lib.mdDoc '' The full path to a file which contains either a runner registration token or a personal access token (PAT). (fine-grained) personal access token (PAT). The file should contain exactly one line with the token without any newline. If a registration token is given, it can be used to re-register a runner of the same name but is time-limited. If the file contains a PAT, the service creates a new registration token on startup as needed. Make sure the PAT has a scope of `admin:org` for organization-wide registrations or a scope of `repo` for a single repository. `repo` for a single repository. Fine-grained PATs need read and write permission to the "Adminstration" resources. Changing this option or the file's content triggers a new runner registration. ''; Loading
nixos/modules/services/continuous-integration/github-runner/service.nix +2 −2 Original line number Diff line number Diff line Loading @@ -134,10 +134,10 @@ with lib; ${optionalString (cfg.runnerGroup != null) "--runnergroup ${escapeShellArg cfg.runnerGroup}"} ${optionalString cfg.ephemeral "--ephemeral"} ) # If the token file contains a PAT (i.e., it starts with "ghp_"), we have to use the --pat option, # If the token file contains a PAT (i.e., it starts with "ghp_" or "github_pat_"), we have to use the --pat option, # if it is not a PAT, we assume it contains a registration token and use the --token option token=$(<"${newConfigTokenPath}") if [[ "$token" =~ ^ghp_* ]]; then if [[ "$token" =~ ^ghp_* ]] || [[ "$token" =~ ^github_pat_* ]]; then args+=(--pat "$token") else args+=(--token "$token") Loading
