forked from farhoodlabs/skills
revert: remove GH_CONFIG_DIR from github-app-token skill
Per board feedback, config isolation is the operator's responsibility. Setting GH_CONFIG_DIR per-agent is handled outside the skill. Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
@@ -23,6 +23,4 @@ bash github-app-token/scripts/generate-token.sh
|
|||||||
|
|
||||||
The script validates env vars, generates a JWT, exchanges it for an installation token, writes the token to `$AGENT_HOME/.gh-token`, and runs `gh auth login`. On success it prints a confirmation line. On failure it exits non-zero with a descriptive error.
|
The script validates env vars, generates a JWT, exchanges it for an installation token, writes the token to `$AGENT_HOME/.gh-token`, and runs `gh auth login`. On success it prints a confirmation line. On failure it exits non-zero with a descriptive error.
|
||||||
|
|
||||||
The script sets and exports `GH_CONFIG_DIR=$AGENT_HOME/.config/gh` so each agent's `gh` state is isolated from every other agent on the same host. After sourcing or calling the script, subsequent `gh` commands in the same shell session will automatically use that isolated config. If you spawn a subprocess, export `GH_CONFIG_DIR` before calling `gh`.
|
|
||||||
|
|
||||||
Requires `openssl`, `curl`, `jq`, and `gh`.
|
Requires `openssl`, `curl`, `jq`, and `gh`.
|
||||||
|
|||||||
@@ -41,12 +41,7 @@ GH_TOKEN_FILE="${GH_TOKEN_FILE:-$(mktemp)}"
|
|||||||
printf '%s' "$TOKEN" > "$GH_TOKEN_FILE"
|
printf '%s' "$TOKEN" > "$GH_TOKEN_FILE"
|
||||||
chmod 600 "$GH_TOKEN_FILE"
|
chmod 600 "$GH_TOKEN_FILE"
|
||||||
|
|
||||||
# --- Authenticate gh CLI with per-agent config isolation ---
|
# --- Authenticate gh CLI ---
|
||||||
# Each agent gets its own GH_CONFIG_DIR so tokens never bleed across agents.
|
|
||||||
export GH_CONFIG_DIR="${AGENT_HOME:+${AGENT_HOME}/.config/gh}"
|
|
||||||
GH_CONFIG_DIR="${GH_CONFIG_DIR:-$(mktemp -d)}"
|
|
||||||
mkdir -p "$GH_CONFIG_DIR"
|
|
||||||
|
|
||||||
gh auth login --with-token < "$GH_TOKEN_FILE"
|
gh auth login --with-token < "$GH_TOKEN_FILE"
|
||||||
|
|
||||||
echo "Authenticated. Token written to $GH_TOKEN_FILE (expires in 1 hour). GH_CONFIG_DIR=$GH_CONFIG_DIR"
|
echo "Authenticated. Token written to $GH_TOKEN_FILE (expires in 1 hour)."
|
||||||
|
|||||||
Reference in New Issue
Block a user