Metadata-Version: 2.1
Name: github-app-access-token-fetcher
Version: 1.0.1
Summary: Utility script to produce a github app access token.
Author: Bendik Samseth
Author-email: bendik.samseth@inspera.no
Requires-Python: >=3.8,<4.0
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Requires-Dist: PyJWT (>=2.3.0,<3.0.0)
Requires-Dist: boto3 (>=1.21.8,<2.0.0)
Requires-Dist: cryptography (>=36.0.1,<37.0.0)
Requires-Dist: requests (>=2.27.1,<3.0.0)
Description-Content-Type: text/markdown

# GitHub App Access Token Fetcher

Utility to get access tokens for a GitHub App. 

## Prerequisites
* The GitHub App must be created **and installed**.
* A private key must be generated (from the GitHub App settings UI) and its content should be written as binary data to
  an AWS Secretsmanager secret.


To set up the private key, do something like this (assuming the secret is created already):
```python
import boto3
secret_arn = "arn:aws:secretsmanager:us-east-1:1234:secret:my-secret-name"
pem_file = "/path/to/private_key.pem"
client = boto3.client('secretsmanager', region_name=secret_arn.split(':')[3])
with open(pem_file, 'rb') as f:
    client.put_secret_value(SecretId=secret_arn, SecretBinary=f.read())
```


## Install

```bash
pip install github-app-access-token-fetcher
```


## Usage

```
get-github-app-token --help

usage: get-github-app-token [-h] --app-id APP_ID --private-key-secret-arn PRIVATE_KEY_SECRET_ARN

Get a GitHub App token

optional arguments:
  -h, --help            show this help message and exit
  --app-id APP_ID       GitHub App ID
  --private-key-secret-arn PRIVATE_KEY_SECRET_ARN
                        ARN of the secret containing the GitHub App private key
```

Example:

```bash
export AWS_PROFILE=...  # Something with access to the private key secret.
get-github-app-token \
    --app-id 1234 \
    --private-key-secret-arn arn:aws:secretsmanager:us-west-1:4321:secret:abc-1234
```

