Clarify token management #55
Description
Hello,
this could be a noob question..
I created an organization in github, and a monorepo within that organisation.
https://github.com/ock-php/ock-mono
(I feel ok to share this, it is public)
I created the .github/workflows/split.yaml by customizing the code snippet from the README.md.
https://github.com/ock-php/ock-mono/blob/MONO-SPLIT-SUPPORT/.github/workflows/split.yaml
(I will change this code soon, but I created the tag to have a stable reference)
When I push, I get this:
[NOTE] Running: git clone -- https://@github.com/ock/class-discovery.git /tmp/monorepo_split/clone_directory
Cloning into '/tmp/monorepo_split/clone_directory'...
fatal: could not read Username for 'https://github.com/': No such device or address
Obviously I missed something with the token.
In the README I find this:
Make sure to add this access token in "Secrets" of package settings at https://github.com///settings/environments
I don't really trust this instruction..
First of all, the url as-is does not work.
I assume that instead I am supposed to open the environment settings within the repo. E.g. https://github.com/ock-php/ock-mono/settings/environments
Here I would have to create an environment, and then place a token that I have to generate somehow.
This can't really be it, because the idea is to have github generate temporary tokens for an action.
This is what I learn from here, https://dev.to/github/the-githubtoken-in-github-actions-how-it-works-change-permissions-customizations-3cgp
Also, somehow github needs to know that the token needs access to other repositories within the organizations.
How would it know that?