10

I am trying to add a custom code check for a PR. After doing some research I found out that it can be done using the API mentioned below.

POST /repos/{owner}/{repo}/check-runs

Initially, it was giving me this error:

{
    "message": "You must authenticate via a GitHub App.",
    "documentation_url": "https://docs.github.com/rest/reference/checks#create-a-check-run"
}

I followed the guideline provided in this link.

  1. I created a GitHub app.
  2. Gave it required permission.
  3. Generated a private key.
  4. Generated a JWT token using the private key.
  5. Installed the Github app in the repo too

I created a curl request:

curl --location --request POST 'https://api.github.com/repos/X/X-app/check-runs' \
--header 'Accept: application/vnd.github.v3+json' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.X.X-X-SAFvDnSkaJDjMI2T_BAC2iLlRZ7uNyFSe-X-UgFBFjoFrwsbcYFKfDM8f3FNPYpA6afhr18DLZ6rzu35klA' \
--header 'Content-Type: application/json' \
--data-raw '{
    "name": "loremipsum"
}'

But, now I am getting this error

{
    "message": "Bad credentials",
    "documentation_url": "https://docs.github.com/rest"
}

I am not sure what I am missing here.

Irtiza
  • 173
  • 4
  • 16

1 Answers1

18

I figured this out. The GH documentation is a bit unclear/misleading. Here are the steps to make this work:

  • with the JWT bearer token, list your installations and note the installation id for your app
$ curl -i \
-H "Authorization: Bearer YOUR_JWT" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/app/installations
  • then get an installation access token for the above id
$ curl -i -X POST \
-H "Authorization: Bearer YOUR_JWT" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/app/installations/:installation_id/access_tokens
  • then with that token create the check run but use "Authorization: token" header curl -i -H "Authorization: token YOUR_INSTALLATION_ACCESS_TOKEN"
KKS
  • 458
  • 5
  • 10
  • 1
    I believe the `/app/installations` call needs to be a GET, not a POST. I get a 404 on POST but GET works fine. – Bean Taxi Aug 04 '22 at 04:03
  • you're right, the first one is a GET. Thanks! – KKS Aug 04 '22 at 14:35
  • Np! Great answer btw; just upvoted – Bean Taxi Aug 04 '22 at 19:44
  • 1
    Worked for me. Been struggling for a while to get an access token for testing behavior of a GitHub App. GitHub's documentation is indeed missing this crucial part. – Charles Morin Sep 14 '22 at 12:14
  • omg thank you for this! Github's documentation seems great at first but clearly doesn't outline everything you need to do to auth properly. This post was VERY helpful. Thank you! – digitalsy Jun 13 '23 at 15:18