Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve OIDC JWT Retrieval Documentation #35341

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Improve OIDC JWT Retrieval Documentation #35341

wants to merge 1 commit into from

Conversation

NeoCat
Copy link

@NeoCat NeoCat commented Nov 19, 2024
edited
Loading

Why:

Closes: #35340

What's being changed (if available, include any code snippets, screenshots, or gifs):

This pull request addresses several issues in the current documentation for manually requesting a JSON Web Token (JWT) from the GitHub OIDC provider. The updates focus on improving clarity, security, and accuracy.

Changes:

  • Replaced incorrect environment variable name with proper reference to ACTIONS_ID_TOKEN_REQUEST_TOKEN.
  • Removed the direct logging of the retrieved JWT to avoid potential exposure in logs.
  • Simplified and clarified the example code by removing redundant node.js step and cleaned up the curl lines.

Check off the following:

  • I have reviewed my changes in staging, available via the View deployment link in this PR's timeline (this link will be available after opening the PR).

    • For content changes, you will also see an automatically generated comment with links directly to pages you've modified. The comment won't appear if your PR only edits files in the data directory.

  • For content changes, I have completed the self-review checklist.

@welcome Welcome
Copy link

welcome bot commented Nov 19, 2024

Thanks for opening this pull request! A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.

@github-actions github-actions bot added the triage Do not begin working on this issue until triaged by the team label Nov 19, 2024
@github-actions GitHub Actions
Copy link
Contributor

Automatically generated comment ℹ️

This comment is automatically generated and will be overwritten every time changes are committed to this branch.

The table contains an overview of files in the content directory that have been changed in this pull request. It's provided to make it easy to review your changes on the staging site. Please note that changes to the data directory will not show up in this table.

Content directory changes

You may find it useful to copy this table into the pull request summary. There you can edit it to share links to important articles or changes and to give a high-level overview of how the changes in your pull request support the overall goals of the pull request.

Source Preview Production What Changed
actions/security-for-github-actions/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers.md fpt
ghec
ghes@ 3.15 3.14 3.13 3.12 3.11 3.10
fpt
ghec
ghes@ 3.15 3.14 3.13 3.12 3.11 3.10

fpt: Free, Pro, Team
ghec: GitHub Enterprise Cloud
ghes: GitHub Enterprise Server

Obada1989

This comment was marked as spam.

Sign in to view

Obada1989

This comment was marked as spam.

Sign in to view

@github github deleted a comment from Obada1989 Nov 19, 2024
@github github deleted a comment from Obada1989 Nov 19, 2024
@github github deleted a comment from Obada1989 Nov 19, 2024
@nguyenalex836
Copy link
Contributor

@NeoCat Thanks so much for opening a PR! I'll get this triaged for review ✨

@nguyenalex836 nguyenalex836 added content This issue or pull request belongs to the Docs Content team actions This issue or pull request should be reviewed by the docs actions team waiting for review Issue/PR is waiting for a writer's review and removed triage Do not begin working on this issue until triaged by the team labels Nov 19, 2024
@subatoi subatoi added the needs SME This proposal needs review from a subject matter expert label Nov 19, 2024
@github-actions GitHub Actions
Copy link
Contributor

Thanks for opening a pull request! We've triaged this issue for technical review by a subject matter expert 👀

@Obada1989

This comment was marked as spam.

Sign in to view
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Obada1989 Obada1989 Obada1989 left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
actions This issue or pull request should be reviewed by the docs actions team content This issue or pull request belongs to the Docs Content team needs SME This proposal needs review from a subject matter expert waiting for review Issue/PR is waiting for a writer's review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Improve OIDC provider JWT retrieval documentation
4 participants
@NeoCat @nguyenalex836 @Obada1989 @subatoi