Remove use of packages-delete-with-github-token-api feature (#50332)
This commit is contained in:
Peter Bengtsson
@@ -72,7 +72,7 @@ For example:
|
|||||||
|
|
||||||
{% data reusables.package_registry.delete-with-github-token-using-api-beta %}
|
{% data reusables.package_registry.delete-with-github-token-using-api-beta %}
|
||||||
|
|
||||||
When you create a {% data variables.product.prodname_actions %} workflow, you can use the `GITHUB_TOKEN` to publish{% ifversion packages-delete-with-github-token-api %}, install, delete, and restore{% else %} and install{% endif %} packages in {% data variables.product.prodname_registry %} without needing to store and manage a {% data variables.product.pat_generic %}.
|
When you create a {% data variables.product.prodname_actions %} workflow, you can use the `GITHUB_TOKEN` to publish, install, delete, and restore packages in {% data variables.product.prodname_registry %} without needing to store and manage a {% data variables.product.pat_generic %}.
|
||||||
|
|
||||||
For more information, see:{% ifversion fpt or ghec %}
|
For more information, see:{% ifversion fpt or ghec %}
|
||||||
- "[AUTOTITLE](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility)"{% endif %}
|
- "[AUTOTITLE](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility)"{% endif %}
|
||||||
@@ -99,7 +99,7 @@ For more conceptual background on {% data variables.product.prodname_actions %}
|
|||||||
|
|
||||||
{% data reusables.package_registry.delete-with-github-token-using-api-beta %}
|
{% data reusables.package_registry.delete-with-github-token-using-api-beta %}
|
||||||
|
|
||||||
- To publish{% ifversion packages-delete-with-github-token-api %}, install, delete, and restore{% else %} and install{% endif %} packages associated with the workflow repository, use `GITHUB_TOKEN`.
|
- To publish, install, delete, and restore packages associated with the workflow repository, use `GITHUB_TOKEN`.
|
||||||
- To install packages associated with other private repositories that `GITHUB_TOKEN` can't access, use a {% data variables.product.pat_v1 %}
|
- To install packages associated with other private repositories that `GITHUB_TOKEN` can't access, use a {% data variables.product.pat_v1 %}
|
||||||
|
|
||||||
For more information about `GITHUB_TOKEN` used in {% data variables.product.prodname_actions %} workflows, see "[AUTOTITLE](/actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow)."
|
For more information about `GITHUB_TOKEN` used in {% data variables.product.prodname_actions %} workflows, see "[AUTOTITLE](/actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow)."
|
||||||
|
|||||||
@@ -46,9 +46,7 @@ You can use the REST API to manage your packages. For more information, see the
|
|||||||
|
|
||||||
{% data reusables.package_registry.delete-with-github-token-using-api-beta %}
|
{% data reusables.package_registry.delete-with-github-token-using-api-beta %}
|
||||||
|
|
||||||
{% ifversion packages-delete-with-github-token-api %}
|
|
||||||
With registries that support granular permissions, you can use a `GITHUB_TOKEN` in a {% data variables.product.prodname_actions %} workflow to delete or restore packages using the REST API. The token must have `admin` permission to the package. If your workflow publishes a package, the `admin` role is granted by default to the repository where the workflow is stored. For existing packages not published by a workflow, you need to grant the repository the `admin` role to be able to use a {% data variables.product.prodname_actions %} workflow to delete or restore packages using the REST API. For more information, see "[AUTOTITLE](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-workflow-access-to-your-package)."
|
With registries that support granular permissions, you can use a `GITHUB_TOKEN` in a {% data variables.product.prodname_actions %} workflow to delete or restore packages using the REST API. The token must have `admin` permission to the package. If your workflow publishes a package, the `admin` role is granted by default to the repository where the workflow is stored. For existing packages not published by a workflow, you need to grant the repository the `admin` role to be able to use a {% data variables.product.prodname_actions %} workflow to delete or restore packages using the REST API. For more information, see "[AUTOTITLE](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-workflow-access-to-your-package)."
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
|||||||
@@ -2,8 +2,6 @@ For registries that support granular permissions, if your {% data variables.prod
|
|||||||
|
|
||||||
{% data reusables.package_registry.delete-with-github-token-using-api-beta %}
|
{% data reusables.package_registry.delete-with-github-token-using-api-beta %}
|
||||||
|
|
||||||
{% ifversion packages-delete-with-github-token-api %}
|
|
||||||
You can use a `GITHUB_TOKEN` in a {% data variables.product.prodname_actions %} workflow to delete or restore a package using the REST API, if the token has `admin` permission to the package. Repositories that publish packages using a workflow, and repositories that you have explicitly connected to packages, are automatically granted `admin` permission to packages in the repository.
|
You can use a `GITHUB_TOKEN` in a {% data variables.product.prodname_actions %} workflow to delete or restore a package using the REST API, if the token has `admin` permission to the package. Repositories that publish packages using a workflow, and repositories that you have explicitly connected to packages, are automatically granted `admin` permission to packages in the repository.
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
For more information about the `GITHUB_TOKEN`, see "[AUTOTITLE](/actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow)." For more information about the best practices when using a registry in actions, see "[AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#considering-cross-repository-access)."
|
For more information about the `GITHUB_TOKEN`, see "[AUTOTITLE](/actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow)." For more information about the best practices when using a registry in actions, see "[AUTOTITLE](/actions/security-guides/security-hardening-for-github-actions#considering-cross-repository-access)."
|
||||||
|
|||||||
@@ -1,9 +1,5 @@
|
|||||||
{% ifversion packages-delete-with-github-token-api %}
|
|
||||||
|
|
||||||
{% note %}
|
{% note %}
|
||||||
|
|
||||||
**Note:** The ability for {% data variables.product.prodname_actions %} workflows to delete and restore packages using the REST API is currently in public beta and subject to change.
|
**Note:** The ability for {% data variables.product.prodname_actions %} workflows to delete and restore packages using the REST API is currently in public beta and subject to change.
|
||||||
|
|
||||||
{% endnote %}
|
{% endnote %}
|
||||||
|
|
||||||
{% endif %}
|
|
||||||
|
|||||||
@@ -14,14 +14,12 @@ When you publish a package, you automatically get admin permissions to the packa
|
|||||||
|
|
||||||
For packages scoped to a personal account, you can give any person an access role. For packages scoped to an organization, you can give any person or team in the organization an access role.
|
For packages scoped to a personal account, you can give any person an access role. For packages scoped to an organization, you can give any person or team in the organization an access role.
|
||||||
|
|
||||||
{% ifversion packages-delete-with-github-token-api %}
|
|
||||||
If you are using a {% data variables.product.prodname_actions %} workflow to manage your packages, you can grant an access role to the repository the workflow is stored in {% data variables.package_registry.package-settings-actions-access-menu %}. For more information, see "[AUTOTITLE](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-workflow-access-to-your-package)."
|
If you are using a {% data variables.product.prodname_actions %} workflow to manage your packages, you can grant an access role to the repository the workflow is stored in {% data variables.package_registry.package-settings-actions-access-menu %}. For more information, see "[AUTOTITLE](/packages/learn-github-packages/configuring-a-packages-access-control-and-visibility#ensuring-workflow-access-to-your-package)."
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
| Permission | Access description |
|
| Permission | Access description |
|
||||||
|------------|--------------------|
|
|------------|--------------------|
|
||||||
| Read | Can download package. <br> Can read package metadata. |
|
| Read | Can download package. <br> Can read package metadata. |
|
||||||
| Write | Can upload and download this package. <br> Can read and write package metadata. |{% ifversion packages-delete-with-github-token-api %}
|
| Write | Can upload and download this package. <br> Can read and write package metadata. |
|
||||||
| Admin | Can upload, download, delete, and manage this package. <br> Can read and write package metadata. <br> Can grant package permissions.{% endif %}
|
| Admin | Can upload, download, delete, and manage this package. <br> Can read and write package metadata. <br> Can grant package permissions.
|
||||||
|
|
||||||
{% data reusables.package_registry.delete-with-github-token-using-api-beta %}
|
{% data reusables.package_registry.delete-with-github-token-using-api-beta %}
|
||||||
|
|||||||
Reference in New Issue
Block a user