small tool to generate GH token

7Learnings · May 30, 2022 · eed3902 · eed3902
1 parent 51f8ae0
commit eed3902
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 0 deletions.
diff --git a/Makefile b/Makefile
@@ -0,0 +1,22 @@
+# use system python to avoid pip interaction with virtualenv
+PYTHON=/usr/bin/python
+
+.PHONY: build
+build: # build gh-access-token.pyz
+build: *.py $(MAKEFILE_LIST)
+	$(MAKE) clean
+	mkdir -p build dist
+	cp *.py build/
+	$(PYTHON) -m pip --use-feature=2020-resolver install -r requirements.txt --target build
+	find build -type d -name __pycache__ -exec rm -rf {} +
+	# https://docs.python.org/3/library/zipapp.html
+	$(PYTHON) -m zipapp --compress --output "dist/gh-access-token.pyz" build
+
+.PHONY: clean
+clean: # clean build output
+	rm -rf build dist
+
+.PHONY: help
+help:  # Show help
+	@grep -H -E '^[0-9A-Za-z_-]+:\s*#.*$$' $(MAKEFILE_LIST) | sort | \
+		awk -F ':' '{ gsub(/\s*#/, "", $$3); printf "\033[37;1m%-20s\033[0m %s\n", $$2, $$3 }'
diff --git a/__main__.py b/__main__.py
@@ -0,0 +1,16 @@
+import time
+import os
+import jwt
+
+GITHUB_APP_PRIVATE_KEY = os.environ['APP_PRIVATE_KEY']
+GITHUB_APP_IDENTIFIER = 124662
+
+now = int(time.time())
+expiration = 300
+payload = dict(iat=now, exp=now + expiration, iss=GITHUB_APP_IDENTIFIER)
+encrypted = jwt.encode(payload, key=GITHUB_APP_PRIVATE_KEY, algorithm='RS256')
+
+if isinstance(encrypted, bytes):
+    encrypted = encrypted.decode("utf-8")
+
+print(encrypted)
diff --git a/requirements.txt b/requirements.txt
@@ -0,0 +1 @@
+PyJWT