I created a GitHub action that use GitHub API to create code review.
I now want to link this action with a GitHub app. The idea is that the comments are linked to the GitHub app.
So I created a GitHub app, and now I have to code the logic to authenticate as the GitHub app from the GitHub action code.
I explored multiple solution but they do not fulfill some constraints
- I do not want to maintain an external server
- I do not want to share the GitHub app secrets ( private keys ) to user.
Also, I discover that the secrets define in the GitHub action repository are not shared within the docker running the GitHub action. So I find it hard to give it to my code to authenticate as the GitHub app before doing the rest call.