Github Application Credentials


I have a question regarding Github Application Credentials.
Whenever I search for how it can be used, it seems to be limited to Organization Folders and multibranch pipelines.
I would like to use it in a declarative pipeline script that is used interactively - so no automatic code scanning etc.

is that possible?


Hello @pm-oo and welcome to this community. :wave:

I think you can use the withCredentials step provided by the Credentials Binding Plugin to bind your GitHub Application Credentials to variables, and then use these variables in your pipeline script. :thinking:

Here is an untested example of how you could maybe do this:

pipeline {
    agent any
    stages {
        stage('Example') {
            steps {
                withCredentials([string(credentialsId: 'my-github-app-credentials', variable: 'GITHUB_TOKEN')]) {
                    // Use the GITHUB_TOKEN variable in your steps
                    sh 'git clone https://x-access-token:${GITHUB_TOKEN}'

In this example, you should replace my-github-app-credentials with the ID of your GitHub Application Credentials in Jenkins, and https://x-access-token:${GITHUB_TOKEN} with the repository you want to clone.

The withCredentials step securely provides the credentials to the steps inside its block and masks any output of the credentials in logs.

This probably works. But I think by doing this you are restricted by the GitHub rate limit of an access token and not the higher limits of the Github application

thank you