Gregor Martynus

We implemented retries: https://github.com/actions/create-github-app-token/blob/78e5f2ddc08efcb88fbbee6cfa3fed770ba550c3/lib/main.js#L79-L81 The messages that are logged out are info logs, they occur multiple times due to the multiple retries. The messages include a the "attempt" not. In...

We don't want to implement permissions as a single object, but as separate keys, as described here: https://github.com/actions/create-github-app-token/issues/3 We want these keys to be automatically kept up to date based...

> the job fail later because there's no token Okay in that case something is definitely broken 🤔 Can you reliably reproduce it? Or do you see the problem intermittently?

we should be unblocked since https://github.com/octokit/app-permissions/releases/tag/v2.0.0

Yes, we should definitely do that. Pull request welcome! Please add a test or update one of the existing ones 🙏

sorry we have been busy with other projects, I cannot give you an ETA when we get to finish up this work. The current pull request cannot be merged as...

Yes your findings are correct, the token expires after one hour, the time cannot be extended. I wonder what the best place would be to document that, you are not...

I looked through them again and two things that stood out for me - should we consider two parameters in order to set the installation for the token: either the...

> private-key input as a Base64 encoded string what is the use case? Maybe the decoding a base64 string could be done in a separate step before using this action?...

> the input that is broken with multiline strings like the format of the PEM files, so we had to do encode the private key with base64 would replacing line...