GitHub App 기반 repository access를 구성한다

[opficdev]

🔗 연관된 이슈

• closed GitHub App 기반 repository access를 구성한다 #23

🎯 의도

Watcher consumer workflow의 repository 접근을 PAT 대신 GitHub App installation token 기준으로 전환하기 위한 변경

📝 작업 내용

📌 요약

• reusable workflow의 watched repository 인증을 actions/create-github-app-token@v3 기반으로 변경
• consumer workflow 예시와 README를 GitHub App variable/secret 기준으로 정리
• GitHub App 설정을 코드로 남기기 위한 manifest JSON과 등록 helper HTML 추가

🔍 상세

• repository input을 owner/repo로 검증하고 owner, repo output으로 분리하는 step 추가
• App installation token을 checkout token과 Watcher runner의 GITHUB_TOKEN으로 사용하는 흐름 적용
• WATCHER_GITHUB_TOKEN 안내 제거 및 WATCHER_GITHUB_APP_CLIENT_ID, WATCHER_GITHUB_APP_PRIVATE_KEY 설정 안내 추가
• GitHub App permission source로 사용할 docs/github-app-manifest.json 추가
• 브라우저에서 manifest registration flow를 열 수 있는 docs/github-app-manifest.html 추가
• 검증 명령: npm run build, npm test, git diff --check, node -e 'JSON.parse(require("fs").readFileSync("docs/github-app-manifest.json", "utf8")); console.log("manifest json ok")'

📸 영상 / 이미지 (Optional)

• 없음

[gemini-code-assist]

Code Review

This pull request transitions the Watcher authentication mechanism from a personal access token to a GitHub App installation token, introducing a GitHub App manifest and updating the documentation and example workflows. The review feedback highlights that the GitHub App manifest is missing the required redirect_url field, which will cause registration to fail. Additionally, the configuration and documentation must be updated to use the numeric GitHub App ID instead of the Client ID, as the token generation action strictly requires the App ID.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.