Context:
I have a Github Action (GHA) that creates a Docker image and send it to AWS.
This image contains a Java application that is built with Maven and have a dependency from Github Packages, which is only accessible using a personal github token (or a generic github token on GHA).
Running my application locally (without docker), I should setup my maven settings.xml to use my personal github user and token.
Maven settings.xml file, inside user/.m2 directory:
<settings>
....
<servers>
<server>
<id>github</id>
<username>USER</username>
<password>TOKEN</password>
</server>
</servers>
</settings>
Running with Docker, I copy this settings.xml to docker and it works.
FROM eclipse-temurin:17-jdk-focal
WORKDIR /app
RUN mkdir -p /root/.m2 \
&& mkdir /root/.m2/repository
COPY settings.xml /root/.m2
RUN ./mvnw dependency:go-offline
....
CMD ["./mvnw", "spring-boot:run"]
Running with GHA, I saved my personal user/token in secrets and used it on this settings.xml
- name: exchange secrets on settings.xml
env:
GH_PERSONAL_USER: ${{ secrets.GH_PERSONAL_USER }}
GH_PERSONAL_TOKEN: ${{ secrets.GH_PERSONAL_TOKEN }}
run: envsubst < settings.xml.j2 > settings.xml
Some docs I found, but didn't help me:
- github_token in a workflow
- authenticate to a GitHub Packages registry within a GitHub Actions workflow
My problem/question:
I don't want to store/use my personal user/token as a secret on this repository, and I know that Github have a secrets.GITHUB_TOKEN for these cases, but I don't know how to use it on maven settings.xml file, that requires a token and user.
Is there a way to use this secrets.GITHUB_TOKEN?