Skip to main content
By default, Athanor reports results via commit statuses (pass/fail). To get full log output visible directly on GitHub, with per-step details, expandable logs, and proper check run annotations, you need to create a GitHub App. This is the standard way to integrate CI systems with GitHub. The Checks API is only available to GitHub Apps, not personal access tokens.

Why a GitHub App?

Step 1: Create the App

Go to github.com/settings/apps/new and fill in:

Permissions

Under Repository permissions, set: Leave all other permissions as “No access”. Under Where can this GitHub App be installed?, select Only on this account. Click Create GitHub App.

Step 2: Note the App ID

After creation, you’ll be on the app’s settings page. The App ID is displayed near the top, a number like 123456. Save this.

Step 3: Generate a Private Key

On the same settings page, scroll to Private keys and click Generate a private key. A .pem file downloads to your machine. This is the private key Athanor uses to authenticate as the app. Keep it safe.

Step 4: Install the App

In the left sidebar of the app settings, click Install App. Click Install next to your account. Select Only select repositories and choose your repository (e.g., athanor). Click Install. After installation, note the Installation ID from the URL:

Step 5: Configure the Server

Using the Setup Script

The repo includes a script that handles the rest:
It will:
  1. Upload the private key to the server
  2. Look up the installation ID automatically
  3. Update the server config
  4. Restart Athanor

Manual Configuration

If you prefer to do it manually, upload the private key:
Add these lines to /etc/athanor/env:
Restart:

Step 6: Verify

Check the logs to confirm the app is configured:
You should see:
Push a commit to trigger a build. On GitHub, go to the commit and you’ll see a check run with full logs:
  • Each workflow appears as a separate check run
  • Click Details to see the full log output
  • Logs are formatted as Markdown with per-job, per-step sections and code blocks

How It Works

Under the hood, Athanor uses standard GitHub App authentication:
  1. JWT generation. Athanor signs a short-lived JWT with the app’s RSA private key.
  2. Token exchange. The JWT is exchanged for an installation access token via POST /app/installations/{id}/access_tokens.
  3. API calls. The installation token is used to create and update check runs via the Checks API.
  4. Token caching. Tokens are cached and refreshed automatically (they expire after 1 hour).
The PAT-based commit status is always set as a fallback, so even if the GitHub App fails, you still get pass/fail reporting.

Environment Variables Reference

These are in addition to the base config (GITHUB_TOKEN, WEBHOOK_SECRET, etc.).