Step 3: Configure APIs
Configure API access for GitHub and your AI provider.
Time estimate: 10-15 minutes
Complete these tasks
- Create and test GitHub API token
- Obtain and configure AI provider API key
- Review security best practices
- Verify API connections
Get API keys
1. GitHub token (required)
Fetch commits and pull requests from repositories with this token.
Free for public repos, included with GitHub account for private repos.
Create a GitHub token
-
Navigate to github.com/settings/tokens
-
Click Generate new token and choose Generate new token (classic)
-
Configure the token:
-
Note: "Release Notes Automation" (describes purpose)
- Expiration: Choose based on your security policy (90 days recommended)
-
Scopes: Select the minimum needed:
- For public repos only:
public_repo - For private repos:
repo(full control)
- For public repos only:
-
Click Generate token and copy it immediately. The token format is
ghp_xxxxxxxxxxxxxxxxxxxx.
Store the token in your password manager immediately. You cannot view it again after leaving the page.
2. AI provider API key (required)
Choose one provider:
Option A: Anthropic (Claude) - Recommended
Claude excels at following detailed instructions and explaining reasoning.
Get an Anthropic API key:
- Go to console.anthropic.com
- Sign up or log in
- Click Get API Keys in the navigation
- Click Create Key
- Name it "Release Notes Automation"
- Copy the key (starts with
sk-ant-)
Pay-as-you-go pricing: approximately $0.01-0.03 per release notes generation
Free tier: $5 credit for new accounts
Option B: OpenAI (GPT)
GPT offers wide availability, fast performance, and good general capabilities.
Get an OpenAI API key:
- Go to platform.openai.com
- Sign up or log in
- Click your profile then View API Keys
- Click Create new secret key
- Name it "Release Notes Automation"
- Copy the key (starts with
sk-)
Pay-as-you-go pricing: approximately $0.02-0.05 per release notes generation
Free tier: $5 credit for new accounts (first 3 months)
Configure your keys
1. Open configuration file
Edit config.yaml in the repository root:
Open in your text editor:
2. Add your keys
For Anthropic (Claude):
# AI Provider
ai_provider: "anthropic"
ai_api_key: "sk-ant-your-actual-key-here"
model: "claude-3-sonnet-20240229"
# GitHub
github_token: "ghp_your-actual-token-here"
# Optional: Set a default repository
default_repo: "your-username/your-repo"
output_file: "release_notes.md"
For OpenAI (GPT):
# AI Provider
ai_provider: "openai"
ai_api_key: "sk-your-actual-key-here"
model: "gpt-4"
# GitHub
github_token: "ghp_your-actual-token-here"
# Optional: Set a default repository
default_repo: "your-username/your-repo"
output_file: "release_notes.md"
3. Save the file
Save and close your editor.
The config.yaml file is in .gitignore to prevent accidental commits. Never commit this file. Verify it does not appear in git status:
Test your configuration
Test 1: Configuration file loads
cd 01-release-notes-automation
python -c "import yaml; config = yaml.safe_load(open('../config.yaml')); print('Configuration loaded')"
The output shows Configuration loaded.
Test 2: GitHub API access
python -c "
from github import Github
import yaml
config = yaml.safe_load(open('../config.yaml'))
g = Github(config['github_token'])
user = g.get_user()
print(f'GitHub API working. Connected as: {user.login}')
"
The output shows GitHub API working. Connected as: your-username.
Test 3: AI API access
Test Anthropic:
python -c "
import anthropic
import yaml
config = yaml.safe_load(open('../config.yaml'))
client = anthropic.Anthropic(api_key=config['ai_api_key'])
message = client.messages.create(
model='claude-3-sonnet-20240229',
max_tokens=10,
messages=[{'role': 'user', 'content': 'Say hello'}]
)
print('Anthropic API working')
print(f'Response: {message.content[0].text}')
"
Test OpenAI:
python -c "
from openai import OpenAI
import yaml
config = yaml.safe_load(open('../config.yaml'))
client = OpenAI(api_key=config['ai_api_key'])
response = client.chat.completions.create(
model='gpt-4',
messages=[{'role': 'user', 'content': 'Say hello'}],
max_tokens=10
)
print('OpenAI API working')
print(f'Response: {response.choices[0].message.content}')
"
The output shows a success message with a response.
Follow security best practices
Do these actions
-
Use environment variables for production:
-
Add config.yaml to .gitignore (already done)
-
Rotate keys regularly (every 90 days)
-
Use minimal scopes (only
public_repowhen possible) -
Store in password manager for backup
Avoid these actions
- Never commit
config.yamlwith real keys - Share API keys in Slack or email
- Use production tokens for testing
- Hardcode keys in scripts
- Push to public repositories with keys
Troubleshooting
Invalid GitHub token
Error: 401 Unauthorized or Bad credentials
Solutions:
- Verify token is copied correctly (no extra spaces)
- Check token has not expired
- Verify required scopes are enabled
- Try regenerating the token
Invalid AI API key
Error: Invalid API key or Authentication failed
Solutions:
- Verify key is copied correctly
- Check you are using the right provider (
anthropicversusopenai) - Verify billing is set up (after free tier)
- Check API key is active in provider console
Configuration file not found
Error: FileNotFoundError: config.yaml
Solutions:
- Verify you are in the right directory
- Check the file exists:
ls -la config.yaml - Verify you copied from
config.example.yaml
Module import errors
Error: ModuleNotFoundError: No module named 'anthropic'
Solutions:
- Activate virtual environment:
source venv/bin/activate - Reinstall dependencies:
pip install -r requirements.txt - Verify Python version:
python --version(3.8+)
Summary
You created a GitHub API token with appropriate scopes, obtained an AI provider API key, configured both keys securely, verified API connections work, and reviewed security best practices.
Next step
Run your first automation with APIs configured.
Estimated cost per run: GitHub API is free (rate limited to 5,000 requests per hour), AI API costs $0.01-0.05 per release notes generation. For typical biweekly releases: approximately $0.50-1.00 per month.