From 8fa655c14c571e5f64eebb2c79dbb602e15a319d Mon Sep 17 00:00:00 2001
From: Michael Bear <38406045+mjbear@users.noreply.github.com>
Date: Fri, 4 Oct 2024 20:12:25 -0400
Subject: [PATCH 1/2] Add collapsible sections for token details in
 4-pull-your-image.md

---
 .github/steps/4-pull-your-image.md | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/.github/steps/4-pull-your-image.md b/.github/steps/4-pull-your-image.md
index cd22d22..2bef367 100644
--- a/.github/steps/4-pull-your-image.md
+++ b/.github/steps/4-pull-your-image.md
@@ -21,7 +21,21 @@ For ease of use and cross-platform compatibility (Windows, Mac, and Linux), we'l
 
 :inbox_tray: To pull the Docker image, we need to log into Docker first.
 
-Before we can use this Docker image, you will need to generate a [personal access token (classic)](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token) that contains the following permissions:
+Before we can use this Docker image, you will need to generate a [personal access token (classic)](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token).
+
+There are two token options :coin: and only ***one*** is needed for this exercise.
+<details open>
+<summary><b>1. :salt: Fine-grained tokens (recommended :fire:)</b></summary>
+
+1. In the Repository Access section choose **Only select repositories**
+1. In the Select repositories, search for and click on the current repo name
+1. In the Permissions section, expand Repository Permissions
+1. Change **Deployments** to Read-only
+1. Scroll down and click **Generate token**
+</details>
+
+<details>
+<summary>2. Personal Access Token (classic)</summary>
 
 **Scopes for Personal Access Token (classic)** :coin:
 - repo (all)
@@ -29,6 +43,7 @@ Before we can use this Docker image, you will need to generate a [personal acces
 - read:packages
 
 ![screenshot personal access token creation page with boxes for repo (all), write:packages, and read:packages checked](https://user-images.githubusercontent.com/3250463/219254714-82bb1da5-33b1-491b-97c0-b25f51494f6a.png)
+</details>
 
 We will use this token to log in to Docker, and authenticate with the package.
 

From b3866e6ee053eb0e4468620b733cb555af38efee Mon Sep 17 00:00:00 2001
From: Michael Bear <38406045+mjbear@users.noreply.github.com>
Date: Fri, 4 Oct 2024 20:22:37 -0400
Subject: [PATCH 2/2] Add alert box for token choice in 4-pull-your-image.md

---
 .github/steps/4-pull-your-image.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/steps/4-pull-your-image.md b/.github/steps/4-pull-your-image.md
index 2bef367..f30268e 100644
--- a/.github/steps/4-pull-your-image.md
+++ b/.github/steps/4-pull-your-image.md
@@ -23,9 +23,11 @@ For ease of use and cross-platform compatibility (Windows, Mac, and Linux), we'l
 
 Before we can use this Docker image, you will need to generate a [personal access token (classic)](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token).
 
-There are two token options :coin: and only ***one*** is needed for this exercise.
+> [!IMPORTANT]
+> Of the two token types, [fine-grained tokens](https://github.blog/security/application-security/introducing-fine-grained-personal-access-tokens-for-github/) are ***recommended*** over classic tokens since they offer enhanced security and flexibility.
+
 <details open>
-<summary><b>1. :salt: Fine-grained tokens (recommended :fire:)</b></summary>
+<summary><b>1. :salt: Fine-grained tokens</b></summary>
 
 1. In the Repository Access section choose **Only select repositories**
 1. In the Select repositories, search for and click on the current repo name