Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support custom permissions #3

Open
parkerbxyz opened this issue Jun 8, 2023 · 3 comments · May be fixed by #168
Open

Support custom permissions #3

parkerbxyz opened this issue Jun 8, 2023 · 3 comments · May be fixed by #168
Labels
feature New feature or request

Comments

@parkerbxyz
Copy link
Contributor

parkerbxyz commented Jun 8, 2023
edited by gr2m
Loading

follow up to: 2d5eced

Our idea is to add separate permission_* parameters for each permission supported by GitHub Apps:
https://docs.github.com/en/rest/overview/permissions-required-for-github-apps

The permission_* keys can be generated based off https://github.com/octokit/app-permissions. Each time a new version of @octokit/app-permissions is released, the action.yml could be updated, in order to keep permissions always up-to-date. The README.md should be updated as well to make sure the documentation is up-to-date as well. Most permissions can be set to read or write, some can also be set to admin.

Having separate permissions has the benefit of code intelligence and errors shown directly on GitHub when an unknown permission is set due to a typo.
@gr2m gr2m added the feature New feature or request label Aug 21, 2023
@gr2m gr2m mentioned this issue Sep 4, 2023
Open
@klutchell klutchell mentioned this issue Nov 1, 2023
Open
@gr2m
Copy link
Contributor

gr2m commented Nov 1, 2023

@octokit/app-permissions has a new release that I've been waiting for, it fixes a lot of incorrect and missing permissions: https://github.com/octokit/app-permissions/releases/tag/v2.0.0.

klutchell added a commit to product-os/flowzone that referenced this issue Dec 19, 2023
@klutchell
BREAKING: switch to official actions/create-github-app-token
c233d4c 
This deprecates support for the token_scope input for custom
actions which wasn't used anywhere anyway.

It also deprecates support for the installation_id input as
the installation will be derived from the repo owner.

The old token action is still in use to enable auto-merge where
custom token scopes were still required. This will be removed
in the future when custom permissions are supported by the new
action.

See: tibdex/github-app-token#99
See: actions/create-github-app-token#3
Resolves: #790

Change-type: major
Signed-off-by: Kyle Harding <[email protected]>
@klutchell klutchell mentioned this issue Dec 19, 2023
Open
klutchell added a commit to product-os/flowzone that referenced this issue Dec 19, 2023
@klutchell
BREAKING: switch to official actions/create-github-app-token
55dcd0c 
This deprecates support for the token_scope input for custom
actions which wasn't used anywhere anyway.

It also deprecates support for the installation_id input as
the installation will be derived from the repo owner.

The old token action is still in use to enable auto-merge where
custom token scopes were still required. This will be removed
in the future when custom permissions are supported by the new
action.

See: tibdex/github-app-token#99
See: actions/create-github-app-token#3
Resolves: #790

Change-type: major
Signed-off-by: Kyle Harding <[email protected]>
klutchell added a commit to product-os/flowzone that referenced this issue Dec 19, 2023
@klutchell
BREAKING: switch to official actions/create-github-app-token
fa30b03 
This deprecates support for the token_scope input for custom
actions which wasn't used anywhere anyway.

It also deprecates support for the installation_id input as
the installation will be derived from the repo owner.

The old token action is still in use to enable auto-merge where
custom token scopes were still required. This will be removed
in the future when custom permissions are supported by the new
action.

See: tibdex/github-app-token#99
See: actions/create-github-app-token#3
Resolves: #790

Change-type: major
Signed-off-by: Kyle Harding <[email protected]>
klutchell added a commit to product-os/flowzone that referenced this issue Dec 19, 2023
@klutchell
BREAKING: switch to official actions/create-github-app-token
dfe649d 
This deprecates support for the token_scope input for custom
actions which wasn't used anywhere anyway.

It also deprecates support for the installation_id input as
the installation will be derived from the repo owner.

The old token action is still in use to enable auto-merge where
custom token scopes were still required. This will be removed
in the future when custom permissions are supported by the new
action.

See: tibdex/github-app-token#99
See: actions/create-github-app-token#3
Resolves: #790

Change-type: major
Signed-off-by: Kyle Harding <[email protected]>
klutchell added a commit to product-os/flowzone that referenced this issue Dec 20, 2023
@klutchell
BREAKING: switch to official actions/create-github-app-token
45c2f33 
This deprecates support for the token_scope input for custom
actions which wasn't used anywhere anyway.

It also deprecates support for the installation_id input as
the installation will be derived from the repo owner.

The old token action is still in use to enable auto-merge where
custom token scopes were still required. This will be removed
in the future when custom permissions are supported by the new
action.

See: tibdex/github-app-token#99
See: actions/create-github-app-token#3
Resolves: #790

Change-type: major
Signed-off-by: Kyle Harding <[email protected]>
klutchell added a commit to product-os/flowzone that referenced this issue Jan 2, 2024
@klutchell
BREAKING: switch to official actions/create-github-app-token
bb4701c 
This deprecates support for the token_scope input for custom
actions which wasn't used anywhere anyway.

It also deprecates support for the installation_id input as
the installation will be derived from the repo owner.

The old token action is still in use to enable auto-merge where
custom token scopes were still required. This will be removed
in the future when custom permissions are supported by the new
action.

See: tibdex/github-app-token#99
See: actions/create-github-app-token#3
Resolves: #790

Change-type: major
Signed-off-by: Kyle Harding <[email protected]>
@gr2m gr2m mentioned this issue Mar 3, 2024
Closed
@doublecompile doublecompile mentioned this issue Mar 27, 2024
Open
@gr2m gr2m linked a pull request Sep 5, 2024 that will close this issue
Draft
5 tasks
@gr2m gr2m mentioned this issue Sep 13, 2024
Closed
@rvermeulen
Copy link

@parkerbxyz @gr2m is still being worked on?

@gr2m
Copy link
Contributor

gr2m commented Oct 7, 2024

yes, we just don't have much time for it and had to prioritize #143.

We started to work on a script that auto-updates the action.yml file to add all supported permissions as separate input variables, so that you get the full benefit of type checking in your dev environment and on github.com:
#168

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature New feature or request
Projects
None yet
Milestone
No milestone
3 participants
@gr2m @rvermeulen @parkerbxyz