From 93a488bde08ad8c2abfd66c35277fc272a83a2f8 Mon Sep 17 00:00:00 2001 From: Tedi Mitiku Date: Mon, 26 Feb 2024 11:07:59 -0500 Subject: [PATCH] add oauth token info to github docs --- docs/docs/cli-reference/engine-start.md | 1 + docs/docs/guides/running-private-packages.md | 6 +++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/docs/cli-reference/engine-start.md b/docs/docs/cli-reference/engine-start.md index 0c2b428be0..39955dc329 100644 --- a/docs/docs/cli-reference/engine-start.md +++ b/docs/docs/cli-reference/engine-start.md @@ -15,5 +15,6 @@ You may optionally pass in the following flags with this command: * `--log-level`: The level that the started engine should log at. Options include: `panic`, `fatal`, `error`, `warning`, `info`, `debug`, or `trace`. The engine logs at the `info` level by default. * `--version`: The version (Docker tag) of the Kurtosis engine that should be started. If not set, the engine will start up with the default version. * `--enclave-pool-size`: The size of the Kurtosis engine enclave pool. The enclave pool is a component of the Kurtosis engine that allows us to create and maintain 'n' number of idle enclaves for future use. This functionality allows to improve the performance for each new creation enclave request. +* `--github-auth-token`: The auth token to use for authorizing GitHub operations. If set, this will override the currently logged in GitHub user from `kurtosis github login`, if one exists. Note, this token does not persist when restarting the engine. CAUTION: The `--enclave-pool-size` flag is only available for Kubernetes. \ No newline at end of file diff --git a/docs/docs/guides/running-private-packages.md b/docs/docs/guides/running-private-packages.md index 9a05d06430..20f1c64aa4 100644 --- a/docs/docs/guides/running-private-packages.md +++ b/docs/docs/guides/running-private-packages.md @@ -28,7 +28,11 @@ A GitHub screen should pop up in your browser instructing you to enter the one-t After entering the code, GitHub will prompt you to authorize Kurtosis CLI. Kurtosis CLI requests [`repo`](https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps#available-scopes) access to repositories for the ability to read and pull from private repositories. -:::info Private Packages within GitHub Orgs +:::info OAuth Token Scopes +While `repo` gives Kurtosis read and write access to private repositories, Kurtosis only performs read operations. GitHub does not support a repo `[repo:read`](https://github.com/jollygoodcode/jollygoodcode.github.io/issues/6) OAuth scope, but an alternative is to use [fine-grained personal access tokens](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#fine-grained-personal-access-tokens) to restrict Kurtosis CLI read/write and repository permissions. This token can be pass to Kurtosis CLI via the [`kurtosis engine start --github-auth-token=<>`](../cli-reference/engine-start.md) flag. +::: + +:::note Private Packages within GitHub Orgs If the private package you'd like to develop on lives in a GitHub org, the organization must also authorize Kurtosis CLI. To have an organization you are a part of authorize Kurtosis CLI, click the `Request` button next to the organization name on the authorization page, then notify your org admins to accept the request via email. :::