Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support custom permissions #3

Open
parkerbxyz opened this issue Jun 8, 2023 · 3 comments · May be fixed by #168
Open

Support custom permissions #3

parkerbxyz opened this issue Jun 8, 2023 · 3 comments · May be fixed by #168
Labels
feature New feature or request

Comments

@parkerbxyz
Copy link
Contributor

parkerbxyz commented Jun 8, 2023

follow up to: 2d5eced

Our idea is to add separate permission_* parameters for each permission supported by GitHub Apps:
https://docs.github.com/en/rest/overview/permissions-required-for-github-apps

The permission_* keys can be generated based off https://github.com/octokit/app-permissions. Each time a new version of @octokit/app-permissions is released, the action.yml could be updated, in order to keep permissions always up-to-date. The README.md should be updated as well to make sure the documentation is up-to-date as well. Most permissions can be set to read or write, some can also be set to admin.

Having separate permissions has the benefit of code intelligence and errors shown directly on GitHub when an unknown permission is set due to a typo.

@gr2m
Copy link
Contributor

gr2m commented Nov 1, 2023

@octokit/app-permissions has a new release that I've been waiting for, it fixes a lot of incorrect and missing permissions: https://github.com/octokit/app-permissions/releases/tag/v2.0.0.

klutchell added a commit to product-os/flowzone that referenced this issue Dec 19, 2023
This deprecates support for the token_scope input for custom
actions which wasn't used anywhere anyway.

It also deprecates support for the installation_id input as
the installation will be derived from the repo owner.

The old token action is still in use to enable auto-merge where
custom token scopes were still required. This will be removed
in the future when custom permissions are supported by the new
action.

See: tibdex/github-app-token#99
See: actions/create-github-app-token#3
Resolves: #790

Change-type: major
Signed-off-by: Kyle Harding <kyle@balena.io>
klutchell added a commit to product-os/flowzone that referenced this issue Dec 19, 2023
This deprecates support for the token_scope input for custom
actions which wasn't used anywhere anyway.

It also deprecates support for the installation_id input as
the installation will be derived from the repo owner.

The old token action is still in use to enable auto-merge where
custom token scopes were still required. This will be removed
in the future when custom permissions are supported by the new
action.

See: tibdex/github-app-token#99
See: actions/create-github-app-token#3
Resolves: #790

Change-type: major
Signed-off-by: Kyle Harding <kyle@balena.io>
klutchell added a commit to product-os/flowzone that referenced this issue Dec 19, 2023
This deprecates support for the token_scope input for custom
actions which wasn't used anywhere anyway.

It also deprecates support for the installation_id input as
the installation will be derived from the repo owner.

The old token action is still in use to enable auto-merge where
custom token scopes were still required. This will be removed
in the future when custom permissions are supported by the new
action.

See: tibdex/github-app-token#99
See: actions/create-github-app-token#3
Resolves: #790

Change-type: major
Signed-off-by: Kyle Harding <kyle@balena.io>
klutchell added a commit to product-os/flowzone that referenced this issue Dec 19, 2023
This deprecates support for the token_scope input for custom
actions which wasn't used anywhere anyway.

It also deprecates support for the installation_id input as
the installation will be derived from the repo owner.

The old token action is still in use to enable auto-merge where
custom token scopes were still required. This will be removed
in the future when custom permissions are supported by the new
action.

See: tibdex/github-app-token#99
See: actions/create-github-app-token#3
Resolves: #790

Change-type: major
Signed-off-by: Kyle Harding <kyle@balena.io>
klutchell added a commit to product-os/flowzone that referenced this issue Dec 20, 2023
This deprecates support for the token_scope input for custom
actions which wasn't used anywhere anyway.

It also deprecates support for the installation_id input as
the installation will be derived from the repo owner.

The old token action is still in use to enable auto-merge where
custom token scopes were still required. This will be removed
in the future when custom permissions are supported by the new
action.

See: tibdex/github-app-token#99
See: actions/create-github-app-token#3
Resolves: #790

Change-type: major
Signed-off-by: Kyle Harding <kyle@balena.io>
klutchell added a commit to product-os/flowzone that referenced this issue Jan 2, 2024
This deprecates support for the token_scope input for custom
actions which wasn't used anywhere anyway.

It also deprecates support for the installation_id input as
the installation will be derived from the repo owner.

The old token action is still in use to enable auto-merge where
custom token scopes were still required. This will be removed
in the future when custom permissions are supported by the new
action.

See: tibdex/github-app-token#99
See: actions/create-github-app-token#3
Resolves: #790

Change-type: major
Signed-off-by: Kyle Harding <kyle@balena.io>
@gr2m gr2m mentioned this issue Sep 13, 2024
@rvermeulen
Copy link

@parkerbxyz @gr2m is still being worked on?

@gr2m
Copy link
Contributor

gr2m commented Oct 7, 2024

yes, we just don't have much time for it and had to prioritize #143.

We started to work on a script that auto-updates the action.yml file to add all supported permissions as separate input variables, so that you get the full benefit of type checking in your dev environment and on github.com:
#168

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature New feature or request
Projects
None yet
3 participants