create-github-app-token icon indicating copy to clipboard operation
create-github-app-token copied to clipboard

Published 20 hours ago verified publisher icon actions

Support custom permissions

Open parkerbxyz opened this issue 1 year ago • 1 comments

follow up to: https://github.com/gr2m/github-app-token-action/pull/1/commits/2d5eced5968e6735fec0d8906d277ec8c8acc4b3

Our idea is to add separate permission_* parameters for each permission supported by GitHub Apps: https://docs.github.com/en/rest/overview/permissions-required-for-github-apps

The permission_* keys can be generated based off https://github.com/octokit/app-permissions. Each time a new version of @octokit/app-permissions is released, the action.yml could be updated, in order to keep permissions always up-to-date. The README.md should be updated as well to make sure the documentation is up-to-date as well. Most permissions can be set to read or write, some can also be set to admin.

Having separate permissions has the benefit of code intelligence and errors shown directly on GitHub when an unknown permission is set due to a typo.

parkerbxyz avatar Jun 08 '23 23:06 parkerbxyz

@octokit/app-permissions has a new release that I've been waiting for, it fixes a lot of incorrect and missing permissions: https://github.com/octokit/app-permissions/releases/tag/v2.0.0.

gr2m avatar Nov 01 '23 21:11 gr2m

@parkerbxyz @gr2m is still being worked on?

rvermeulen avatar Oct 04 '24 18:10 rvermeulen

yes, we just don't have much time for it and had to prioritize https://github.com/actions/create-github-app-token/pull/143.

We started to work on a script that auto-updates the action.yml file to add all supported permissions as separate input variables, so that you get the full benefit of type checking in your dev environment and on github.com: https://github.com/actions/create-github-app-token/pull/168

gr2m avatar Oct 07 '24 20:10 gr2m