Azure / static-web-apps

Azure Static Web Apps. For bugs and feature requests, please create an issue in this repo. For community discussions, latest updates, kindly refer to the Discussions Tab. To know what's new in Static Web Apps, visit https://aka.ms/swa/ThisMonth
https://aka.ms/swa
MIT License
333 stars 57 forks source link

GitHub organization access via GitHub app vs OAuth app #1056

Open achalmers-lly opened 1 year ago

achalmers-lly commented 1 year ago

I developed a static web app for my organization. When working with my organization's developer support team, there was concern with integrating with SWA directly to our GitHub organization as the integration uses an OAuth app, rather than a GitHub app. For multiple reasons, including more granular security, our team prefers using GitHub apps. To complete the project, we pivoted to using Azure DevOps as a bridge to the GitHub repo.

We are now attempting to consolidate our developer toolchains to a single platform, moving to GitHub Actions for pipelines. Unfortunately, this could negatively impact the current static web app, if an alternative approach to the OAuth integration is not available.

Has there been any consideration of implementing a GitHub App integration for SWA? Are there any alternatives that would enable granular access to a single organizational repository for this use case?

vivekjilla commented 1 year ago

Hi @achalmers-lly Are you talking about the integration that happens during the SWA creation in Azure Portal? We use it only temporarily to add the workflow yml file automatically to your repro while creating SWA app.

If you don't want this, you can choose other as the source in the deployment details section, and then add the workflow file manually to your repo.

You can follow these instructions partly to do this: https://learn.microsoft.com/en-us/azure/static-web-apps/bitbucket?tabs=vanilla-javascript and then use any other github based SWA app's workflow yml file as a reference to create your own workflow file. Hope this helps!