ierceg
commented
7 years ago @neboysa is this solved with sequence in which github-access is followed by pullreq?
Open ierceg opened 7 years ago
ierceg
commented
7 years ago @neboysa is this solved with sequence in which github-access is followed by pullreq?
PR engine relies on reading from github access engine's sandbox. This means that any change in data store implementation of github access engine will impact PR engine as well. Engines should be encapsulated and not leak implementation details between each other. To solve this we could add a
GET /tokenendpoint to github access engine. One problem with this is that if lazy is on the "internets" then token could be easily leaked (completely different situation from deciding not to encrypt the tokens in the data store). To solve that leakage problem we would need to separate internal and external endpoints (see #44)