search

axiom-data-science / feedstockrot

Tool to check how rotten conda-forge feedstocks are. Inspired by sesh/piprot.
MIT License
9 stars 3 forks source link

What kind of token #2

Open CJ-Wright opened 7 years ago

CJ-Wright commented 7 years ago

What kind of token is needed? Which permissions?

RSully commented 7 years ago

You want to generate a "Personal access token" (here).

I forget exactly which permissions are required, but I believe I have mine set to use public_repo, read:org, read:repo_hook, repo:status, repo_deployment for development (which is probably way overkill!)

Keep in mind you can edit the permissions after you generate the token, so if you don't allow enough access (or want to try removing access) you can after the fact.

This is definitely something I should look into again and document. If you figure anything out please post here!

CJ-Wright commented 7 years ago

I realized the problem I was having was due to the github package not supporting teams (and thus missing all the repos associated with me). I have a work around now which kinda works (using requests to get all my repos and then feeding them into feedstockrot).

RSully commented 7 years ago

If you want to share that code I'd definitely be interested in taking a peak! I imagine this is only going to become more of an issue going forward. Maybe worth patching the github package even, or making our own small module that just has a subset of the functionality we need.

CJ-Wright commented 7 years ago

This was written in xonsh so I combined the CLI call and the requests library stuff together. You could just hand d to feedstockrot.

import requests

def main(user, password):
    # get all the packages for the user
    gr = requests.get('https://api.github.com/user/teams',
                      auth=(str(user), str(password)))
    a = gr.json()
    b = [c for c in a if 'conda-forge' in c['organization']['html_url']]
    d = [z['name'] for z in b if z['name'] != 'all-members']
    for s in d:
        feedstockrot @(s)

Edit: add link to xonsh

CJ-Wright commented 7 years ago

Also you might try to combine this with https://github.com/conda-forge/conda-forge.github.io/blob/master/scripts/tick_my_feedstocks.py which will also bump versions for out of date feedstocks, although it only works for pypi (hence the collaboration, they bring the bumping support and this project brings the github release support)