fwyzard
commented
7 years ago Please create a "public" OAuth API key, and update the cms-git-tools scripts. I would like to remove current OAuth key from my account.
Closed fwyzard closed 4 years ago
fwyzard
commented
7 years ago Please create a "public" OAuth API key, and update the cms-git-tools scripts. I would like to remove current OAuth key from my account.
cmsbuild
commented
7 years ago A new Issue was created by @fwyzard Andrea Bocci.
@davidlange6, @Dr15Jones, @smuzaffar can you please review it and eventually sign/assign? Thanks.
cms-bot commands are listed here
smuzaffar
commented
4 years ago @fwyzard , thanks for providing your APi token. Although https://github.com/cms-sw/cms-git-tools/pull/112 now uses cmsbot token but can you please keep your token around for few months. There might be cmssw installations with old cms-git-tools which might need it.
smuzaffar
commented
4 years ago @fwyzard , looks like we have to deploy the token in some other way as git does not like committing the token in any github repos. Here is message I have received from github [a].
How about we use base64 encoding/decoing?
[a]
We noticed that a valid OAuth access token of yours was committed to a GitHub repository.
As a precautionary measure, we have revoked the OAuth tokenInteresting... must be some new check they added
fwyzard
commented
4 years ago How about we use base64 encoding/decoding?
Sure, anything simple should be fine.
git-cms-init uses the GitHub API to check if a user has properly setup his or her repository. Anonymous queries are limited to 60 per hour per machine - which may sometimes become a problem on shared machines like lxplus. Authenticated queries have a much higher limit (5000 per hour), making it much less lilely to run into it.
Would it be possible to create one "public" API key for the cms-sw user, without any access to any scope, to be used by the git-cms-init queries ?
For the moment I will set it up to use a similar key for my account, but it would be more sensible to have one from cms-sw.