search

gr2m / github-app-webhook-relay

Receive webhooks from a GitHub repository using websockets amended with an installation key for usage with GitHub Apps
ISC License
4 stars 1 forks source link

[BLOCKED] Make `octokit`/`createHookToken` option, create webhook using app and `owner`/`repo` instead #4

Open gr2m opened 10 months ago

gr2m commented 10 months ago

This will simplify the usage of this library.

Instead of using a separate token to create a webhook in a repository or organization, the app can be used itself. However, that requires the repository_hooks:write / organization_hooks:write permissions, respectively.

First we need to check if the permission is present, based on whether repo argument is set or not. What I would do is to retrieve the whole installation object instead of just the installation ID, and then check for the permissions key

Here is the current code

https://github.com/gr2m/github-app-webhook-relay/blob/ca79b5405d58e3a566cfdedb14f30a455b6800e9/api/start.js#L47-L51

Then if the correct permission is available, simply instantiate a new octokit instance for that installation like this

const installationOctokit = await state.app.getInstallationOctokit(installation.id);

This change will also require updates to the README, stating that neither createHookToken nor octokit options need to be set if the passed app instance has the correct permission to create the repository / organization hook

gr2m commented 10 months ago

I tried this and it failed, there is some kind of problem if the webhook is created by an installation instead of a user, unfortunately. I'll try to investigate.