I haven't found any elegant way around githubs PITA scope management, other than having to create an github app per repo? Is this the way you run it too? If there is a common githubapp/private key, then any repo can invoke any action across the whole org - which would be a major security issue. The whole permission system combined with workflows not being able to invoke other workflows within the same repo is a major pitfall in github. Have do you deal with this across teams/repos?
oxzwalkar21
commented
1 year ago
I haven't found any elegant way around githubs PITA scope management, other than having to create an github app per repo? Is this the way you run it too? If there is a common githubapp/private key, then any repo can invoke any action across the whole org - which would be a major security issue. The whole permission system combined with workflows not being able to invoke other workflows within the same repo is a major pitfall in github. Have do you deal with this across teams/repos?