Using fine-grained tokens instead of an app for github?

[rcmorano]

Aloha!

Firstly, thanks for developing this amazing project 💌 !

I was wondering why an app is required for registering the github actions runners in the repositories and if supporting fine-grained tokens for it is in the roadmap. I'm running the kubernetes github-actions-runners-controller which makes use of just a token to do the exact same job, so in principle, it should be possible for tartalet as well.

Thanks in advance!

[simonbs]

Thanks for opening this issue!

If we can achieve the same thing using fine-grained tokens, then I'm happy to consider transitioning to those. However, off the top of my head, I can think of two potential issues. Do note, however, that I have not verified if these are actually issues yet.

1. I don't think that a fine-grained access token can install runners on an organization.
2. I think that a fine-grained access token is always associated with an individual rather than an organization, which is inconvenient for organizations.

If the above aren't in fact issues, then I'm happy to move to fine-grained tokens.