evankanderson
commented
1 month ago @ethomson -- is this something we want to spend influence with GitHub on?
Open eleftherias opened 4 months ago
evankanderson
commented
1 month ago @ethomson -- is this something we want to spend influence with GitHub on?
ethomson
commented
1 month ago I've yelled about it to the PM, I'll yell about it some more, but it doesn't seem like something they're likely to fix in the near term.
GitHub fine grained tokens, including the tokens generated by a GitHub Apps, do not have access to list all the containers associated with a repository.
In Minder's implementation of the GitHub App provider, we use a fallback token in order to list the containers associated with a repository. https://github.com/stacklok/minder/blob/f716baa8d6e97a5ef246c8afe1176dc8c44b07df/internal/providers/github/common.go#L169 However, this token only has access to public packages on public repos.
This is a limitation of the GitHub packages API. There is currently no issue in the GitHub backlog that is tracking this feature, but is related to https://github.com/github/roadmap/issues/558.