search

turbot / steampipe-plugin-github

Use SQL to instantly query repositories, users, gists and more from GitHub. Open source CLI. No DB required.
https://hub.steampipe.io/plugins/turbot/github
Apache License 2.0
74 stars 29 forks source link

Support fine grained personal access tokens #458

Open heasman-proof opened 2 days ago

heasman-proof commented 2 days ago

Is your feature request related to a problem? Please describe. Add support for fine grained personal access tokens to minimize the permissions needed to retrieve data from tables of interest to the user (up to the user to ensure they have added the right permissions to the FG PAT).

Describe the solution you'd like This is a simple change in 4 places in connect and connectV4. Everywhere you validate that the supplied token has the ghp_ prefix, also allow the github_pat_ prefix. I tested that this works as expected.

graza-io commented 2 days ago

@cbruno10 - thoughts on this? I know we looked at it a year or so ago and had some issues

ParthaI commented 2 days ago

@Graza-io, @CBruno10, Further more — I have a few findings related to the fine-grained access token.

The error Resource not accessible by personal access token is caused by a GraphQL field error. You can refer to this documentation on how to handle such errors.

I tested the fix with the github_issue and github_my_issue tables, and pushed some changes to the branch add-support-for-fine-grained-access-token. The code changes seem to be working fine.

However, I’m not entirely sure if this is the best solution. Any thoughts would be appreciated.