Closed 0x4007 closed 5 months ago
If we want to provide some ubiquity governance token incentive for partners to start using our bot to manage their repositories, how do you think we can securely implement this with a whitelist?
@wannacfuture rfc
I think we should create another Github app for plugins that requests permission actions:write
(for triggering workflow_dispatch
) so that way we can invoke any plugin that has this app installed on the repository, instead of having a PAT which is created by a certain user so it means the user needs permissions on every plugin repo.
Having a PAT also won't work because the Github compute action won't be able to trigger a repository_dispatch
event on other repositories without having explicit access, so I think it would be better to create repository_dispatch
event on the plugin repository itself which will trigger our bot.
# Issue was not closed as completed. Skipping.
compute.yml
instead of trying to pass it all in to the actions dispatch API.