Specify scopes needed for GITHUB_TOKEN #114

miparnisari · 2023-03-31T21:29:21Z

https://github.com/bufbuild/buf-setup-action/blob/142056acbddd5ea00e4b7d2834868cd40ed12aca/README.md?plain=1#LL36

Can you please clarify what scopes the token needs?

The text was updated successfully, but these errors were encountered:

rhbuf · 2023-04-10T20:40:15Z

hi @miparnisari taking a quick look at the code, we use the github token in octokit to call for the latest buf to download:

buf-setup-action/src/buf.ts

Lines 136 to 137 in ffdd84c

    
           const octokit = new Octokit({ 
        
             auth: githubToken,

Which uses these endpoints:

GET /repos/{owner}/{repo}/releases
GET /repos/{owner}/{repo}/releases/tags/{tag}

so the token would need contents:read permission. If that sounds sensible then I can put a PR up to clarify this in the README.

miparnisari · 2023-04-12T22:12:21Z

Yes please :)

The README did not make it clear what scopes were needed by the github token that was provided to the action. I have added a section explaining this and also an example of using the `GITHUB_TOKEN` secret. Fixes #114

miparnisari mentioned this issue Apr 14, 2023

ci: fix token permissions openfga/api#73

Merged

rhbuf mentioned this issue Apr 19, 2023

Add documentation for github token scopes #122

Merged

rhbuf closed this as completed in #122 Apr 20, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Specify scopes needed for GITHUB_TOKEN #114

Specify scopes needed for GITHUB_TOKEN #114

miparnisari commented Mar 31, 2023 •

edited

rhbuf commented Apr 10, 2023

miparnisari commented Apr 12, 2023

Specify scopes needed for GITHUB_TOKEN #114

Specify scopes needed for GITHUB_TOKEN #114

Comments

miparnisari commented Mar 31, 2023 • edited

rhbuf commented Apr 10, 2023

miparnisari commented Apr 12, 2023

miparnisari commented Mar 31, 2023 •

edited