Skip to content

This issue was moved to a discussion.

You can continue the conversation there. Go to discussion →

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Transitioning from Personal Access Token to GitHub App for Authentication #639

Closed
maltif opened this issue Mar 14, 2024 · 0 comments
Closed

Transitioning from Personal Access Token to GitHub App for Authentication #639

maltif opened this issue Mar 14, 2024 · 0 comments

Comments

@maltif
Copy link

maltif commented Mar 14, 2024

We currently face GitHub API rate limit issues while collecting and visualizing GitHub metrics for our company's private repositories using GrimoireLab. We have around 1500 private repositories and are collecting various metrics such as git commits, GitHub pull requests data, and GitHub issues.

To address the API rate limit issue, we plan to transition from using a personal access token (PAT) to GitHub App-based authentication. However, we lack clarity on how to configure this transition within GrimoireLab and what permissions are required for the GitHub App to pull all the necessary metrics from our private repositories.

We've reviewed the GrimoireLab documentation, particularly the tutorial section, but couldn't find sufficient guidance on this specific topic.

Objectives:

  1. Understand the process of transitioning from PAT to GitHub App-based authentication within GrimoireLab.
  2. Determine the required permissions for the GitHub App to access and retrieve metrics from our private repositories.

Proposed Questions for Discussion:

  1. Could someone provide guidance on how to configure GrimoireLab to use GitHub App-based authentication instead of a personal access token?
  2. Are the repository permissions listed below sufficient for the GitHub App to effectively collect all the required metrics from our private repositories?
    • Actions: Read Only
    • Commit Statuses: Read Only
    • Contents: Read Only
    • Environments: Read Only
    • Merge Queues: Read Only
    • Metadata: Read Only
    • Pull Requests: Read Only
    • Discussions: Read Only
    • Issues: Read Only
    • Secrets: Read Only
    • Variables: Read Only
  3. Are there any specific considerations or best practices we should be aware of during this transition process?

Additional Context:

We believe transitioning to GitHub App-based authentication will alleviate the API rate limit issues we're currently facing and ensure smoother data collection for our metrics analysis. Any insights or assistance from the Grimoire project maintainers or knowledgeable community members would be greatly appreciated.

Thank you in advance for your assistance.
@zhquan @sduenas
@chaoss chaoss locked and limited conversation to collaborators Mar 15, 2024
@sduenas sduenas converted this issue into discussion #641 Mar 15, 2024

This issue was moved to a discussion.

You can continue the conversation there. Go to discussion →

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@maltif