Limiting token access scope to specific packages (containers) on repo? #138909
Unanswered
oerp-odoo
asked this question in
API and Webhooks
Replies: 1 comment 4 replies
-
what about using GitHub Apps.this can provide more fine grained control over repository and package access.you can install it at the organization level and configure with specific permissions. |
Beta Was this translation helpful? Give feedback.
4 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Select Topic Area
Question
Body
Is there a way to have more fine grained scope for packages using same user (or org) to generate multiple tokens? We have many packages (docker images) related with single repository. Classic token only gives read access to all packages and I don't see a way to limit that scope.
We need each token to have scope for specific package only and to not need to use multiple users for that (ideally to just generate token from org, but not sure if its even possible).
Currently we workaround this by creating separate github user and granting that user access only to specific package. And then generate classic PAT to have package read access (which does not have more fine grained scope than just read to all possible packages user can access). But this way each "bot" user costs money, yet it is not used as real user..
That new fine grained Token, does not seem to even work properly with users, because if you have some user that has access to org and its resources, that user is not an owner. And to specify access via that TOKEN, it must be an owner, so you can't even choose repository from org.
Beta Was this translation helpful? Give feedback.
All reactions