[Jenkins-infra] Handling GitHub Apps Requests
R. Tyler Croy
tyler at monkeypox.org
Fri Sep 7 17:44:32 UTC 2018
(replies inline)
On Fri, 07 Sep 2018, Daniel Beck wrote:
>
>
> > On 7. Sep 2018, at 05:01, R. Tyler Croy <tyler at monkeypox.org> wrote:
> >
> > What makes this even *more* annoying is that it looks like the user can request
> > to install the App into repositories for which they're not even administrators.
>
> This should be a bug based on my reading of the docs[1].
These docs tell me who can _install_, not who can request to install. I think
just about anybody in the org can _request_ to install.
> > You must be an organization owner or have admin permissions in a repository to request a GitHub App installation.
>
>
> Additionally, it seems the _requests_ are limited to just GitHub Apps that "[require] organization permissions", whatever that is. Otherwise they would just be installed. I went through this a few weeks ago after a contributor installed an app, and I was wondering out why that was possible.
That's not correct from what I could see. I could request to install
per-repository for repositories I where I am not an admin. I just didn't
screenshot that :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.jenkins-ci.org/pipermail/jenkins-infra/attachments/20180907/6150aa10/attachment.asc>
More information about the Jenkins-infra
mailing list