Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Request] Replace GHCR_PR_TOKEN with GITHUB_TOKEN #613

Closed
tthvo opened this issue Aug 25, 2023 · 4 comments · Fixed by #635
Closed

[Request] Replace GHCR_PR_TOKEN with GITHUB_TOKEN #613

tthvo opened this issue Aug 25, 2023 · 4 comments · Fixed by #635
Assignees
@aali309
Labels
ci good first issue Good for newcomers

Comments

@tthvo
Copy link
Member

tthvo commented Aug 25, 2023
edited
Loading

Describe the feature

Since the event is pull_request_target, the GITHUB_TOKEN is allowed to elevate its permission to write:packages. We can utilize this instead of the GHCR_PR_TOKEN PAT.

Tho, we will need to make sure to specify only necessary permissions.

Anything other information?

https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
@tthvo tthvo added good first issue Good for newcomers ci labels Aug 25, 2023
@tthvo tthvo moved this to Backlog in 2.4.0 release Aug 25, 2023
@andrewazores
Copy link
Member

Need to double check the permission elevation thing. It may work here since the event is pull_request_target as opposed to a comment, but: https://github.com/cryostatio/cryostat/pull/1631#issuecomment-1692439904

@tthvo
Copy link
Member Author

tthvo commented Aug 25, 2023
edited
Loading

Source: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token

If the default permissions for the GITHUB_TOKEN are restrictive, you may have to elevate the permissions to allow some actions and commands to run successfully.

Right! Permissions need to be explicitly elevated.

@tthvo
Copy link
Member Author

tthvo commented Aug 26, 2023
edited
Loading

https://github.com/cryostatio/cryostat/pull/1635#issuecomment-1694094452

@tthvo tthvo mentioned this issue Aug 26, 2023
Merged
@aali309 aali309 self-assigned this Aug 29, 2023
This was referenced Sep 15, 2023
Closed
Closed
@tthvo tthvo moved this from Backlog to In Progress in 2.4.0 release Sep 26, 2023
@tthvo
Copy link
Member Author

tthvo commented Sep 27, 2023

ping @aali309

@aali309 aali309 mentioned this issue Sep 28, 2023
Merged
7 tasks
@github-project-automation github-project-automation bot moved this from In Progress to Done in 2.4.0 release Oct 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aali309 aali309

Labels
ci good first issue Good for newcomers
Projects
No open projects
2.4.0 release
Status: Done
Milestone
No milestone
3 participants
@andrewazores @aali309 @tthvo