feat: introduces github app authentication #3
Conversation
Signed-off-by: Gustavo Carvalho <gustavo@externalsecrets.com>
|
@jonathandavies-CS @ssherar what would be the best way to test these changes are working? Is there any suite I can run ? 😄 |
|
hey @gusfcarvalho Thanks for the PR - it was on our to-do list to add app authentication instead of PATs 🎉 Unfortunately there is no test suites written for many of the API driven plugins (as the plugin eco-system matures it is becoming a priority to write them!). However the best approach is to build and configure the agent (https://github.com/compliance-framework/agent) and configure the app with the permissions in the README.md and check if the exit code is 0. You might need a http sink for the evidence creation if you don't want to spin up the API (but it's pretty simple to run in docker-compose, check https://github.com/compliance-framework/demo) |
2 participants
This introduces the option to authenticate leveraging a github app as opposed to a github token. This approach tends to be better seen for organizations as app policies are somewhat better to govern - and all github tokens themselves become very short lived.