AGNTCY
Proposal: AGNTCY GitHub App #35
Replies: 2 comments 2 replies
-
|
We want to leverage GH App in Directory asap, so any recommendations/help on this would be highly appreciated. |
Beta Was this translation helpful? Give feedback.
-
|
OK. Let's do that. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks @ramizpolic to propose this! I have a question about it. We already have the safe-settings app, which we run as part of the CICD directly in github actions in the org-admin repo. This allows not to depend on external infrastructure. In the case of this app, where are we going to run it? If we run it in github actions, we will still need to give the client-secret and the private key to the app to authenticate against github, and these secrets will be available in the github workflow itself. So even if the app will use short-lived, auto-rotating tokens as result of the first authentication, the gh workflow will still use some long term credentials. |
Beta Was this translation helpful? Give feedback.
-
|
Clarified - we will use this app as common identity stub for workflows to perform the operations described in Automation Capabilities. No need to run it. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Summary
Add a GitHub App to consolidate service accounts, automate workflows, and enhance security across all repositories in our GitHub organisation.
Example usage of GH App includes: managing project issues, PRs, discussions, release coordination, automated contributions, dependency updates, and overall management within/across repos by a central user/app.
Why GitHub App?
Security Benefits:
Service Account Consolidation:
Currently we maintain separate service accounts for:
A GitHub App eliminates this complexity with unified access management.
Automation Capabilities:
Developer Experience:
Beta Was this translation helpful? Give feedback.
All reactions