Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow using github app auth for private repos #347

Open
KyriosGN0 opened this issue Dec 24, 2024 · 2 comments
Open

allow using github app auth for private repos #347

KyriosGN0 opened this issue Dec 24, 2024 · 2 comments

Comments

@KyriosGN0
Copy link
Contributor

in order to clone private repos with github app we need to generate JWT and sign get access token for the clone command
im happy to work on a PR, but would like some direction on how to implement (where do we generate the JWT/ how often etc)
@Greyeye
Copy link
Collaborator

Greyeye commented Dec 24, 2024

this may be a good start
https://gist.github.com/rajbos/8581083586b537029fe8ab796506bec3#file-github-app-jwt-sh

https://github.com/golang-jwt/jwt
is a JWT lib that is often in use by many (in fact, I dont know any other jwt libs)

The generated token should only be valid as long as you need to access the API (seconds, not days), so I'd say it should be valid for a few minutes. Ideally, middleware should be written so that GitHub transport can check/generate a new token on the fly.

@KyriosGN0
Copy link
Contributor Author

@Greyeye do you think its best to to just check in the clone function if the repo is private?
that would mean extending the repo struct to be aware of this property ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Greyeye @KyriosGN0