Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement a simple ActionsUser permission check in package api #24554

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Implement a simple ActionsUser permission check in package api #24554

wants to merge 1 commit into from
+33 −8

Conversation

js6pak
Copy link
Contributor

@js6pak js6pak commented May 5, 2023

Grant access to packages of the organization an actions task is running on.

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label May 5, 2023
@pull-request-size pull-request-size bot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label May 5, 2023
@lunny lunny added the type/enhancement An improvement of existing functionality label May 6, 2023
@lunny lunny added this to the 1.20.0 milestone May 6, 2023
@wolfogre
Copy link
Member

wolfogre commented May 6, 2023
edited
Loading

Wait, I think we've talked about this before: #23729 (comment)

Since packages belong to the organization level and actions tasks belong to the repo level, it's unsafe to grant access.

My opitions are:

  • Allow actions bot user read public packapes only by default.
  • Provide settings to allow it read/write to public/private packages in the feature.
  • Before that, it's recommended to use an access token as secret to visit private packages.

@wolfogre wolfogre removed this from the 1.20.0 milestone May 6, 2023
@wolfogre wolfogre added the topic/gitea-actions related to the actions of Gitea label May 6, 2023
@wolfogre wolfogre mentioned this pull request May 10, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. topic/gitea-actions related to the actions of Gitea type/enhancement An improvement of existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@js6pak @wolfogre @lunny @GiteaBot