I have been added to my organization, now I am part of the organization in github and have access to a private repo. I am not able to clone the repo in my eclipse as I understood that we need a PAT token to access a private repo, but how do I create PAT for the organization. However I know how to create PAT for my own account, but only if I have PAT token for my organization I can clone the repo in my local.
PAT token allows you also access to all the organization you have access to. But it seem some clients only show personal project. In Xcode I was able to work around this by pasting the repo URL into the search field.
Related
I recently imported a project from Github to Gitlab (Uni Owned) and I had to put my Github PAT in when importing. Now every-time I select New Project -> Import Project From Github I'm immediately taken to the list of projects on the Github account corresponding to the PAT I put in earlier.
Is there a way I can remove the Github PAT I initially put in so I'm taken to the "Provide your Github PAT" screen instead?
Thanks!
According to the documentation,
To use a newer personal access token in imports [...], sign out of your GitLab account and sign in again, or revoke the older personal access token in GitHub.
I'm running Github actions workflow in a private repo, and it pushes changes in a public repo. I'm providing my GitHub token in the private repo for the workflow github actions. Will my token leak in my public repo .git?
Can somebody clarify this? I'm don't have knowledge of security things :(
The Automatic token authentication page uses a GITHUB_TOKEN secret, which should, as its name suggests, remains... a secret.
At the start of each workflow run, GitHub automatically creates a unique GITHUB_TOKEN secret to use in your workflow.
You can use the GITHUB_TOKEN to authenticate in a workflow run.
The GITHUB_TOKEN secret is a GitHub App installation access token.
You can use the installation access token to authenticate on behalf of the GitHub App installed on your repository.
The token's permissions are limited to the repository that contains your workflow.
So you should not need to use your own GitHub token, only the one generated by GitHub Action.
I want to use Travis CI for personal projects, I would like to know if it is possible to prevent Travis CI to have access to an organization as a member and not an administrator.
If you have a Github account for yourself it is a personal account. That account can be a member or owner of any number of Github organizations.
If you are just trying to add Travis CI so that it has access to your personal repositories but not to the organizations you administer, you can do so easily.
When you sign in to the Travis CI website with your personal Github account for the first time, it asks you to "authorize Travis CI":
This page has an "organizations and teams" section that defaults to read-only (it can see what repositories etc your orgs have but cannot take any actions on them)
This page also has an "Organization Access" section at the bottom with a list of each Github organization you are a member of. As long as you do not click "request" or "grant" on any of those, your orgs will not yield any control to Travis CI.
I'm looking at connecting my GitHub account in the version control section of PhpStorm. The JetBrains guide suggests using a personal token but as I'm new to personal tokens in GitHub I'm unsure when creating the personal token what scopes I should be selecting so that it can work but doesn't have to much access.
Can someone please let me know which options I should be selecting and why?
All help is greatly appreciated!
You can read about the scopes in "About scopes for OAuth Apps".
In your case, as described in "Pushing to remote Git repository from a build"
The scope needed is public_repo for a public repository or repo for a private repository.
public_repo
Grants read/write access to code, commit statuses, collaborators, and deployment statuses for public repositories and organizations. Also required for starring public repositories.
repo
Grants read/write access to code, commit statuses, invitations, collaborators, adding team memberships, and deployment statuses for public and private repositories and organizations.
I wrote the tool which use the one github repo as a cloud storage.
I need to give the write (push) access for this tool to one github repo, but I do not want to use the github user credentials (user name and password), because anyone can use it to logon to github and change the credentials or delete the repo.
You can generate an OAuth authorization for your specific app.
See an example here: it supposed you have registered you app in your account.