I would like to use the GitHub GraphQL API to fetch a list of accounts that have control of a given public repo.
This would include anyone who can:
Make commits
Approve pull requests
Create releases
Administrate the repo
etc.
Is this possible using the GraphQL API? And if so, what would the query be?
This isn't possible in the general case. There's the concept of secret teams where the users aren't publicly visible, and those teams can have access to repositories. The REST API endpoints don't allow you to query the team list of an arbitrary public repository, so the GraphQL endpoints won't allow that, either.
Related
I am trying to list a user's private github repositories via a github app.
(Note: I am not currently using OAuth, and I am looking for a user's repositories, not an org's.)
I am attempting to make this API call with an installation client, that is, using a client specific to an installation of an app and using a JWT with my private key.
This is the endpoint I am requesting:
https://api.github.com/user/repos?per_page=100&visibility=private
This yields the following response:
{
"message":"Resource not accessible by integration",
"documentation_url":"https://docs.github.com/rest/reference/repos#list-repositories-for-the-authenticated-user"
}
The /user/repos not listed in the list of valid app endpoints so I'm not surprised this doesn't work.
Once a user installs my app, how can I list their private repos?
The way to do this is by calling the /installation/repositories endpoint. An "installation" might have access to many repos across many users, and this endpoint will encompass them all.
This endpoint is documented here: https://docs.github.com/en/rest/reference/apps#list-repositories-accessible-to-the-app-installation
We're building a microservice to interact with Github REST API to read repository information within our organization. At the moment, we use individual user id and personal access token (created for the user id) to access the remote api programmatically.
Our requirement is to have a service account to access the api that has read privileges and no coupling with any individual. I was looking at Github Apps to perform the integration but it seem a bit complicated for our purpose as it focuses on making changes and handling events. We only need to read the repositories and collect information such as pull requests, commits etc. done on those repositories.
Are there any other simpler ways to achieve this?
Much has been written about the benefits of the GitHub GraphQL API. And this is a really great technology. The only thing I can't figure out is in what situations is it still better to use the good old REST API v3?
Github GraphQL API is subject to the following caveats:
GraphQL API can only be accessed using authentication. You need a token to use this API. Thus, you can't use GraphQL in an environment where you can't secure the provisioning of this token. For example, in a web app without github authentication. This is a big caveat, especially for people who want to create web app or scripts that target only public repository informations.
Searching commits and code using the search API is not possible in Github Graphql. Only searching repos, issues and users are supported (for the search API)
some features like comparing commits and getting contributors are not possible yet in Graphql. Another example: you can't recursively get a tree using GraphQL API
some mutations already available in v3 may not yet have been implemented in GraphQL (create commit, create tag, create branch etc...), checkout mutations documentation
We have an web application, which lets the user write code and store it in an internal git repository on our server.
Now we wanted to allow the user to share his code with his github repository. So we looked through the api documentation of github and found a way via ouath2.
However to make this work, we need to request write access from the user, but github oauth access scopes only include write access to all repository of an user, which is way too much for us.
Is it possible to restrict an api access for only one specific repository of an user?
As per jasonrudolph comment, it is not currently possible to restrict API access to a specific repository.
Deploy keys are the closest thing that provides this type of functionality. (This won't help you from an API perspective, but a deploy key might meet your underlying need.) If your application were to generate an public/private SSH keypair, and the user were to add the public key as a deploy key in the repository, then you could use the private key to access just that one repository (without having access to the user's other repositories).
I'm working on an app that creates private Github repositories (among other things). Every once in a while, we are over quota with our private repos.
I'd like to know how many repositories we have left before making the API call that will fail.
Can that be done, using the Github API? I couldn't find anything in the documentation, but that's doesn't mean it's not possible :)
awendt, I'm not quite familiar with private quotas, but authenticated users receive a Plan object when the API returns the call to /user. This will tell you what plan you have and will tell you how many private_repos you're allowed. With that information and the information from /user which tells you how many private repos you currently have, you should be able to figure it out.
Then again, you could use github3.py and you'd have the User object, with the plan attribute and could use those two together as described above.
Disclaimer I'm github3.py's author.