I'm building a Google Spreadsheet app where Google app script will commit the generated files into a git repository. Access is using an OAuth app, client id and secret.
Committing files to repo that I own works fine, but when I try to commit and push files to a repository I created under an organisation, it seems like the repo isn't there.
Error: {"message":"Not Found","documentation_url":"https://docs.github.com/rest/reference/git#create-a-blob"}
Looking at both, the only difference between them is the URL used to access the API.
The one that works: https://api.github.com/repos/[my username]/[repo name]/git/blobs
Not working: https://api.github.com/repos/[org name]/[repo name]/git/blobs
Is there a separate API for dealing with organisation repo? I even created a public repo to test and it wouldnt work.
Found the solution.
The OAuth app access was denied as it was created with my account. Create the OAuth app with the organisation account instead.
Related
I am very new to the Github app concept. I already created a Github app and installed it in one of my repository. By using octokit library and installation token of the Github app I can create an issue on the repository. However, I can create a pull request via this Github app's installation access token. Github app only can create issues or just subscribe the events. Do you have any idea how can achieve it.
# github app
#client = Octokit::Client.new(:access_token => "installation access token")
response = #client.create_pull_request(repo, base_branch, "test_branch", pr_title, pr_body)
Getting this response:
403 - Resource not accessible by integration // See: https://docs.github.com/rest/reference/pulls#create-a-pull-request (Octokit::Forbidden)
I created a Github app and tried to create automatic pull requests without using a Github user.
A user installed my github app for his personal account (not organization). My github app has read & write administration permissions.
When I perform the request (I use go-github sdk) I get the following error:
POST https://api.github.com/user/repos: 403 Resource not accessible by integration []
There are two different endpoints for creating repositories in organization and for user. Endpoint for creating user repos is the POST method /user/repos. When I look github official documentation on github app permissions it doesn't actually list POST method for user/repos. So it's not clear how to create user repos via github app, if possible at all.
I got a response from github support. This behaviour is expected. To create new repos under a user you have to use user-to-server token (oauth2 token). It can be acquired during installation if you enable option "Request user authorization (OAuth) during installation" in your github app. This way user not only install your github app but also will authorize your github app.
What is the difference between a GitHub App and the REST API for GitHub? Why would you need a GitHub App if you can just use the REST API, without setting any environment up?
The REST API should just be a collection of endpoints that accept a POST along with access tokens. But the GitHub App requires cloning an entire repo written in Ruby, that has nothing to do with my app.
I am not looking for users to integrate with my repo, I want them to be able to connect their own repo to the application.
But the GitHub App requires cloning an entire repo written in Ruby, that has nothing to do with my app.
I don't believe this is true.
GitHub Apps make the process of integrating 3rd party tools into your GitHub repositories smoother.
GitHub Apps are installed by organizations and granted access to specific repositories via GitHub. For example, CodeClimate is a tool which performs checks on pull requests. Rather than granting them OAuth access to my repositories, I can install the CodeClimate GitHub App on my organization and configure which repositories they have access to. I can see all the apps installed and what their permissions are.
Note that "installing" a GitHub App does not install any code. "Installing" gives the app permissions for the service to access your organization and repos. A GitHub App is a wrapper around an existing service.
If you want users to connect their repos to your application, consider a GitHub App.
This is covered in About apps.
An OAuth App acts as a GitHub user, whereas a GitHub App uses its own identity when installed on an organization or on repositories within an organization.
GitHub Apps are the officially recommended way to integrate with GitHub because they offer much more granular permissions to access data, but GitHub supports both OAuth Apps and GitHub Apps.
GitHub Apps are first-class actors within GitHub. A GitHub App acts on its own behalf, taking actions via the API directly using its own identity, which means you don't need to maintain a bot or service account as a separate user.
GitHub Apps can be installed directly on organizations and user accounts and granted access to specific repositories. They come with built-in webhooks and narrow, specific permissions. When you set up your GitHub App, you can select the repositories you want it to access. For example, you can set up an app called MyGitHub that writes issues in the octocat repository and only the octocat repository. To install a GitHub App, you must be an organization owner or have admin permissions in a repository.
GitHub Apps are applications that need to be hosted somewhere. For step-by-step instructions that cover servers and hosting, see "Building Your First GitHub App."
Differences between GitHub Apps and OAuth Apps has a complete breakdown.
I have a GitHub App set up to pull some data, authenticate with an installation token, and commit it to the associated repository every day. I would like this new data to be available on the GitHub Pages site for the repo which requires a GitHub Pages build. The GitHub App has read & write privs assigned on "Repository contents" and "Pages".
It appears that the daily commit is attempting to rebuild the page as in the repository's GitHub Pages settings after the daily commit I see:
Your site is having problems building: Page build failed.
An empty commit with my primary account (not the GitHub App) after a failed build triggers a successful rebuild as seen below.
October 23-25, 2018:
https://github.com/btouellette/HHHFreshBotRedux/commits/master
Nothing in the GitHub documentation about these generic build failures (https://help.github.com/articles/generic-jekyll-build-failures/) appears relevant as I am not using a deploy key, the primary account the GitHub App is installed on has a verified e-mail address, and I'm only pushing static files and not using Jekyll at all.
Since I'm already authenticating with the GitHub API to commit the file I attempted to utilize the API endpoint to manually request a page build (https://developer.github.com/v3/repos/pages/#request-a-page-build). The documentation says this endpoint is enabled for GitHub Apps but when I attempt to call it I get the response "Resource not accessible by integration".
Is there some way to address the build failures, to get the page build API endpoint working with the GitHub App, or to find another way to make new files available on the GitHub Pages site progammatically?
By using 'basic' authentication in octokit and providing explicit user and password I'm able to successfully request a pages build. The build endpoint is enabled for GitHub Apps but only for user-to-server requests where the app is acting as a user with user credentials.
Alternately I found that I can reference the raw content in the GitHub repository directly rather than using relative links from within the GitHub Pages site. This works but having the files in the pages build is better as they are served via CDN.
So by using full URLs like:
https://raw.githubusercontent.com/btouellette/HHHFreshBotRedux/master/docs/daily/20181025.json
Instead of relative URLs for the GitHub Pages site like:
"daily/20181025.json"
I'm able to grab files in Javascript that have not been added to the GitHub Pages build but have been made available in the repository and use them to build out the site dynamically.
I wrote the tool which use the one github repo as a cloud storage.
I need to give the write (push) access for this tool to one github repo, but I do not want to use the github user credentials (user name and password), because anyone can use it to logon to github and change the credentials or delete the repo.
You can generate an OAuth authorization for your specific app.
See an example here: it supposed you have registered you app in your account.