Centralized whitelist #4
Comments
|
Yep this would be a great feature to add. The primary way we were talking about implementing this was as a check against membership in the organization that owns the repository. I'm not sure if the provided GITHUB_TOKEN has the scope necessary to hit the organization API to request membership details so it might depend on #3 and properly implementing a GitHub App for auth instead of using a PAT. |
|
It is super unclear if this can be done using the GITHUB_TOKEN that comes out of the box. According to the permission list the metadata endpoint is available which can read the list of members in the org. However the info for the list members endpoint indicates the requestor must be a member of the org to get non-public information. So if the requestor is the github action does that count? No idea. Gotta test. |
The new `allowOrganizationMembers` flag will automatically allow all users in the same organization as the repository. It will be as though all organization members are on the `whitelist`. If this is enabled for a repository not in an organization, an error will be thrown. This input parameter defaults to `false`. Tests and documentation have been updated. Fixes Roblox#4
The new `allowOrganizationMembers` flag will automatically allow all users in the same organization as the repository. It will be as though all organization members are on the `whitelist`. If this is enabled for a repository not in an organization, an error will be thrown. This input parameter defaults to `false`. Tests and documentation have been updated. Fixes #4
The new `allowOrganizationMembers` flag will automatically allow all users in the same organization as the repository. It will be as though all organization members are on the `whitelist`. If this is enabled for a repository not in an organization, an error will be thrown. This input parameter defaults to `false`. Tests and documentation have been updated. Fixes Roblox#4
The new `allowOrganizationMembers` flag will automatically allow all users in the same organization as the repository. It will be as though all organization members are on the `whitelist`. If this is enabled for a repository not in an organization, an error will be thrown. This input parameter defaults to `false`. Tests and documentation have been updated. Fixes #4
It requires some duplicated effort to maintain an employee whitelist across many repositories in the same organization.
It would be great to support pulling the contributor whitelist from a central repository, perhaps the same repository that contains who has signed the CLA.
The text was updated successfully, but these errors were encountered: