Add support for GitHub App Manifest flow on Organization, not User

[fproulx-boostsecurity]

As described in GitHub's doc, the GitHub App Manifest flow can be executed against a user or an org (https://docs.github.com/en/apps/sharing-github-apps/registering-a-github-app-from-a-manifest#implementing-the-github-app-manifest-flow). Right now, this library only supports on a user, which is far from ideal, because it would mean that a CLI using this library would have a potential critical app be created on an end user GitHub user account. Typically GitHub Apps are for service accounts / privileged access and it does not make sense for an employee, who might leave to hold hostage the app config, potential rotating Private Key and gaining access to org he used to be part of.

Here, instead of https://github.com/settings/apps/new, we should have the option to set an org as the App Owner (i.e. https://github.com/organizations/ORGANIZATION/settings/apps/new)

go-github/scrape/apps.go

Line 138 in 5f496dd

u, err := c.baseURL.Parse("/settings/apps/new")

[gmlewis]

Thank you, @fproulx-boostsecurity. Would you like to create a PR or shall I open this up to other contributors to this repo?

[fproulx-boostsecurity]

@gmlewis better open the floor to others. I have other projects that keep me busy now. I noticed that OpenShift Pipelines as code was using this feature and it fell short because of that, but I hacked my way around it and overrode the URL using DevTools for today.

Would be nice for that to be addressed though so consumer of the lib would have better experience.

[gmlewis]

This would be a great PR for any new contributor to this repo or a new Go developer.
All contributions are greatly appreciated!

Feel free to volunteer for any issue and the issue can be assigned to you so that others don't attempt to duplicate the work.

Please check out our CONTRIBUTING.md guide to get started. (In particular, please remember to go generate ./... and don't use force-push to your PRs.)

Thank you!

[wenked]

Hi , im a new go developer and i would like to have a opportunity to work on this issue.

[gmlewis]

Thank you, @wenked - it is yours.

[fproulx-boostsecurity]

Awesome @wenked , looking forward to see the PR 👍