Comments (11)
hey @olifte! We need write to make webhooks. Do you have other suggestions?
from singularityhub.github.io.
We need write to make webhooks.
Thanks for the quick reply, that already helps me to understand why it's needed.
Though, that does not explain why write is needed also for the "personal user data" on github instead of for the repositories only.
Maybe another solution could be to document how the webhooks need to look like, and let the more cautious users set them up themselves?
Also, if I compare e.g. with travis-ci, here is the list of permissions they requested via oauth:
- Read org and team membership
- Access commit status
- Access deployment status
- Access user email addresses (read-only)
- Write repository hooks
i.e. no full repo access, only access to write repo hooks. That would be perfectly fine with me.
from singularityhub.github.io.
Thanks @olifre ! Yes I think we can definitely be more specific about permissions asked for - I'll be sure to test this out with the next version of Shub (it will be updated right after 2.3 release)
from singularityhub.github.io.
Yes I think we can definitely be more specific about permissions asked for - I'll be sure to test this out with the next version of Shub (it will be updated right after 2.3 release)
Perfect, many thanks!
Full access to account information (including "write" for the accounts mail address - which essentially allows impersonation) is really a no-go for organizations otherwise - and it would be sad to not be able to use singularity hub just due to not-specific permissions.
Please update this issue ticket once the permissions are more fine-grained, then I will certainly link my github to singularity hub and test it out (and recommend it to my colleagues).
from singularityhub.github.io.
will do!
from singularityhub.github.io.
This issue, when fixed, will also address #7
from singularityhub.github.io.
I'd like to second the requests made in this issue - it is unsettling to give over so much access.
from singularityhub.github.io.
just to update you guys - this will definitely be the case for the next version of Singularity Hub. I completely agree on all points.
from singularityhub.github.io.
hey @olifre ! How does this level of permissions look?
The webhooks and commits do not give code access, and the account information is also read only. Would this be suitable for your group?
from singularityhub.github.io.
hey @vsoch ! This looks significantly better, I believe that's acceptable.
Just to make sure, let's ping my colleague @wiene .
Does the last permission imply that Singularity Hub also provides feedback for commits integrated in Github, i.e. "container build worked"? That's a cool feature!
from singularityhub.github.io.
The commit status part may not even be necessary, likely being able to create (and then receive a webhook is sufficient) but I'm testing that one out to see what kind of cool stuff could be possible :)
from singularityhub.github.io.
Related Issues (20)
- Hanging on running for a build HOT 2
- Does singularityhub collection work with Gitlab? HOT 5
- Simple Error FATAL - Failed to get manifest HOT 1
- push
- run HOT 2
- no such file or directory HOT 2
- Cannot access collection settings page HOT 3
- Option to upload an existing .simg rather than rely on triggered builds? HOT 2
- Trying to debug a build HOT 6
- Error when pulling container HOT 2
- Cannot exec container from shub 403 Forbidden HOT 1
- Building is disabled HOT 4
- Get error that building is disabled HOT 3
- Trigger build gives "Building is disabled" HOT 4
- "Building is Disabled" even though it is enabled in Settings HOT 1
- Beep Boop, Error! on clicking settings HOT 2
- Clicking 'Trigger Build' displays message "Building is disabled" HOT 1
- Is singularityhub down HOT 3
- Data Removal Request HOT 2
- github webhook isnt working HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from singularityhub.github.io.