tractus-x: Could we get a kind of "org read-only" GitHub API token, that is provided as organisation secrets in ETX GitHub Org
Summary
Our Goal is to have a possebility to deploy our https://eclipse-tractusx.github.io/sig-release/ board on regulary base, like a nightly run.
Question is could we get a kind of "org owner read-only" GitHub API token, that is provided as secret for us to use within our organisation secrets?
Steps to reproduce
In our sig-release repository there is a workflow https://github.com/eclipse-tractusx/sig-release/blob/main/.github/workflows/build-and-deploy-dashboard.yaml
you can checkout, which need an GitHub API Token to get the repository information for our HTML Page to represent and check the relevant information within the repositories for TRG validation.
What is the current behavior?
We use our own API Token to get the public repostories to check.
What is the expected correct behavior?
Use a generally available Token like mentioned before "read-only" repos that can be used in our workflow to validate the information within the repositories.
Relevant logs and/or screenshots
Tested this out with a private API-Token that has only the shown permission, and worked like a charm. Because it only checkouts the public available repo's and validates it on runner level with our little go-application. https://github.com/eclipse-tractusx/sig-release/tree/main/trg-checks-dashboard
Priority
-
Urgent -
High -
Medium -
Low
Severity
-
Blocker -
Major -
Normal -
Low
Impact
We can get regually updates on repo changes form the dev-teams and validate them quicker against our TRG 's within our nightly deployed Dashboard.
@sigi @sebastianbezold @carslen @almadigabor @tomaszbarwicki @hzierer Please give a thumbs up for legitimacy
Thanks in advance.
Fabian