Investigate migrating away from classic PATs in GH sync
Github is pushing more towards fine-grained tokens over classic access tokens, along with other options that are more secure with shorter-lived tokens. One other way that we could accomplish this would be to move to a Github App instead of using an owner's personal access token. This would give us short-lived tokens and would help resolve the rate-limiting issues in the sync operation.
| Sol'n | Pros | Cons |
|---|---|---|
| Fine-grained Token | Easier to implement, next to no code | Needs manual intervention to renew the token, needs validation that all endpoints are supported |
| Github App | Alleviates issues with rate limits, no renewal period for token | Significantly work to implement |
@cguindon any preference on this? I threw in the GH App as that would functionally do the same thing as we'd no longer be using a PAT and we'd be able to access resources more naturally through installations, and there are plans in the work to do it eventually.