You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm trying to get a github runner to update a secret in a github workflow, but I can't figure out what scopes it needs to do so. I've tried searching online, and the API docs and general results all make reference to using PATs, which I want to avoid as tying runner credentials to my personal user seems like a bad practice.
I think this page would greatly benefit from a list of API endpoint groups that are accessible for each scope (or the API docs could be updated to include required GITHUB_TOKEN scopes). This isn't the first time the difference in scopes between PATs and GITHUB_TOKEN have caused issues and I feel that scopes such as "checks" and "contents" don't help much in the way of determining what I'm granting access to.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi,
I'm trying to get a github runner to update a secret in a github workflow, but I can't figure out what scopes it needs to do so. I've tried searching online, and the API docs and general results all make reference to using PATs, which I want to avoid as tying runner credentials to my personal user seems like a bad practice.
I think this page would greatly benefit from a list of API endpoint groups that are accessible for each scope (or the API docs could be updated to include required GITHUB_TOKEN scopes). This isn't the first time the difference in scopes between PATs and GITHUB_TOKEN have caused issues and I feel that scopes such as "checks" and "contents" don't help much in the way of determining what I'm granting access to.
Any help would be appreciated.
Beta Was this translation helpful? Give feedback.
All reactions