Finer grained permission for writing commit status #32625
Comments
ascandella
added
the
type/proposal
|
Do you mean something like
? |
Exactly. And probably a read:commit_status although I don't know of a great use for that without read:repository access (which would still be sufficient for reading commit statuses)... thoughts? |
|
Yup, the "read" permission for a commit status seems quite strange, no idea whether it should really be introduced (while it is also strange not introducing it .....) Overall I think your idea is pretty good (acceptable to me). The real challenge is that how to implement it (the token scope system is complex 🤣 ) |
|
Ok cool, I'll start digging into the code in the next few weeks and see what I can come up with. Thanks! |
|
For reference GitHub has a read-only commit statuses option: 
|
Feature Description
Currently, to generate a token that can create commit statuses via the API, it must have
write:repository. This is less than ideal from a security perspective, where I'd like to give a token to some automation tools that can write commit statuses but not write to the repository.An example of this is a deployment system. I use ArgoCD with my Gitea instance and I have the notifications controller set up to send commit statuses when applications are synced successfully or with an error. In this context I don't want to have a token anywhere that can write to my repository.
Proposal: create a new permissions for commit statuses (read, and read+write) and update the API to only require commit statuses privileges to read/write commit status. Additionally, for backwards compatibility and sanity leave the
repositorypermission as sufficient for commit statuses as well.If this idea is acceptable, I'd be happy to implement it myself.
Screenshots
No response
The text was updated successfully, but these errors were encountered: