I am currently trying out Netlify function and using Netlify-cli to setup the CD. In the authorizing options, I picked the GitHub Personal Access Token and I want to know if the Full control of private repositories scope will include the private repos in the organization that I am apart of as I don't want it to access the repos in the organization.
Asked
Active
Viewed 1,133 times
1
H.Le
- 33
- 4
1 Answers
0
The scope has a few implications and you should probably look at a user specific role for setting up access tokens without giving access to a user (yourself) as the owner of the org repositories you have.
Create a (machine) user that has access to only the one repository or repositories (private) that would limit the access to these repositories or an organization repository. Since private tokens have read/write access this is a prudent approach to making sure you're limiting access to other repositories using the token.
If at a later time this changes on Github, this will no longer be needed. It is the approach I have used to limit my exposure to a leaked token or access.
talves
- 13,993
- 5
- 40
- 63
-
So what you are suggesting me is to create a new account, give that account the access to write and read that 1 private repo in my account. Then give access to my new account to netlify, and in that way, netlify would only have access to that 1 specific private repo. Hope I understand that correctly. – H.Le Jun 10 '21 at 04:37