Use a bot account
arunsathiya opened this issue · 6 comments
Should stop using my personal account to submit PRs, and rather attribute them to a bot action:
Read and write access to administration, code, pull requests, and workflows - this permission is set so far, and seems to work okay for creating commits but not for creating the pull request itself. Unclear why so far.
Also worth noting that the commit (example arunsathiya/github-webhook-proxy@e8ba0a5, which may not exist in the future) itself does not seem to indicate the badge that this was authored by a bot. Unclear why.
Sounds a lot like the same issue that another person ran into in 2022:
https://github.com/orgs/community/discussions/39178#discussioncomment-8201269
But as noted on that comment, setting maintainer_can_modify to false doesn't seem to have any impact at the moment.
If you want to attribute app activity to the app instead of to a user, you should authenticate as an app installation instead. For more information, see "Authenticating as a GitHub App installation."
This part explains why the commit is attributed to the user account instead of the bot/app.
Authenticating as a GitHub app installation is the way to go. That correctly attributes the commit to the bot user: arunsathiya/github-webhook-proxy@0891431
| Homepage | Commit |
|---|---|
 |
 |
But PRs still fail:
Commit SHA for github-webhook-proxy: 08914318a30631d20addf0d144f5c805966c9f6c
2024/01/21 13:57:07 error preparing PR: POST https://api.github.com/repos/ExpediaGroup/github-webhook-proxy/pulls: 403 Resource not accessible by integration []Permissions okay though:
{
"token": "ghs_redacted",
"expires_at": "2024-01-21T22:51:37Z",
"permissions": {
"administration": "write",
"contents": "write",
"metadata": "read",
"pull_requests": "write",
"workflows": "write"
},
"repository_selection": "all"
}Need to wait for fine-grained tokens to support "public-but-owned" data:
https://github.com/orgs/community/discussions/36441#discussioncomment-7635050