Add the ability to audit installed GitHub apps

Question

Add the ability to audit installed GitHub apps

Opened this issue 4 years ago · 0 comments

We need the ability to verify that certain applications are installed and configured at the org level. For example, ensuring that Codecov or WhiteSource is installed, and stays installed.

I think this would be best handled with an array of tables, similar to [[teams]]. That way we can more easily lay out any configuration specific to that application. So an example might look something like:

[[applications]]
target_type = "Organization"
target_id = 1234  # This is the "database id" of the org
app_id = "5678"  # The "database id" of the app
app_slug = "foo-bar"

[applications.permissions]
deployments = "write"
metadata = "read"
pull_requests = "read"
statuses = "read"

Note that I cannot find anything for this in the GraphQL API yet, so it looks like this one will have to operate on the REST API.
https://docs.github.com/en/rest/reference/orgs#list-app-installations-for-an-organization