omitempty tag on InstallationAccessTokenOptions.Repositories masking functionality of GitHub API
#3106
Comments
|
According to the official docs:
so these fields are optional, hence the You didn't state what you are trying to do by providing it an empty array. Are you trying to remove access to all repositories? If so, I'm wondering if that might be a different endpoint, such as this one? If you are trying to do something else, then I need to warn you against removing So please clarify what you are trying to do, and if you would like to create a PR to address the issue. Thanks. |
|
So the documentation doesn't actually specify this behavior but basically you can have the endpoint return the list of all accessible repositories in the installation by specifying an empty array for the repositories parameter. It saved a round trip to the separate endpoint. Command with empty array curl -s "https://api.github.com/app/installations/$APP_INSTALL_ID/access_tokens" \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $APP_JWT" \
-H "X-GitHub-Api-Version: 2022-11-28" \
-d '{"repositories":[],"permissions":{"contents":"read"}}' Output {
"token": "<token>",
"expires_at": "2024-03-17T02:30:32Z",
"permissions": {
"contents": "read",
"metadata": "read"
},
"repositories": ["<all repos in installation...>"],
"repository_selection": "all"
}Command with null or no repositories curl -s "https://api.github.com/app/installations/$APP_INSTALL_ID/access_tokens" \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $APP_JWT" \
-H "X-GitHub-Api-Version: 2022-11-28" \
-d '{"repositories":null,"permissions":{"contents":"read"}}'
# OR
curl -s "https://api.github.com/app/installations/$APP_INSTALL_ID/access_tokens" \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $APP_JWT" \
-H "X-GitHub-Api-Version: 2022-11-28" \
-d '{"permissions":{"contents":"read"}}'Output {
"token": "<token>",
"expires_at": "2024-03-17T02:30:32Z",
"permissions": {
"contents": "read",
"metadata": "read"
},
"repository_selection": "all"
} |
|
Awesome... Thank you for the detailed example! Then I'm thinking we need to have a new, separate endpoint that handles this special case... with a name that makes the distinction clear. Do you want to write it, @gillisandrew ? |
|
Hello. If @gillisandrew doesn't want to take this I'd like to have a crack at it. Thanks! |
|
Thank you, @Matthew-Reidy ! It's yours. |
|
Hey all, I will begin working on this today but I just want to make sure I understand what the problem is here before I start. Basically passing an empty array of repositories as a parameter should return a list of all repos that are a part of an installation but the client discards empty arrays? |
Actually, I'm a bit confused now myself. The original description talks about a @gillisandrew - can you please clarify what your ask is here, and exactly which |
|
Oh, cool! TIL. Sorry, @gillisandrew - my bad... both are the OK, so @Matthew-Reidy - we need a new endpoint... Now the hard part - what should the name be? Maybe Now the easy part is that this new method will have an internal anonymous struct almost identical to RepositoryIDs []int64 `json:"repository_ids"`and this field will not be assigned a value. @gillisandrew - have I got all this right? |
|
Got it. If there are no objections I'll just move forward with CreateInstallationTokenListRepos as a name for the new endpoint function. If my week goes to plan hopefully I can get a PR in by Friday. |
|
Submitted a PR to fix this. |
When creating an app installation access token through the REST API (
POST /app/installations/{installation_id}/access_tokens), if therepositoriesparameter is set to an empty array, the API returns a list of all accessible repositories. However, the client currently strips empty arrays (omitempty) when marshaling theInstallationAccessTokenOptions.Repositoriesvalue making that functionality inaccessible through the client.go-github/github/apps.go
Lines 45 to 57 in 169ad4d
The text was updated successfully, but these errors were encountered: