From 4fdc290ae9c34f83201dcde2164374e5487aa912 Mon Sep 17 00:00:00 2001 From: Hi120ki <12624257+hi120ki@users.noreply.github.com> Date: Wed, 21 Aug 2024 14:56:52 +0900 Subject: [PATCH 1/2] Add : Organization PAT installation In the article "[Organization APIs for fine-grained PATs management](https://github.blog/changelog/2023-03-24-organization-apis-for-fine-grained-pats-management/)", following new 2 permissions are added to GitHub Apps - organization_personal_access_tokens - organization_personal_access_token_requests These permissions are used for getting and updating GitHub Organization's Fine-grained PAT's lists, requests, revokes. [APIs of Organization permissions for "Personal access tokens"](https://docs.github.com/en/rest/authentication/permissions-required-for-github-apps?apiVersion=2022-11-28#organization-permissions-for-personal-access-tokens) [APIs of Organization permissions for "Personal access token requests"](https://docs.github.com/en/rest/authentication/permissions-required-for-github-apps?apiVersion=2022-11-28#organization-permissions-for-personal-access-token-requests) We can test these permissions following test codes, and successfully I got installation token from GitHub. ```go package main import ( "context" "log" "net/http" "github.com/bradleyfalzon/ghinstallation/v2" "github.com/google/go-github/v64/github" ) func main() { ctx := context.Background() tr := http.DefaultTransport itr, err := ghinstallation.NewAppsTransportKeyFromFile(tr, , ) if err != nil { log.Fatal(err) } client := github.NewClient(&http.Client{Transport: itr}) token, _, err := client.Apps.CreateInstallationToken( ctx, , &github.InstallationTokenOptions{ Permissions: &github.InstallationPermissions{ OrganizationPersonalAccessTokens: github.String("read"), OrganizationPersonalAccessTokenRequests: github.String("read"), }, }) if err != nil { log.Fatal(err) } log.Println(token.GetToken()) } ``` Signed-off-by: Hi120ki <12624257+hi120ki@users.noreply.github.com> --- github/apps.go | 82 +++++++++++++++++++++++---------------------- github/apps_test.go | 72 ++++++++++++++++++++------------------- 2 files changed, 80 insertions(+), 74 deletions(-) diff --git a/github/apps.go b/github/apps.go index 16ef758cbdd..2f74c2c2639 100644 --- a/github/apps.go +++ b/github/apps.go @@ -77,46 +77,48 @@ type InstallationTokenListRepoOptions struct { // https://docs.github.com/enterprise-server@3.0/rest/apps#create-an-installation-access-token-for-an-app // https://docs.github.com/rest/apps#create-an-installation-access-token-for-an-app type InstallationPermissions struct { - Actions *string `json:"actions,omitempty"` - ActionsVariables *string `json:"actions_variables,omitempty"` - Administration *string `json:"administration,omitempty"` - Blocking *string `json:"blocking,omitempty"` - Checks *string `json:"checks,omitempty"` - Contents *string `json:"contents,omitempty"` - ContentReferences *string `json:"content_references,omitempty"` - Deployments *string `json:"deployments,omitempty"` - Emails *string `json:"emails,omitempty"` - Environments *string `json:"environments,omitempty"` - Followers *string `json:"followers,omitempty"` - Issues *string `json:"issues,omitempty"` - Metadata *string `json:"metadata,omitempty"` - Members *string `json:"members,omitempty"` - OrganizationAdministration *string `json:"organization_administration,omitempty"` - OrganizationCustomProperties *string `json:"organization_custom_properties,omitempty"` - OrganizationCustomRoles *string `json:"organization_custom_roles,omitempty"` - OrganizationCustomOrgRoles *string `json:"organization_custom_org_roles,omitempty"` - OrganizationHooks *string `json:"organization_hooks,omitempty"` - OrganizationPackages *string `json:"organization_packages,omitempty"` - OrganizationPlan *string `json:"organization_plan,omitempty"` - OrganizationPreReceiveHooks *string `json:"organization_pre_receive_hooks,omitempty"` - OrganizationProjects *string `json:"organization_projects,omitempty"` - OrganizationSecrets *string `json:"organization_secrets,omitempty"` - OrganizationSelfHostedRunners *string `json:"organization_self_hosted_runners,omitempty"` - OrganizationUserBlocking *string `json:"organization_user_blocking,omitempty"` - Packages *string `json:"packages,omitempty"` - Pages *string `json:"pages,omitempty"` - PullRequests *string `json:"pull_requests,omitempty"` - RepositoryHooks *string `json:"repository_hooks,omitempty"` - RepositoryProjects *string `json:"repository_projects,omitempty"` - RepositoryPreReceiveHooks *string `json:"repository_pre_receive_hooks,omitempty"` - Secrets *string `json:"secrets,omitempty"` - SecretScanningAlerts *string `json:"secret_scanning_alerts,omitempty"` - SecurityEvents *string `json:"security_events,omitempty"` - SingleFile *string `json:"single_file,omitempty"` - Statuses *string `json:"statuses,omitempty"` - TeamDiscussions *string `json:"team_discussions,omitempty"` - VulnerabilityAlerts *string `json:"vulnerability_alerts,omitempty"` - Workflows *string `json:"workflows,omitempty"` + Actions *string `json:"actions,omitempty"` + ActionsVariables *string `json:"actions_variables,omitempty"` + Administration *string `json:"administration,omitempty"` + Blocking *string `json:"blocking,omitempty"` + Checks *string `json:"checks,omitempty"` + Contents *string `json:"contents,omitempty"` + ContentReferences *string `json:"content_references,omitempty"` + Deployments *string `json:"deployments,omitempty"` + Emails *string `json:"emails,omitempty"` + Environments *string `json:"environments,omitempty"` + Followers *string `json:"followers,omitempty"` + Issues *string `json:"issues,omitempty"` + Metadata *string `json:"metadata,omitempty"` + Members *string `json:"members,omitempty"` + OrganizationAdministration *string `json:"organization_administration,omitempty"` + OrganizationCustomProperties *string `json:"organization_custom_properties,omitempty"` + OrganizationCustomRoles *string `json:"organization_custom_roles,omitempty"` + OrganizationCustomOrgRoles *string `json:"organization_custom_org_roles,omitempty"` + OrganizationHooks *string `json:"organization_hooks,omitempty"` + OrganizationPackages *string `json:"organization_packages,omitempty"` + OrganizationPersonalAccessTokens *string `json:"organization_personal_access_tokens,omitempty"` + OrganizationPersonalAccessTokenRequests *string `json:"organization_personal_access_token_requests,omitempty"` + OrganizationPlan *string `json:"organization_plan,omitempty"` + OrganizationPreReceiveHooks *string `json:"organization_pre_receive_hooks,omitempty"` + OrganizationProjects *string `json:"organization_projects,omitempty"` + OrganizationSecrets *string `json:"organization_secrets,omitempty"` + OrganizationSelfHostedRunners *string `json:"organization_self_hosted_runners,omitempty"` + OrganizationUserBlocking *string `json:"organization_user_blocking,omitempty"` + Packages *string `json:"packages,omitempty"` + Pages *string `json:"pages,omitempty"` + PullRequests *string `json:"pull_requests,omitempty"` + RepositoryHooks *string `json:"repository_hooks,omitempty"` + RepositoryProjects *string `json:"repository_projects,omitempty"` + RepositoryPreReceiveHooks *string `json:"repository_pre_receive_hooks,omitempty"` + Secrets *string `json:"secrets,omitempty"` + SecretScanningAlerts *string `json:"secret_scanning_alerts,omitempty"` + SecurityEvents *string `json:"security_events,omitempty"` + SingleFile *string `json:"single_file,omitempty"` + Statuses *string `json:"statuses,omitempty"` + TeamDiscussions *string `json:"team_discussions,omitempty"` + VulnerabilityAlerts *string `json:"vulnerability_alerts,omitempty"` + Workflows *string `json:"workflows,omitempty"` } // InstallationRequest represents a pending GitHub App installation request. diff --git a/github/apps_test.go b/github/apps_test.go index bb060d7a052..aafc263dca0 100644 --- a/github/apps_test.go +++ b/github/apps_test.go @@ -149,6 +149,8 @@ func TestAppsService_ListInstallations(t *testing.T) { "organization_custom_roles": "write", "organization_hooks": "write", "organization_packages": "write", + "organization_personal_access_tokens": "read", + "organization_personal_access_token_requests": "read", "organization_plan": "read", "organization_pre_receive_hooks": "write", "organization_projects": "read", @@ -197,40 +199,42 @@ func TestAppsService_ListInstallations(t *testing.T) { SingleFileName: String("config.yml"), RepositorySelection: String("selected"), Permissions: &InstallationPermissions{ - Actions: String("read"), - Administration: String("read"), - Checks: String("read"), - Contents: String("read"), - ContentReferences: String("read"), - Deployments: String("read"), - Environments: String("read"), - Issues: String("write"), - Metadata: String("read"), - Members: String("read"), - OrganizationAdministration: String("write"), - OrganizationCustomRoles: String("write"), - OrganizationHooks: String("write"), - OrganizationPackages: String("write"), - OrganizationPlan: String("read"), - OrganizationPreReceiveHooks: String("write"), - OrganizationProjects: String("read"), - OrganizationSecrets: String("read"), - OrganizationSelfHostedRunners: String("read"), - OrganizationUserBlocking: String("write"), - Packages: String("read"), - Pages: String("read"), - PullRequests: String("write"), - RepositoryHooks: String("write"), - RepositoryProjects: String("read"), - RepositoryPreReceiveHooks: String("read"), - Secrets: String("read"), - SecretScanningAlerts: String("read"), - SecurityEvents: String("read"), - SingleFile: String("write"), - Statuses: String("write"), - TeamDiscussions: String("read"), - VulnerabilityAlerts: String("read"), - Workflows: String("write")}, + Actions: String("read"), + Administration: String("read"), + Checks: String("read"), + Contents: String("read"), + ContentReferences: String("read"), + Deployments: String("read"), + Environments: String("read"), + Issues: String("write"), + Metadata: String("read"), + Members: String("read"), + OrganizationAdministration: String("write"), + OrganizationCustomRoles: String("write"), + OrganizationHooks: String("write"), + OrganizationPackages: String("write"), + OrganizationPersonalAccessTokens: String("read"), + OrganizationPersonalAccessTokenRequests: String("read"), + OrganizationPlan: String("read"), + OrganizationPreReceiveHooks: String("write"), + OrganizationProjects: String("read"), + OrganizationSecrets: String("read"), + OrganizationSelfHostedRunners: String("read"), + OrganizationUserBlocking: String("write"), + Packages: String("read"), + Pages: String("read"), + PullRequests: String("write"), + RepositoryHooks: String("write"), + RepositoryProjects: String("read"), + RepositoryPreReceiveHooks: String("read"), + Secrets: String("read"), + SecretScanningAlerts: String("read"), + SecurityEvents: String("read"), + SingleFile: String("write"), + Statuses: String("write"), + TeamDiscussions: String("read"), + VulnerabilityAlerts: String("read"), + Workflows: String("write")}, Events: []string{"push", "pull_request"}, CreatedAt: &date, UpdatedAt: &date, From 255b0c1ceed150d6478f13fbd2cda7d008e095a4 Mon Sep 17 00:00:00 2001 From: Hi120ki <12624257+hi120ki@users.noreply.github.com> Date: Wed, 21 Aug 2024 23:23:06 +0900 Subject: [PATCH 2/2] Fix : run script/generate.sh to get updates on github-accessors files, and passed the test and lint I checked following commands are passed. ``` $ script/fmt.sh $ script/test.sh $ script/lint.sh ``` Signed-off-by: Hi120ki <12624257+hi120ki@users.noreply.github.com> --- github/github-accessors.go | 16 ++++++++++++++++ github/github-accessors_test.go | 20 ++++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/github/github-accessors.go b/github/github-accessors.go index 86d3b28613c..66e9c0baef2 100644 --- a/github/github-accessors.go +++ b/github/github-accessors.go @@ -9006,6 +9006,22 @@ func (i *InstallationPermissions) GetOrganizationPackages() string { return *i.OrganizationPackages } +// GetOrganizationPersonalAccessTokenRequests returns the OrganizationPersonalAccessTokenRequests field if it's non-nil, zero value otherwise. +func (i *InstallationPermissions) GetOrganizationPersonalAccessTokenRequests() string { + if i == nil || i.OrganizationPersonalAccessTokenRequests == nil { + return "" + } + return *i.OrganizationPersonalAccessTokenRequests +} + +// GetOrganizationPersonalAccessTokens returns the OrganizationPersonalAccessTokens field if it's non-nil, zero value otherwise. +func (i *InstallationPermissions) GetOrganizationPersonalAccessTokens() string { + if i == nil || i.OrganizationPersonalAccessTokens == nil { + return "" + } + return *i.OrganizationPersonalAccessTokens +} + // GetOrganizationPlan returns the OrganizationPlan field if it's non-nil, zero value otherwise. func (i *InstallationPermissions) GetOrganizationPlan() string { if i == nil || i.OrganizationPlan == nil { diff --git a/github/github-accessors_test.go b/github/github-accessors_test.go index 11d8a3bff42..dde2c80bcf4 100644 --- a/github/github-accessors_test.go +++ b/github/github-accessors_test.go @@ -10562,6 +10562,26 @@ func TestInstallationPermissions_GetOrganizationPackages(tt *testing.T) { i.GetOrganizationPackages() } +func TestInstallationPermissions_GetOrganizationPersonalAccessTokenRequests(tt *testing.T) { + var zeroValue string + i := &InstallationPermissions{OrganizationPersonalAccessTokenRequests: &zeroValue} + i.GetOrganizationPersonalAccessTokenRequests() + i = &InstallationPermissions{} + i.GetOrganizationPersonalAccessTokenRequests() + i = nil + i.GetOrganizationPersonalAccessTokenRequests() +} + +func TestInstallationPermissions_GetOrganizationPersonalAccessTokens(tt *testing.T) { + var zeroValue string + i := &InstallationPermissions{OrganizationPersonalAccessTokens: &zeroValue} + i.GetOrganizationPersonalAccessTokens() + i = &InstallationPermissions{} + i.GetOrganizationPersonalAccessTokens() + i = nil + i.GetOrganizationPersonalAccessTokens() +} + func TestInstallationPermissions_GetOrganizationPlan(tt *testing.T) { var zeroValue string i := &InstallationPermissions{OrganizationPlan: &zeroValue}