Skip to content

LSIF: allow auth via GITHUB_TOKEN from GitHub Actions

Administrator requested to merge lsif-auth-github-app-installation-token into master

Created by: chrismwendt

This allows LSIF upload authentication via the built-in GITHUB_TOKEN in GitHub actions, which eliminates one more manual step from uploading LSIF through a GitHub action.

Unfortunately, this also allows uploads from any GitHub app installed on the given repository, even ones with read-only access. I haven't found a way to determine that the given token is associated with GitHub Actions and not some other random GitHub App. I also haven't found a zero-impact way to determine that the given token has write access to the repository. @sqs Is this acceptable?

Merge request reports

Loading