Github App instead of OAuth?


#1

Hi,

I could be wrong, but I believe buildkite currently integrates with Github via OAuth.

It works well, but for organisations (like ours) that are keen to keep a close eye on what permissions are given to third parties, OAuth isn’t perfect. We can whitelist which OAuth apps can access our repositories, but we can’t see what permissions they request - that’s up to individual users to approve.

Github now offer “Github App” style integrations, and organisation admins can see:

  1. what permissions the app has requested
  2. what repositories the app can access

It’d be awesome if buildkite could switch to the App style integration, and make it easy for us to show off the remarkably minimal permissions you ask for.