Access the email address of the installation owner?


#1

I’ve been developing a GitHub App bot, which seems to be working quite well. However, part of the bot function is determined by a configuration file which the user adds to their repository. If this is mis-configured, the bot fails silently!

I’d like to find a good way to report this error to the bot users.

Currently i can collect up the log information from my bot (which is running on AWS as a Lambda), however, I need some way to report this back to the installation owner.

I can find details regarding the repositories the installation has been enabled for, but not the details of the user that added the GitHub App in the first place.

Or, if this is not possible, does anyone else have a good idea about how to provide log-level details relating to bot configuration issues?


#2

The way I get the installer’s email is, upon receiving the installation created webhook, I make a GraphQL query to get the user’s object, which contains the email address (https://developer.github.com/v4/reference/object/user/) - the user’s login name is listed in sender.login in the webhook sent me by GitHub.

This however only works if the user has a publicly listed email.

Not sure if there’s a better way, but what I do is, if I can’t get the public email, is to ask the user before using my app (which in my case has its own interface, so it’s an ok tradeoff for me).


#3

Thanks for that - really interesting to see how you are tackling this.

One problem I have is that I want my bot to be very simple and stateless - which it currently is. It currently obtains all the data / state it requires from the initial webhook and API requests.

I might have to find some other way to report bot ‘errors’ to the person who created a given installation.


#4

There’s likely another way I don’t know about :slight_smile: - if so, I’d like to know it as well.

You might as well open an issue on the repo, if you have write permission access to the issues?


#5

This however only works if the user has a publicly listed email.

Agree with @flavioscopes on the approach for fetching an email, but this caveat is a good point. Also, if an installation is on an org, the contact would have to be one of the org admins. I’ll share this feedback with our product team to have some mechanism to share a contact email in the initial callback.


#6

Just thought I’d follow up on this one …

My use case is a GitHub bot that performs actions when pull requests are opened. I needed a way to report configuration issues to the person who added the GitHub App to their project, hence my original question around finding their email address.

I’ve taken a slightly different approach …

When my bot is invoked via a webhook, it creates a unique correlation key which is added to all log messages associated with that particular invocation. After the bot performs its various checks it uses the status API to report back to the PR. The status check allows you to add a description - I use this to link to a page that provides logging messages relating to the unique correlation key.

This approach allows me to provide logging to help people diagnose configuration issues without the need to maintain state regarding the installation. Also, it maintains privacy, people cannot view log messages (without guessing these unique keys), so works well for private repos too.

Hope that helps!


#7

Thanks for sharing your solution! Think it’ll be useful for others who are writing similar lightweight apps.