API control for Repository Access for third party installed integrations


#1

Hi there, I’m not sure if this is the right place to post this question, but here it goes:

Scenario:

  • We have hundreds of private repositories in our organization,
  • Some of the content of some of those repositories is being handled by the Private Packagist (Composer private package manager) installed integration,
  • I have an automated process that creates private repositories, and it should be able to add those new repositories to the granular permissions list (so Private Packagist would see them and sync them), I’m talking about this section:

I don’t want to enable the access to All repositories because of security concerns and also it would be a complete mess.

So I would like to tell Github, via API, to add these newly created repositories to the permissions list, is this possible? can you point to the right direction?

Thanks a lot in advance!!!


#2

Found the answer :D,

the correct way of doing this would be:

curl -v -X PUT -H “Authorization: token YOURTOKEN” -H “Accept: application/vnd.github.machine-man-preview” https://api.github.com/installations/INSTALLATION_ID/repositories/REPO_ID

Easy peasy!