-
Notifications
You must be signed in to change notification settings - Fork 482
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature: Managed Github App per org instead of github action per repo #4333
Comments
@jeffmendoza Is this something Allstar org-level configs could help with? If you happen to use Minder, they recently added support for provisioning Scorecard: https://github.com/stacklok/minder-rules-and-profiles/blob/main/rule-types/github/scorecard_enabled.yaml EDIT: I've filed a top-level tracking issue to formalize support for large-scale use cases: #4339 |
+1. This sounds like something up Allstar's alley. At least to enforce policies. I'm not sure about spitting out the raw scorecard results |
Is your feature request related to a problem? Please describe.
Without having to build my own app (as per docs):
Id like to setup openssf scorecards for the entire cloudposse org. To do this, I'll need to proliferate a github action per repo. There are over 500 repos. If this was an app, i could install the github app in the org, give it access to all the repos, without making a single code change.
Describe the solution you'd like
Org wide installation of a managed github app
Describe alternatives you've considered
Script to run scorecard as a scheduled cron using a PAT
Additional context
N/A
The text was updated successfully, but these errors were encountered: