Render's broad GitHub permissions

cakoose · July 2, 2021, 10:40pm

We use Render for a few private repos in our work GitHub org.

When I look at my org’s Settings → Installed GitHub Apps → Render, I see:

Read access to administration, code, members, metadata, organization hooks, and vulnerability alerts
Read and write access to actions, checks, commit statuses, deployments, environments, issues, pull requests, repository hooks, and workflows

Can I reduce the scope for features I’m not using? For example, can I remove write access to everything? And remove read access to org hooks, vulnerability alerts, actions, etc?

Jade_Paoletta · July 6, 2021, 8:59pm

Hi @cakoose, at the moment, we don’t support modifying the Github permission scope on an ad-hoc basis. However, you are welcome to submit your feedback as a feature request so that it can be considered for future product iterations.

rminderhoud · September 19, 2021, 2:21am

Yes, the same applies for Gitlab. As a workaround I plan to create a dedicated user per-service so that each service connection only has access to the one repo I need it to have access to. I control the permissions for that service indirectly by controlling permissions on the user. It’s an ugly workaround.

Topic		Replies	Views
Problem with Github permissions	3	312	January 29, 2023
Render can not access repo	2	3259	January 13, 2022
Can't find my Github repos on render	2	1005	July 5, 2024
Issue deploying from organization gitgub repo	2	198	March 22, 2024
GitHub Permissions Update Announcements	0	655	February 3, 2021

Render's broad GitHub permissions

Related topics