Authorizing a single Github repo

Github OAuth doesn't allow single repo authorization right now. This is a guide to our current recommended workaround.

Problem

Most organisations have a lot of private repositories, for which different team members will have various access access (read & write) permissions. However, due to how Github OAuth works, when syncing your company's Github account to Kyso, you currently have to authorise access to all repositories belonging to the organisation. This is not ideal as companies don't want to authorise all repositories for a localised use-case, just to grant access to a single repo where their Kyso posts are hosted.

Solution

To grant limited access for a specific user to just the repositories on which posts to be imported to Kyso are hosted, our recommendation is to to create a new user and then add that user as an admin on that repository, such that when this user connects their Github account to Kyso, only repositories to which the new user has access can be synced.

Note that this new user needs to be an admin collaborator because Kyso creates a webhook in order to receive from Github when commits to the repo are made. Unfortunately Github doesn't allow for more narrow permission controls.

Walkthrough

  1. Create a new Github account, G-new-user.

  2. As an admin of the repository in question - the one where your posts are hosted & wish to import to Kyso - add this account as an admin collaborator:

    1. In the repository, click on Settings.

    2. Click on Collaborators and teams.

    3. At the bottom of this page, under Collaborators, input the new user's email or username - click Add Collaborator.

    4. The new user will have to accept the invite.

    5. Remember to give them Admin access.

  3. As K-new-user, back on Kyso, connect your Github account at https://kyso.io/github by clicking on the Reauthorise button in the top-right.

  4. The list of repositories generated will only be those that G-new-user has access (write permission) to.

  5. Click Connect to Kyso.

  6. You can now continue to use Github and Kyso as normal, adding the new account as a collaborator to other organisation Github repositories as needed.