Add new access token permission limited to tag creation/push

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • None
    • Component/s: Access Keys
    • None
    • 0

      As we start to support NIST's Secure Software Development Framework, source code provenance is a significant feature.  Having a build account usually means more than one person knows the credentials, which means you don't have provenance to an individual who has committed code when a generic build account is used. Therefore, we'd like our build accounts to NOT be able to write commits to the repo, but we would like to be able to create a tag and push it as part of our build process.  Generally, more finer-grained (scoped) permissions would be appreciated.

              Assignee:
              Unassigned
              Reporter:
              Keith Hill
              Votes:
              5 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: