Problem Statement
Currently the service will load on single GitHub App to handle the token creation and this cause limitation.
In certain specific contexts, it will be required to have a GitHub App with 'minimal' permission to ensure the users are not overreaching what the GitHub App should be able to do.
This should also allow less stress on the rate limit that are define per GitHub App.
Proposed Solution
Define multiple applications to be loaded with different name.
Where we could have .github/sts/github_app_1/identity_x.sts.yaml and .github/sts/github_app_2/identity_x.sts.yaml .
This would require to make an evolution of the metrics also to have metrics base on the application identification also.
Alternatives Considered
No response
Priority
Low - Nice to have
Additional Context
No response
Problem Statement
Currently the service will load on single GitHub App to handle the token creation and this cause limitation.
In certain specific contexts, it will be required to have a GitHub App with 'minimal' permission to ensure the users are not overreaching what the GitHub App should be able to do.
This should also allow less stress on the rate limit that are define per GitHub App.
Proposed Solution
Define multiple applications to be loaded with different name.
Where we could have
.github/sts/github_app_1/identity_x.sts.yamland.github/sts/github_app_2/identity_x.sts.yaml.This would require to make an evolution of the metrics also to have metrics base on the application identification also.
Alternatives Considered
No response
Priority
Low - Nice to have
Additional Context
No response