I have written a GitHub app that requests permissions for all repository contents.
The app basically reads a spec file that I created in order to do some custom logic.
The spec file can be located in any folder that the installer wants and therefore I ask for the elevated permissions.
For security reasons, I need the Github App to only have permissions to the specific file and not the entire repository contents.
Let's say I have 2 installations:
Installation one will request permissions just to
some/path/to/folder/service.ymlInstallation two will request permissions just to
service.yml
I couldn't find any way to do so, not in the api of the installer, and not at the GitHub app level.
I thought about some workarounds using symlinks but it does not satisfy the requirement.
