This message was deleted.

It should be possible to select the repositories the app should have access to, no default access to whole organization.

Thanks @stocky-salesmen-15167 - so you’d prefer to select the repos in GH’s UI to give permissions to, then select all of them or a subset in Infracost to enable the integration on, right?

Hmm...yes,maybe. Or I'm thinking of something like renovatebot: enabling repos for the app in GH UI, maybe get a PR with some infracost.yml (don't know if needed) ans after merge the integration is enabled?! Just thinking loud while sitting on my sofa 🛋️ 🙃

Love a good bit of sofa-based feedback 😄 The alternative flows could be: ## Option A: GitHub App 1. GH oauth dance, select All repos or a subset of repos in each org you want to give permissions to. This is all happening in GH’s UI. 2. Then in Infracost Cloud you see the repos that we’re permissioned to see, you can select repos to enable the integration on. 3. We parse HCL and if there are warnings (e.g. we need var files), we show you a link to docs so you can add infracost.yml to repo root and the integration automatically runs again on pushes. 4. PR comments are left automatically with

behavior=update

## Option B: OAuth App 1. GH oauth dance, you just enable an org. So there is no repo-selector in GH’s UI. 2. the rest of the steps are the same.

Option A for me because I already know that sharing the full org will be a no go for my company

@polite-engineer-31217 perfect! early feedback saves us rework later on 🙂

🅰️ please

thanks @polite-engineer-31217 & @stocky-salesmen-15167 for your feedback infraheart 💪

+1, GitHub App makes more sense to me given the Infracost app use case.

+1 Option A

Thanks for the quick feedback everyone! The winner was clear: we’re going with Option A

😄 It's later, but yes, Option A.