Support GitHub App Tokens in GEI CLI for Secure and Scalable Repository Migration #1420
Description
Currently, the GEI CLI requires Personal Access Tokens (PATs) for both source and target GitHub organizations during repository migration. While functional, this approach has limitations in terms of security, scalability, and rate limits.
I would like to request support for GitHub App tokens in GEI CLI as an alternative to PATs. GitHub Apps offer:
- ✅ Granular permissions scoped to specific repositories or organizations
- ✅ Higher rate limits (15,000 requests/hour vs. 5,000 for PATs)
- ✅ Improved security and auditability
- ✅ Better automation for enterprise workflows
This feature would be especially useful for organizations performing large-scale migrations or integrating GEI CLI into secure CI/CD pipelines.
Suggested Implementation:
- Allow users to pass a GitHub App token via a new environment variable (e.g.,
GH_APP_TOKEN) - Add support for App token authentication in both source and target contexts
- Ensure compatibility with existing migration flags and workflows
Use Case:
I am currently using a hybrid migration script that validates and creates repositories using GitHub App tokens, but I must fall back to PATs for the actual migration step. This breaks consistency and introduces unnecessary token management overhead.
Supporting GitHub App tokens would streamline the process and align with GitHub’s modern authentication practices.