Ce contenu n'est pas disponible dans la langue sélectionnée.
Chapter 1. Creating a GitHub application for RHTAP
Creating a GitHub application for RHTAP allows developers to authenticate to Red Hat Developer Hub, which is the user interface (UI) where they can use RHTAP. This GitHub application also allows RHTAP to access developer’s source code that is hosted on GitHub.
Keep in mind that you must create and install the new application in a GitHub organization that you own and want to use for your instance of Red Hat Trusted Application Pipeline. RHTAP can subsequently create new repositories within that organization, to serve as the source code for the applications it builds.
Prerequisites
- Ownership of a GitHub organization
Procedure
- Login to GitHub and go to your organizations (Settings > Organizations).
- Click on an organization that you own and want to use for this instance of RHTAP. Or you can select New organization to create a new organization.
- In the organization context, navigate to the GitHub Apps page (Settings > Developer settings > GitHub Apps).
- Near the top banner, on the right side of the page, select New GitHub App.
- If prompted, authenticate as needed.
- In the GitHub App name field, enter a unique name.
- In the Homepage URL field, enter a placeholder value, for example, https://www.placeholder.com.
- In the Callback URL field, enter a placeholder value. You can use the same placeholder value, for example, https://www.placeholder.com.
- In the Webhook URL field, enter a placeholder value. You can use the same placeholder value, for example, https://www.placeholder.com. Also, ensure that the Active checkbox is checked (GitHub should do this by default).
Create a new file on your local system, in which you save several values that you need for later steps in the installation process. When you enter values in this file, make sure to label them, so you can remember what each value is later on.
$ touch ~/install_values.txt
In your CLI, generate a secret, then label and save it in
~/install_values.txt
.If you do not have OpenSSL, you can follow the download instructions.
$ openssl rand -hex 20 >> ~/install_values.txt
ImportantBe sure to save the output of this command!
- In GitHub, in the Webook secret field, enter the output of the last command.
Under Repository permissions, set the following permissions:
- Administration: Read and write
- Checks: Read and write
- Contents: Read and write
- Issues: Read and write
- Metadata: Read-only (this should already be set correctly, but verify its value)
- Pull requests: Read and write
Under Organization permissions, set the following permissions:
- Members: Read-only
- Plan: Read-only
Under Subscribe to events, select the following subscriptions:
- Check run
- Check suite
- Commit comment
- Issue comment
- Pull request
- Push
- Under Where can this GitHub App be installed? select Any account.
- Click Create GitHub App. You should then see the Developer Settings page.
Retrieve the Client ID and Application ID. Label and save them in your
~install_values.txt
.ImportantThe next two steps explain how to gather a client secret and a private key. You must save the client secret and private key, and keep them accessible, to complete the installation process for RHTAP!
-
On your new application’s page, next to Client secrets, select Generate a new client secret. Label and save the client secret, in
~/install_values.txt
. -
On the same page in GitHub, under Private keys, select the Generate a private key button. Your system downloads a
private-key
file, which contains the private key. Label and save the content of the private key file in~/install_values.txt
. The private key should start with-----BEGIN RSA PRIVATE KEY-----
, and end with-----END RSA PRIVATE KEY-----
. - Still on the same page in GitHub, from the tabs on the left-hand side, select Install App.
- Use the green Install button next to the name of your organization.
- When prompted, select All repositories, so RHTAP can create new repositories in your organization. Click the green Install button.
Additional resources
- The procedure in this document is based on the Pipelines as Code documentation for creating a GitHub application.