GitHub Concepts: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 26: Line 26:


Also see [[Git_Concepts#Clone|Git cloning]].
Also see [[Git_Concepts#Clone|Git cloning]].
Also see: {{Internal|GitHub_Procedures#Pull_Request_Procedures|Pull Request Procedures}}


==Required Reviews for Pull Requests==
==Required Reviews for Pull Requests==

Revision as of 22:12, 5 August 2019

Internal

Webhooks

https://developer.github.com/webhooks/

A webhook is a mechanism that triggers a HTTP POST invocation into the webhook's external URL, every time a specific event occurs.

A webhook can be installed on an organization or on a specific repository. Once installed, it will be triggered each time one or more subscribed events happen in that organization/repository.

Can be set via UI: Repository -> Settings -> Options: Webhooks.

Webhook Secret

Used by OpenShift for its S2I build strategy.

Pull-Request

https://help.github.com/en/articles/creating-a-pull-request

Usually, a pull request is initiated from a feature branch and indicates the intent to merge with the develop branch. It is possible to initiate pull requests from a previously cloned repository as well.

The pull requests have to be reviewed, approved and explicitly applied by the owner of the parent repository.

Also see Git cloning.

Also see:

Pull Request Procedures

Required Reviews for Pull Requests

Required Reviews for Pull Requests

Code Owners

Code Owners

Protected Branch

Security

Personal Access Token

https://help.github.com/en/articles/creating-a-personal-access-token-for-the-command-line

A personal access token is a piece of information that more here... . GitHub grants access to whoever makes a HTTPS invocation and presents this token: it function like an ordinary OAuth access token. It also can be used instead of a password for Git over HTTPS, or can be used to authenticate to the API over Basic Authentication. Git API access is allowed in presence of the tocken. A personal access token is similar to a password, in that they should be protected carefully. They are usually though placed in scripts, when building automated CI/CD pipelines. The advantage of using a token instead of a password is that the tokens can be revoked, can be proactively rotated, and then a lot of them can be created.

The list of already generated tokens can be obtained at https://github.com/settings/tokens (account -> Settings -> Developer settings -> Personal access tokens.

Operations:

Create a Personal Access Token for Command Line

GitHub App

OAuth Support

https://developer.github.com/v3/oauth_authorizations

GitHub's OAuth implementation supports the standard authorization code grant type (https://tools.ietf.org/html/rfc6749#section-4.1).

OAuth Token

https://help.github.com/en/articles/git-automation-with-oauth-tokens

OAuth App

https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/