GitHub Concepts: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 30: Line 30:


{{External|[https://help.github.com/en/articles/enabling-required-reviews-for-pull-requests Required Reviews for Pull Requests]}}
{{External|[https://help.github.com/en/articles/enabling-required-reviews-for-pull-requests Required Reviews for Pull Requests]}}
Also see: {{Internal|GitHub_Procedures#Pull_Request_Procedures|Pull Request Procedures}}


=Code Owners=
=Code Owners=

Revision as of 22:11, 5 August 2019

Internal

Webhooks

https://developer.github.com/webhooks/

A webhook is a mechanism that triggers a HTTP POST invocation into the webhook's external URL, every time a specific event occurs.

A webhook can be installed on an organization or on a specific repository. Once installed, it will be triggered each time one or more subscribed events happen in that organization/repository.

Can be set via UI: Repository -> Settings -> Options: Webhooks.

Webhook Secret

Used by OpenShift for its S2I build strategy.

Pull-Request

https://help.github.com/en/articles/creating-a-pull-request

Usually, a pull request is initiated from a feature branch and indicates the intent to merge with the develop branch. It is possible to initiate pull requests from a previously cloned repository as well.

The pull requests have to be reviewed, approved and explicitly applied by the owner of the parent repository.

Also see Git cloning.

Required Reviews for Pull Requests

Required Reviews for Pull Requests

Also see:

Pull Request Procedures

Code Owners

Code Owners

Protected Branch

Security

Personal Access Token

https://help.github.com/en/articles/creating-a-personal-access-token-for-the-command-line

A personal access token is a piece of information that more here... . GitHub grants access to whoever makes a HTTPS invocation and presents this token: it function like an ordinary OAuth access token. It also can be used instead of a password for Git over HTTPS, or can be used to authenticate to the API over Basic Authentication. Git API access is allowed in presence of the tocken. A personal access token is similar to a password, in that they should be protected carefully. They are usually though placed in scripts, when building automated CI/CD pipelines. The advantage of using a token instead of a password is that the tokens can be revoked, can be proactively rotated, and then a lot of them can be created.

The list of already generated tokens can be obtained at https://github.com/settings/tokens (account -> Settings -> Developer settings -> Personal access tokens.

Operations:

Create a Personal Access Token for Command Line

GitHub App

OAuth Support

https://developer.github.com/v3/oauth_authorizations

GitHub's OAuth implementation supports the standard authorization code grant type (https://tools.ietf.org/html/rfc6749#section-4.1).

OAuth Token

https://help.github.com/en/articles/git-automation-with-oauth-tokens

OAuth App

https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/