Tweet
Tweet

Slide 1

Slide 1 text

https://git.io/integrate-ghes

Slide 2

Slide 2 text

May 2019 GitHub Getting ready for the enterprise: Shipping GitHub Enterprise Server-compatible integrations

Slide 3

Slide 3 text

GitHub GitHub Satellite Workshop Day Welcome!

Slide 4

Slide 4 text

No content

Slide 5

Slide 5 text

GitHub GitHub Satellite Workshop Day Quick poll (1 of 3): Who has used the GitHub APIs before?

Slide 6

Slide 6 text

GitHub GitHub Satellite Workshop Day Quick poll (2 of 3): Who has built a GitHub integration?

Slide 7

Slide 7 text

GitHub GitHub Satellite Workshop Day Quick poll (3 of 3): Who knew there was a self- hosted version of GitHub.com?

Slide 8

Slide 8 text

GitHub GitHub Satellite Workshop Day Today: Getting ready for the Enterprise

Slide 9

Slide 9 text

https://github.com/enterprise

Slide 10

Slide 10 text

https://developer.github.com/program/

Slide 11

Slide 11 text

https://enterprise.github.com/releases

Slide 12

Slide 12 text

https://git.io/setting-up-ghes

Slide 13

Slide 13 text

https://aka.ms/ghes-on-azure

Slide 14

Slide 14 text

GitHub GitHub Satellite Workshop Day Comparisons

Slide 15

Slide 15 text

GitHub.com GitHub Enterprise Server Release cadence Multiple times per day Patches: ~every 2 weeks Features: ~every 3 months REST API https://api.github.com https://$GHE_HOST/api/v3 e.g. https://github.example.org/api/v3 GraphQL API https://api.github.com/graphql https://$GHE_HOST/api/graphql e.g. https://github.example.org/api/graphql OAuth 1. https://github.com/login/oauth/ authorize 2. https://github.com/login/oauth/ access_token 1. https://$GHE_HOST/login/oauth/ authorize e.g. https://github.example.org/login/oauth/authorize 2. https://$GHE_HOST/login/oauth/ access_token e.g. https://github.example.org/login/oauth/access_token Rate limiting Fixed set of rules Configurable set of rules, disabled by default

Slide 16

Slide 16 text

GitHub GitHub Satellite Workshop Day

Slide 17

Slide 17 text

GitHub Satellite Workshop Day GitHub curl --head https://$GHE_HOST/api/v3/zen HTTP/1.1 401 Unauthorized Server: GitHub.com Content-Type: application/json; charset=utf-8 Content-Length: 131 Status: 401 Unauthorized X-GitHub-Enterprise-Version: 2.16.8 Access-Control-Allow-Origin: * X-GitHub-Request-Id: 0d2b95cc-7993-4103- ac69-9700ae105b00 curl --head https://api.github.com/zen HTTP/1.1 200 OK Server: GitHub.com Content-Type: text/plain;charset=utf-8 Content-Length: 31 Status: 200 OK X-RateLimit-Limit: 60 X-RateLimit-Remaining: 57 X-RateLimit-Reset: 1558043863 Access-Control-Allow-Origin: * X-GitHub-Request-Id: E983:1139:D4C84D: 1BEA763:5CDDCEC7

Slide 18

Slide 18 text

GitHub GitHub Satellite Workshop Day Webhook Delivery Headers Comparisons

Slide 19

Slide 19 text

GitHub Satellite Workshop Day GitHub content-type: application/json User-Agent: GitHub-Hookshot/632ecda X-GitHub-Delivery: eb1face0-7ba6-11e9-9e4c-19bbe24720c6 X-GitHub-Enterprise-Host: 13.90.100.179 X-GitHub-Enterprise-Version: 2.16.8 X-GitHub-Event: issues X-Hub-Signature: sha1=4e08038209eec7ad47ba58b070bac1c79d0e 6614 content-type: application/json User-Agent: GitHub-Hookshot/ae20175 X-GitHub-Delivery: 8e4d9ef0-7ba6-11e9-9d1b-329bca45a219 X-GitHub-Event: issues X-Hub-Signature: sha1=959e30ada1020bfc63b6ff1e573fdcbe5283 6ec9 https://developer.github.com/webhooks/#delivery-headers

Slide 20

Slide 20 text

GitHub GitHub Satellite Workshop Day Diving in!

Slide 21

Slide 21 text

GitHub Satellite Workshop Day GitHub WIP: Our mission: Take an existing integration and make it compatible with GitHub Enterprise Server https://github.com/wip/app/ DO NOT MERGE – as a service.

Slide 22

Slide 22 text

https://github.com/microsoft/TypeScript/pull/30299/checks

Slide 23

Slide 23 text

No content

Slide 24

Slide 24 text

GitHub GitHub Satellite Workshop Day https://git.io/integrate-ghes Let’s do this!

Slide 25

Slide 25 text

No content

Slide 26

Slide 26 text

willkommen

Slide 27

Slide 27 text

GitHub GitHub Satellite Workshop Day

Slide 28

Slide 28 text

https://git.io/github-rest-api-availability-ghes

Slide 29

Slide 29 text

No content

Slide 30

Slide 30 text

No content

Slide 31

Slide 31 text

GitHub Satellite Workshop Day GitHub WIP: Our mission: Take an existing integration and make it compatible with GitHub Enterprise Server https://github.com/wip/app/ DO NOT MERGE – as a service. We did it!

Slide 32

Slide 32 text

GitHub GitHub Satellite Workshop Day Review

Slide 33

Slide 33 text

GitHub Satellite Workshop Day GitHub We stored configuration in the environment

Slide 34

Slide 34 text

GitHub Satellite Workshop Day GitHub We defined our app’s required properties in an app.yml

Slide 35

Slide 35 text

GitHub Satellite Workshop Day GitHub 1. Direct people to create specified app 2. GitHub redirects back to app with temporary code 3. Exchange temporary code for app credentials The App Manifest Flow https://git.io/github-app-manifest-flow

Slide 36

Slide 36 text

GitHub Satellite Workshop Day GitHub We modified our code to handle differences between GitHub.com and GitHub Enterprise Server

Slide 37

Slide 37 text

GitHub GitHub Satellite Workshop Day Shipping your integration

Slide 38

Slide 38 text

GitHub GitHub Satellite Workshop Day Inside the firewall Outside the firewall Two Options

Slide 39

Slide 39 text

GitHub Satellite Workshop Day GitHub Inside the firewall In this scenario, the customer will self-host a packaged instance of your integration

Slide 40

Slide 40 text

GitHub Satellite Workshop Day GitHub Disadvantages - less visibility into how app is performing - releases become more difficult - dependent on customer providing infrastructure and setting things up correctly Advantages - likely to be a better fit with customer’s security posture - no need to isolate data - packaging formats are freely available (e.g. Docker)

Slide 41

Slide 41 text

https://docs.docker.com/config/containers/multi-service_container/

Slide 42

Slide 42 text

https://docs.pullpanda.com/github-enterprise/server

Slide 43

Slide 43 text

GitHub Satellite Workshop Day GitHub In this scenario, you will continue to host your integration, but will need “special sauce” that allows communication through the firewall to the customer-hosted appliance Outside the firewall

Slide 44

Slide 44 text

GitHub Satellite Workshop Day GitHub Disadvantages - need to communicate “through the firewall” - need to partition customer data, e.g. by App ID - need to handle multiple keys, conflicting installation IDs Advantages - better visibility, monitoring of your app - control over infrastructure choices - control over release cadence

Slide 45

Slide 45 text

https://aka.ms/azure-hybrid-connections

Slide 46

Slide 46 text

https://github.com/integrations/slack/issues/565

Slide 47

Slide 47 text

GitHub GitHub Satellite Workshop Day Inside the firewall Outside the firewall So… Which is the better option?

Slide 48

Slide 48 text

GitHub GitHub Satellite Workshop Day Additional tooling, resources

Slide 49

Slide 49 text

https://developer.github.com/

Slide 50

Slide 50 text

https://developer.github.com/v3/libraries/

Slide 51

Slide 51 text

No content

Slide 52

Slide 52 text

No content

Slide 53

Slide 53 text

https://github.com/octokit/plugin-enterprise-compatibility.js

Slide 54

Slide 54 text

https://probot.github.io

Slide 55

Slide 55 text

https://github.com/swinton/github-rest-apis-for-insomnia

Slide 56

Slide 56 text

https://git.io/github-rest-api-availability-ghes

Slide 57

Slide 57 text

GitHub Satellite Workshop Day GitHub In sum • Sign up for GitHub Enterprise Server developer license • Strive for a single codebase • Store config in environment • Implement the manifest flow to ease setup • Use existing libraries, frameworks where possible • Consider deployment strategies based on needs of your integration Key takeaways

Slide 58

Slide 58 text

Questions? Concerns? Comments? Ideas? Get in touch: [email protected]

Slide 59

Slide 59 text

No content