Getting ready for the enterprise: Shipping GitHub Enterprise Server-compatible integrations

Transcript

1. https://git.io/integrate-ghes

2. May 2019 GitHub Getting ready for the enterprise: Shipping GitHub

   Enterprise Server-compatible integrations

3. GitHub GitHub Satellite Workshop Day Welcome!

4. None

5. GitHub GitHub Satellite Workshop Day Quick poll (1 of 3):

   Who has used the GitHub APIs before?

6. GitHub GitHub Satellite Workshop Day Quick poll (2 of 3):

   Who has built a GitHub integration?

7. GitHub GitHub Satellite Workshop Day Quick poll (3 of 3):

   Who knew there was a self- hosted version of GitHub.com?

8. GitHub GitHub Satellite Workshop Day Today: Getting ready for the

   Enterprise

9. https://github.com/enterprise

10. https://developer.github.com/program/

11. https://enterprise.github.com/releases

12. https://git.io/setting-up-ghes

13. https://aka.ms/ghes-on-azure

14. GitHub GitHub Satellite Workshop Day Comparisons

15. GitHub.com GitHub Enterprise Server Release cadence Multiple times per day

    Patches: ~every 2 weeks Features: ~every 3 months REST API https://api.github.com https://$GHE_HOST/api/v3 e.g. https://github.example.org/api/v3 GraphQL API https://api.github.com/graphql https://$GHE_HOST/api/graphql e.g. https://github.example.org/api/graphql OAuth 1. https://github.com/login/oauth/ authorize 2. https://github.com/login/oauth/ access_token 1. https://$GHE_HOST/login/oauth/ authorize e.g. https://github.example.org/login/oauth/authorize 2. https://$GHE_HOST/login/oauth/ access_token e.g. https://github.example.org/login/oauth/access_token Rate limiting Fixed set of rules Configurable set of rules, disabled by default

16. GitHub GitHub Satellite Workshop Day

17. GitHub Satellite Workshop Day GitHub curl --head https://$GHE_HOST/api/v3/zen HTTP/1.1 401

    Unauthorized Server: GitHub.com Content-Type: application/json; charset=utf-8 Content-Length: 131 Status: 401 Unauthorized X-GitHub-Enterprise-Version: 2.16.8 Access-Control-Allow-Origin: * X-GitHub-Request-Id: 0d2b95cc-7993-4103- ac69-9700ae105b00 curl --head https://api.github.com/zen HTTP/1.1 200 OK Server: GitHub.com Content-Type: text/plain;charset=utf-8 Content-Length: 31 Status: 200 OK X-RateLimit-Limit: 60 X-RateLimit-Remaining: 57 X-RateLimit-Reset: 1558043863 Access-Control-Allow-Origin: * X-GitHub-Request-Id: E983:1139:D4C84D: 1BEA763:5CDDCEC7

18. GitHub GitHub Satellite Workshop Day Webhook Delivery Headers Comparisons

19. GitHub Satellite Workshop Day GitHub content-type: application/json User-Agent: GitHub-Hookshot/632ecda X-GitHub-Delivery:

    eb1face0-7ba6-11e9-9e4c-19bbe24720c6 X-GitHub-Enterprise-Host: 13.90.100.179 X-GitHub-Enterprise-Version: 2.16.8 X-GitHub-Event: issues X-Hub-Signature: sha1=4e08038209eec7ad47ba58b070bac1c79d0e 6614 content-type: application/json User-Agent: GitHub-Hookshot/ae20175 X-GitHub-Delivery: 8e4d9ef0-7ba6-11e9-9d1b-329bca45a219 X-GitHub-Event: issues X-Hub-Signature: sha1=959e30ada1020bfc63b6ff1e573fdcbe5283 6ec9 https://developer.github.com/webhooks/#delivery-headers

20. GitHub GitHub Satellite Workshop Day Diving in!

21. GitHub Satellite Workshop Day GitHub WIP: Our mission: Take an

    existing integration and make it compatible with GitHub Enterprise Server https://github.com/wip/app/ DO NOT MERGE – as a service.

22. https://github.com/microsoft/TypeScript/pull/30299/checks

23. None

24. GitHub GitHub Satellite Workshop Day https://git.io/integrate-ghes Let’s do this!

25. None

26. willkommen

27. GitHub GitHub Satellite Workshop Day

28. https://git.io/github-rest-api-availability-ghes

29. None
30. None

31. GitHub Satellite Workshop Day GitHub WIP: Our mission: Take an

    existing integration and make it compatible with GitHub Enterprise Server https://github.com/wip/app/ DO NOT MERGE – as a service. We did it!

32. GitHub GitHub Satellite Workshop Day Review

33. GitHub Satellite Workshop Day GitHub We stored configuration in the

    environment

34. GitHub Satellite Workshop Day GitHub We defined our app’s required

    properties in an app.yml

35. GitHub Satellite Workshop Day GitHub 1. Direct people to create

    specified app 2. GitHub redirects back to app with temporary code 3. Exchange temporary code for app credentials The App Manifest Flow https://git.io/github-app-manifest-flow

36. GitHub Satellite Workshop Day GitHub We modified our code to

    handle differences between GitHub.com and GitHub Enterprise Server

37. GitHub GitHub Satellite Workshop Day Shipping your integration

38. GitHub GitHub Satellite Workshop Day Inside the firewall Outside the

    firewall Two Options

39. GitHub Satellite Workshop Day GitHub Inside the firewall In this

    scenario, the customer will self-host a packaged instance of your integration

40. GitHub Satellite Workshop Day GitHub Disadvantages - less visibility into

    how app is performing - releases become more difficult - dependent on customer providing infrastructure and setting things up correctly Advantages - likely to be a better fit with customer’s security posture - no need to isolate data - packaging formats are freely available (e.g. Docker)

41. https://docs.docker.com/config/containers/multi-service_container/

42. https://docs.pullpanda.com/github-enterprise/server

43. GitHub Satellite Workshop Day GitHub In this scenario, you will

    continue to host your integration, but will need “special sauce” that allows communication through the firewall to the customer-hosted appliance Outside the firewall

44. GitHub Satellite Workshop Day GitHub Disadvantages - need to communicate

    “through the firewall” - need to partition customer data, e.g. by App ID - need to handle multiple keys, conflicting installation IDs Advantages - better visibility, monitoring of your app - control over infrastructure choices - control over release cadence

45. https://aka.ms/azure-hybrid-connections

46. https://github.com/integrations/slack/issues/565

47. GitHub GitHub Satellite Workshop Day Inside the firewall Outside the

    firewall So… Which is the better option?

48. GitHub GitHub Satellite Workshop Day Additional tooling, resources

49. https://developer.github.com/

50. https://developer.github.com/v3/libraries/

51. None
52. None

53. https://github.com/octokit/plugin-enterprise-compatibility.js

54. https://probot.github.io

55. https://github.com/swinton/github-rest-apis-for-insomnia

56. https://git.io/github-rest-api-availability-ghes

57. GitHub Satellite Workshop Day GitHub In sum • Sign up

    for GitHub Enterprise Server developer license • Strive for a single codebase • Store config in environment • Implement the manifest flow to ease setup • Use existing libraries, frameworks where possible • Consider deployment strategies based on needs of your integration Key takeaways

58. Questions? Concerns? Comments? Ideas? Get in touch: [email protected]

59. None