$30 off During Our Annual Pro Sale. View Details »

Getting ready for the enterprise: Shipping GitHub Enterprise Server-compatible integrations

Getting ready for the enterprise: Shipping GitHub Enterprise Server-compatible integrations

In this 50 minute workshop we’ll show you how to ship integrations for GitHub Enterprise Server—including developer licensing and code modifications, as well as common packaging, distribution, and installation patterns for on-premises GitHub Apps. We’ll also share best practices and helpful resources to get you started. In the end, you’ll leave knowing how to share developer tools with Enterprise Server teams, whether for code quality, developer productivity, project management, or automation.

More information: https://github.com/satelliteworkshops/integrate-4-getting-ready-for-the-enterprise

Steve Winton

May 22, 2019
Tweet

More Decks by Steve Winton

Other Decks in Technology

Transcript

  1. https://git.io/integrate-ghes

  2. May 2019 GitHub Getting ready for the enterprise: Shipping GitHub

    Enterprise Server-compatible integrations
  3. GitHub GitHub Satellite Workshop Day Welcome!

  4. None
  5. GitHub GitHub Satellite Workshop Day Quick poll (1 of 3):

    Who has used the GitHub APIs before?
  6. GitHub GitHub Satellite Workshop Day Quick poll (2 of 3):

    Who has built a GitHub integration?
  7. GitHub GitHub Satellite Workshop Day Quick poll (3 of 3):

    Who knew there was a self- hosted version of GitHub.com?
  8. GitHub GitHub Satellite Workshop Day Today: Getting ready for the

    Enterprise
  9. https://github.com/enterprise

  10. https://developer.github.com/program/

  11. https://enterprise.github.com/releases

  12. https://git.io/setting-up-ghes

  13. https://aka.ms/ghes-on-azure

  14. GitHub GitHub Satellite Workshop Day Comparisons

  15. GitHub.com GitHub Enterprise Server Release cadence Multiple times per day

    Patches: ~every 2 weeks Features: ~every 3 months REST API https://api.github.com https://$GHE_HOST/api/v3 e.g. https://github.example.org/api/v3 GraphQL API https://api.github.com/graphql https://$GHE_HOST/api/graphql e.g. https://github.example.org/api/graphql OAuth 1. https://github.com/login/oauth/ authorize 2. https://github.com/login/oauth/ access_token 1. https://$GHE_HOST/login/oauth/ authorize e.g. https://github.example.org/login/oauth/authorize 2. https://$GHE_HOST/login/oauth/ access_token e.g. https://github.example.org/login/oauth/access_token Rate limiting Fixed set of rules Configurable set of rules, disabled by default
  16. GitHub GitHub Satellite Workshop Day

  17. GitHub Satellite Workshop Day GitHub curl --head https://$GHE_HOST/api/v3/zen HTTP/1.1 401

    Unauthorized Server: GitHub.com Content-Type: application/json; charset=utf-8 Content-Length: 131 Status: 401 Unauthorized X-GitHub-Enterprise-Version: 2.16.8 Access-Control-Allow-Origin: * X-GitHub-Request-Id: 0d2b95cc-7993-4103- ac69-9700ae105b00 curl --head https://api.github.com/zen HTTP/1.1 200 OK Server: GitHub.com Content-Type: text/plain;charset=utf-8 Content-Length: 31 Status: 200 OK X-RateLimit-Limit: 60 X-RateLimit-Remaining: 57 X-RateLimit-Reset: 1558043863 Access-Control-Allow-Origin: * X-GitHub-Request-Id: E983:1139:D4C84D: 1BEA763:5CDDCEC7
  18. GitHub GitHub Satellite Workshop Day Webhook Delivery Headers Comparisons

  19. GitHub Satellite Workshop Day GitHub content-type: application/json User-Agent: GitHub-Hookshot/632ecda X-GitHub-Delivery:

    eb1face0-7ba6-11e9-9e4c-19bbe24720c6 X-GitHub-Enterprise-Host: 13.90.100.179 X-GitHub-Enterprise-Version: 2.16.8 X-GitHub-Event: issues X-Hub-Signature: sha1=4e08038209eec7ad47ba58b070bac1c79d0e 6614 content-type: application/json User-Agent: GitHub-Hookshot/ae20175 X-GitHub-Delivery: 8e4d9ef0-7ba6-11e9-9d1b-329bca45a219 X-GitHub-Event: issues X-Hub-Signature: sha1=959e30ada1020bfc63b6ff1e573fdcbe5283 6ec9 https://developer.github.com/webhooks/#delivery-headers
  20. GitHub GitHub Satellite Workshop Day Diving in!

  21. GitHub Satellite Workshop Day GitHub WIP: Our mission: Take an

    existing integration and make it compatible with GitHub Enterprise Server https://github.com/wip/app/ DO NOT MERGE – as a service.
  22. https://github.com/microsoft/TypeScript/pull/30299/checks

  23. None
  24. GitHub GitHub Satellite Workshop Day https://git.io/integrate-ghes Let’s do this!

  25. None
  26. willkommen

  27. GitHub GitHub Satellite Workshop Day

  28. https://git.io/github-rest-api-availability-ghes

  29. None
  30. None
  31. GitHub Satellite Workshop Day GitHub WIP: Our mission: Take an

    existing integration and make it compatible with GitHub Enterprise Server https://github.com/wip/app/ DO NOT MERGE – as a service. We did it!
  32. GitHub GitHub Satellite Workshop Day Review

  33. GitHub Satellite Workshop Day GitHub We stored configuration in the

    environment
  34. GitHub Satellite Workshop Day GitHub We defined our app’s required

    properties in an app.yml
  35. GitHub Satellite Workshop Day GitHub 1. Direct people to create

    specified app 2. GitHub redirects back to app with temporary code 3. Exchange temporary code for app credentials The App Manifest Flow https://git.io/github-app-manifest-flow
  36. GitHub Satellite Workshop Day GitHub We modified our code to

    handle differences between GitHub.com and GitHub Enterprise Server
  37. GitHub GitHub Satellite Workshop Day Shipping your integration

  38. GitHub GitHub Satellite Workshop Day Inside the firewall Outside the

    firewall Two Options
  39. GitHub Satellite Workshop Day GitHub Inside the firewall In this

    scenario, the customer will self-host a packaged instance of your integration
  40. GitHub Satellite Workshop Day GitHub Disadvantages - less visibility into

    how app is performing - releases become more difficult - dependent on customer providing infrastructure and setting things up correctly Advantages - likely to be a better fit with customer’s security posture - no need to isolate data - packaging formats are freely available (e.g. Docker)
  41. https://docs.docker.com/config/containers/multi-service_container/

  42. https://docs.pullpanda.com/github-enterprise/server

  43. GitHub Satellite Workshop Day GitHub In this scenario, you will

    continue to host your integration, but will need “special sauce” that allows communication through the firewall to the customer-hosted appliance Outside the firewall
  44. GitHub Satellite Workshop Day GitHub Disadvantages - need to communicate

    “through the firewall” - need to partition customer data, e.g. by App ID - need to handle multiple keys, conflicting installation IDs Advantages - better visibility, monitoring of your app - control over infrastructure choices - control over release cadence
  45. https://aka.ms/azure-hybrid-connections

  46. https://github.com/integrations/slack/issues/565

  47. GitHub GitHub Satellite Workshop Day Inside the firewall Outside the

    firewall So… Which is the better option?
  48. GitHub GitHub Satellite Workshop Day Additional tooling, resources

  49. https://developer.github.com/

  50. https://developer.github.com/v3/libraries/

  51. None
  52. None
  53. https://github.com/octokit/plugin-enterprise-compatibility.js

  54. https://probot.github.io

  55. https://github.com/swinton/github-rest-apis-for-insomnia

  56. https://git.io/github-rest-api-availability-ghes

  57. GitHub Satellite Workshop Day GitHub In sum • Sign up

    for GitHub Enterprise Server developer license • Strive for a single codebase • Store config in environment • Implement the manifest flow to ease setup • Use existing libraries, frameworks where possible • Consider deployment strategies based on needs of your integration Key takeaways
  58. Questions? Concerns? Comments? Ideas? Get in touch: partnerengineering@github.com

  59. None