Skip to main content

GitHub App integration for Kiwi TCMS

Project description

https://coveralls.io/repos/github/kiwitcms/github-app/badge.svg?branch=master Python updates Tidelift Become a sponsor Kiwi TCMS on Twitter

Introduction

This package provides the GitHub App integration for Kiwi TCMS Enterprise and is designed to work only for multi-tenant environments! You don’t need this add-on in order to run Kiwi TCMS without extended GitHub integration!

Communication from GitHub to this plugin is via webhooks.

Plugin behavior:

  • Auto-configure which tenant to use for database operations, either ‘public’ or a single private tenant to which user has access.

  • If unable to auto-configure display warning and redirect to configuration page once the GitHub account who installed this integration onto their GitHub repository logs into Kiwi TCMS

  • Existing & newly created repositories are added as products in Kiwi TCMS

  • BugSystem records are automatically configured for repositories

  • Fork repositories are skipped

  • Newly created git tags are added as product versions in Kiwi TCMS

See Issues for other ideas!

Installation

pip install kiwitcms-github-app

inside Kiwi TCMS’s docker image and make sure the following settings are configured:

AUTHENTICATION_BACKENDS = [
    'social_core.backends.github.GithubAppAuth',
    ...
]
SOCIAL_AUTH_GITHUB_APP_KEY = 'xxxxxx'
SOCIAL_AUTH_GITHUB_APP_SECRET = 'yyy'
KIWI_GITHUB_APP_SECRET = b'your-webhook-secret'
KIWI_GITHUB_APP_ID = 123456
KIWI_GITHUB_APP_PRIVATE_KEY = """-----BEGIN RSA PRIVATE KEY-----
+++++++++base64-encoded-private-key+++++++
-----END RSA PRIVATE KEY-----"""

everything else will be taken care for by Kiwi TCMS plugin loading code!

GitHub App configuration

This plugin needs an existing GitHub App application with the following configuration:

Then configure how the application interacts with GitHub:

  • Repository permissions:

    • Contents: Read-only

    • Issues: Read & write (required for 1-click bug report on private repos)

    • Metadata: Read-only

  • User permissions:

    • Email addresses: Read-only

  • Subscribe to events:

    • Meta

    • Create

    • Repository

Changelog

v2.0.1 (18 Jun 2024)

  • Filter DB only for ‘github-app’ instead of unconditionally using the first record. Fixes Sentry KIWI-TCMS-P5

v2.0.0 (07 Jun 2024)

  • Relicense this package under GNU Affero General Public License v3 or later

  • Prior versions are still licensed under GNU General Public License v3

v1.7.0 (06 May 2024)

  • Pin indirect requirements to reduce the chance of installing vulnerable dependencies

  • Remove the wrapper GithubKiwiTCMSBot() class

  • Simplify self.requester override in PatchedGithub() class

  • Start using the new GitHub Auth parameters introduced in PyGithub==1.59.0

v1.6.0 (15 Jan 2024)

  • 1-click bug report will now use execution.build.version.product instead of execution.run.plan.product following changes in Kiwi TCMS, see: <https://github.com/kiwitcms/Kiwi/commit/48a33a71e664c8c3ed2ceb298b5f1e19d0bddb52>_ and PR #3439 for more details

  • Require minimum version of several transitive dependencies, certifi>=2023.7.22, cryptography>=41.0.4, pyjwt>=2.4.0, requests>=2.31.0 in order to minimize exposure to known security vulnerabilities

  • Build & test with Python 3.11

  • Start testing with psycopg3

  • Small updates around test jobs & CI

v1.5.1 (28 Mar 2023)

  • Unpin PyGithub dependency

  • Add more tests

v1.5.0 (24 Feb 2023)

  • Refactor code so it works with PyGithub==1.58.0

  • Remove PatchedGithubIntegration class

  • Add sanity tests for upstream/downstream interfaces for PyGithub

v1.4.1 (13 Feb 2023)

  • Adjust arguments for latest github.Github implementation

  • Raise RuntimeError instead of Exception

v1.4.0 (05 Sep 2022)

  • Don’t ask user to configure GitHub App if they are not tenant owner. Breaks an endless loop cycle in case tenant creation goes wrong

  • Specify 30 sec timeout for internal HTTP requests

  • Improvements to CI

v1.3.3 (31 Jan 2022)

v1.3.2 (05 Jan 2022)

v1.3.1 (04 Oct 2021)

  • Adjust 2 parameters for changes introduced in PyGithub 1.55

v1.3.0 (14 Feb 2021)

  • Migrate to Python 3.8

  • Always test with the latest Kiwi TCMS version

  • Adjustments to the internal test suite now that Kiwi TCMS is available via source

  • Prevent crash if uid field is not a number to make it work with Keycloak

v1.2.4 (14 Feb 2021)

  • Don’t cause ISE in case of race conditions between webhooks

  • Fix ISE for existing Version

v1.2.3 (25 Jan 2021)

  • Allow POST request (web hooks) without CSRF token

v1.2.2 (08 Dec 2020)

  • Update for newer PyGithub

v1.2.1 (17 Sep 2020)

  • Require login for views.Resync()

v1.2 (13 Sep 2020)

  • Adjusted to work with Django 3.1 and Kiwi TCMS > 8.6

  • Replace deprecated url() with re_path()

  • Migrate the payload field to newer models.JSONField type

  • Setting PUBLIC_VIEWS is removed in Kiwi TCMS so remove the automatic adjustment

  • Make error messages for missing AppInst more clear

  • Remove redundant if condition in Resync()

  • Update translation strings

  • Update documentation around GitHub permission requirements for 1-click bug report

v1.1 (05 Aug 2020)

  • Add GitHub issue-tracker integration which authenticates as the installed app. Fixes Issue #25

  • Configure BugSystem for new repos. Fixes Issue #15

  • Create Product & BugSystem records when installation_repositores change. Fixes Issue #21

  • Trigger resync from GitHub via menu. Fixes Issue #19

  • Trigger resync from GitHub after AppInstallation is configured. Fixes Issue #20

  • Database: Add AppInstallation.settings_url field

  • Link to the correct URL for GitHub settings. Fixes Issue #33

  • Require user to be logged in for ApplicationEdit. Fixes Issue #36

  • Update translation strings

  • Add more tests

v1.0 (13 Apr 2020)

  • Install settings overrides under tcms_settings_dir/ (compatible with Kiwi TCMS v8.2 or later):

    • does not need MIDDLEWARE and PUBLIC_VIEWS override anymore

  • Remove GithubAppAuth backend, shipped with social-auth-core v3.3.0

  • Fix a redirect to use the correct name of our social_core backend

v0.0.5 (19 Feb 2020)

  • Address GitHub API deprecation not yet fixed in social-auth-core

v0.0.4 (25 Dec 2019)

  • Do not fail if product already exists

  • Do not fail if repository doesn’t have description

  • Search UserSocialAuth by uid and provider

v0.0.1 (24 Dec 2019)

  • initial release

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

kiwitcms-github-app-2.0.1.tar.gz (26.6 kB view hashes)

Uploaded Source

Built Distribution

kiwitcms_github_app-2.0.1-py3-none-any.whl (32.1 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page