We are trying to configure teleport community from gravitational with github connector for authentication. Instead of github.com we want to use our own private installation of github to authenticate against.
I have been unable to find a way how to configure this. Documentation mentions not much in regards to it.
Is it possible at all to configure teleport github connector to point to a private installation of github?
There's currently no support in Teleport for using a private Github installation rather than github.com. I think that the relevant endpoints in the code are located here - you could always try editing these and building Teleport from source to implement this if you wanted.
Alternatively, please raise a feature request on Github and we can add it to the backlog.
Thanks for trying Teleport!
Related
Working on a relatively new team in a much larger organization, and as a side project I am looking at our current documentation for opportunities to improve/standardize our best practices/standards. The ideal tool we would like to use, if up to the task, is Azure DevOps Wiki (this is AZDO Service, not Server) since it lines up with the rest of our PM functions. I was doing some digging, and I have not found much in the way of resources/templates/guides that can really get you going for Azure DevOps Wiki.
Beyond general documentation best practices, is there any helpful tricks/resources that we can use to make the most out of that particular tool? Or is there just a better tool we should consider? Looking for ideas! Any feedback is appreciated.
What I am looking for is a library of templates/resources that could
be used to help standardize documentation.
Official doesn't provided any template or resources for standard. There has been a feature request here:
Make it possible to create wiki page based on a template
You can upvote this feature request of Azure DevOps and share your ideas.
But since the DevOps wiki is designed based on Azure DevOps repository, you can clone the template you want to your wiki repository.
The repository url of your wiki should be:
https://dev.azure.com/<Organization Name>/<Project Name>/_git/<Project Name>.wiki
Use this command to clone the wiki repository:
git clone https://<Personal Access Token>#dev.azure.com/<Organization Name>/<Project Name>/_git/<Project Name>.wiki
PS:
Every DevOps project has a hidden repository, which named '<Project Name>.wiki', this repository can't be access via the repository UI list, also can't be listed via the List Repositories REST API. This repository also unable to be managed as other common repositories. Only 'Security for Wiki'. The repository will store all of the information in the pages of wiki permanently unless you delete the file in the repo.
And the comments section of the wiki is implemented quite differently, it is not based on a git repo and does not provide an explicit manage method. If you accidentally delete an image in a comment from the wiki, you won't have any way to get it back.
I've installed the Google Cloud Build app from Github Marketplace, and enabled it on several repositories, only to discover that enabling access for those repositories automatically starts running the Google Cloud Build "check" after every PR or push to a PR. Since some of those repositories are not actually ready for Google Cloud build, I needed to turn off the checks... I used the URL mentioned in the docs to get to the page where you can select which repositories should be connected to your GCP project, and unchecked a bunch of them... this disconnected them from the project, but, surprisingly, did not disable the Github checks! So now, there are Github checks on several repositories that just result in an error because they're not connected to any projects in Cloud Build.
Surely, it is not an uncommon use case to need a way to "disable Checks" on a per-repository basis - is there any way to do that?
(If not, consider it a requested feature if there are any Google Engineers reading!) ;)
I did talk to chat support, and the only way we could figure out to remove the checks would be to uninstall Google Cloud Build completely from the entire organization, which I don't want to do because we do have some setup that I want to keep, and I don't know how much of that configuration would have to be redone if I uninstalled it completely.
Here is a screenshot of the broken check that I can't disable:
I think there are 2 steps to disable CloudBuild,
1. Disable on CloudBuild itself. For some time I kept seeing 2 builds per push made, but disabling a trigger on CloudBuild helped fix that.
2. On Github, you can configure the Cloudbuild app to monitor a specific repo on the organization level setting.
3. If you feel a lot adventurous though and it's not solved, on the project level setting, you could delete the Webhooks integration for cloudbuild, as that's what Github notifies of each build.
It can be found within GH App installations:
https://console.cloud.google.com/gcb-github-registration
Select the GH account used for your link between Cloud Build and GH, then the GCP project you want to edit.
Here connected repositories can be edited, and in the second step (Trigger settings), the "Default GitHub Checks" can be disabled.
You can also goto settings of your repository and click installations inside settings.
And then remove Google cloud build from Installed apps and authorized github apps.
Cloud Build Triggers are still in beta, and have gone through several updates since this question was posted, but it now appears that the "Github Default Checks" are no longer hidden from management. They are now explicitly offered (but not automatically created) when connecting a repo, and you can finally view and disable (or delete) individual "Github Default Checks" on the trigger management page: https://console.cloud.google.com/cloud-build/triggers
I'll leave this as unanswered, because I'm uncertain this is how it is working for everyone, or that this answer will remain true, but if it works for you, feel free to vote up the answer!
To link GCP Project to the Github repository, create a trigger by clicking on resolve link, besides Action Required and then disable the same. For me this procedure worked out.
We have Bitbucket Cloud not Bitbucket Server. Is there a way to modify the "pre-receive" functions on Bitbucket? Goal is to audit pushes to make sure there's no obvious vulnerabilities before the code is available on Bitbucket. Git-hooks might work but there's not really a way to get them into version control in the same repo - the only way I can think of doing that would be to ssh into a Bitbucket server and modify the remote repo but I don't think you can do that?
My only guess is there might be a way to keep the pre-receive hooks in source control by putting the hook somewhere like this in the repo:
.bitbucket/pre-receive
But it's hard to find any info on this online.
Unfortunately, this isn't possible.
The GitHub documentation is talking about GitHub Enterprise Server, a product you would install on your own infrastructure. GitHub as in github.com does not support creating pre-receive hooks at all. This is pretty much the norm amongst the popular cloud git hosting providers - no cloud provider will let you write your own arbitrary code and run it on the same infrastructure that holds your git repo, there's too much danger of you breaking out into other data on the same physical storage.
Until someone develops a safe/sandboxed implementation of server-side hooks, you'll need to find another way.
Full disclosure: I work for Atlassian (though I don't work on Bitbucket Cloud)
I'd like to create a new project on Gitlab from an export out of a private Gitlab instance. I exported the repository from the private instance and received a .tar.gz file. According to the official Gitlab.com documentation I should be able to select "from Gitlab export" when I create a new project but that menu is missing for me.
I found an issue on Gitlab but it was closed because the function was added but apparently I am still not able to use it.
Anyone ever used that function? Is there any possibility to move my repo from a private Gitlab to the public one?
Thanks in advance.
Greetings
As specified in the Gitlab documentation, importing Gitlab exports needs to be administratively enabled first. In your private instances, be sure to upgrade your Gitlab instance to at least 10.3.4 or you may open a security hole.
For the gitlab.com case, I guess it may be disabled because of this issue for now.
EDIT: in fact, now that I look at it, I do see "Gitlab export" listed as the first option.
There are many trivial examples that show how this is done without the Github integration. The Azure Powershell commandlet New-AzureWebsite supports only public repos (can be confirmed from source code [1]). Has anyone tried to create it with a connection to a private repo? It doesn't seem to be documented anywhere.
UPDATE: I've realized this might be something Kudu helps me with.
[1] https://github.com/Azure/azure-powershell/blob/e06a22c22f7a1c8153e9c2fa7c159ae7b1fd1dab/src/ServiceManagement/Services/Commands.Utilities/Websites/Services/GithubClient.cs#L124
We have not added the functionality to powershell. However, you could try using the ARMClient tool below to achieve just that. See its readme and wiki for info.
https://github.com/projectkudu/ARMClient
https://github.com/projectkudu/ARMClient/wiki/Setup-GitHub-publishing-to-Site