I cannot link toolchain to different github organization - github

I have a github account: https://github.com/remkohdev
and am a member of several github organizations
I have added all organizations to the Bluemix DevOps Third Party applications authorizations.
But I cannot change the default github organization to a different organization when I enable the Toolchain on Bluemix, so that I can create/edit the source code to the repo in a different than default Github organization?
Error:
The integration could not be set up. Check the settings and try again.
Reason: Unable to update the git integration. An error occurred while cloning the git repository. Error details: Unable to read the repository on: https://github.com/eventquarry/server.git. User is not authorized, or repository does not exist.

When you authorized with GitHub you probably did not explicitly grant access to the eventquarry organization.
To fix this, first you need to revoke your token by logging into Github.com, then click settings > Authorized applications > Revoke "IBM Bluemix Toolchains". Now go back to Bluemix, and when you click on the GitHub tool you will see an “Authorize” button. Upon clicking, you will be taken to GitHub, and here you need to click "Grant Access" next to eventquarry (and all orgs you would like to grant access to) before clicking "Authorize application".
Now you should be able to fork/clone/link with the private repositories in the eventquarry organization.

The devops git folks responded with this:
Right now, we don't support the ability to create new organization repositories through the toolchain UI. Any new repos are created under the personal account of the user. It is possible to link to existing organization repos by typing in the repo URL in the field. (Org repos won't show up in the dropdown, but the URL can be entered manually.) Note that the user needs admin privileges on the repo they're linking to in order to have a fully functioning integration though. It's possible to link to a repo without admin privileges, but we can't create a webhook on the repo, so there's no way for us to be notified of commit events. Pipelines will only run manually if the user doesn't have admin privileges on the repo.
Let me know if this is helpful...

Related

Required permissions for integration between Azure Pipelines and Github

What privileges do Azure Pipelines Bot require from a GitHub user asking for a pipeline re-run? Currently, it reacts to /azp run comment of the user with the following error message:
Commenter does not have sufficient privileges for PR 9999 in repo org/repo
The whole integration works flawlessly for other users of the same repository.
According to your description, This problem seems to be that the user does not have sufficient repository permissions.
Please refer to the following steps to check:
Responses to this commands will appear in the pull request discussion only if your pipeline uses the Azure Pipelines GitHub App. Make sure your pipeline uses the Azure Pipelines GitHub App.
Repository collaborators can comment on a pull request to manually run a pipeline. Please check whether the user is collaborator. If not, please invite collaborators to a repository.
Make sure that your membership is public in the repository's organization, or directly add the user as a repository collaborator. Azure Pipelines cannot see private organization members unless they are direct collaborators or belong to a team that is a direct collaborator.
How to invite collaborators to a repository:
On GitHub, navigate to the main page of the repository.
Under your repository name, click Settings.
In the left sidebar, click Manage access, then click Invite a collaborator button.
Under "Invite a collaborator to {your repository}", start typing the collaborator's username. Select the collaborator's username from the drop-down menu.
Click Add collaborator.
Note: Only one /azp command per comment.
Reference document:
https://learn.microsoft.com/en-us/azure/devops/pipelines/repos/github?view=azure-devops&tabs=yaml#comment-triggers

Does a user need to be invited to AppVeyor when using GitHub integration?

I read the documentation about the GitHub integration in AppVeyor and one thing is still not clear to me:
When I want to use GitHub teams, do I still need to invite people to be collaborators in AppVeyor?
If so, how does it work with permissions? If both GitHub teams and users/collaborators are assigned to roles, what does take precedence? Eg. user is directly assigned to an "Administrators" role and also a member of a GitHub team with a lower set of permissions. Are the two sets of permissions combined somehow?
In other words, is it possible to manage access to AppVeyor only through GitHub teams? (Without having to invite users to AppVeyor.) If not, what's the point of GitHub teams integration...?
I configured several GitHub teams from our organization (Kentico) with certain roles in AppVeyor. However, the users belonging to the GitHub teams didn't see the Kentico account in AppVeyor when they signed in with their GitHub account.
You do not have to invite GitHub team members (though you can). They should see your account in top left drop down when logged with GitHub button.
If you still invite them, GitHub team role takes over role you assigned in invitation.
Yes, you should be able just use GitHub teams. When GitHub team member login into AppVeyor with GitHub button, hidden Collaborator automatically created.
Let us troubleshoot your specific users over support ticket you created on our forum.
I tried to:
Revoke access and authorize again at https://ci.appveyor.com/account/kentico/authorizations - DIDN'T WORK
Remove and recreate the GitHub team at https://ci.appveyor.com/account/kentico/github-teams - DIDN'T WORK
Verify that both AppVeyor and AppVeyor CI are authorized OAuth apps at https://github.com/settings/applications - DIDN'T WORK
Reinstalled AppVeyor from GitHub marketplace: https://github.com/marketplace/appveyor - WORKED

How to link GitHub repository with JIRA project?

I have a software project in JIRA and want to link that project with a GitHub repository so that when I create tasks in the JIRA project I can branch out in the corresponding GitHub repository, etc. I was able to link my GitHub account with my JIRA account (https://confluence.atlassian.com/adminjiracloud/connect-jira-cloud-to-github-814188429.html) but I don't know how to connect one of my JIRA projects with a specific GitHub repository.
For example, when I create a task in my JIRA project I expect to see a link on the task page to create a branch. There's no such links because the project is not linked to a repository.
EDIT: I don't see the Development panel on the issue page in JIRA. If I were able to see that panel that would solve this problem (likely).
EDIT: I am trying to see this panel on the issue page. This is from JIRA's help pages.
EDIT: Instead I see this (notice no Development panel on the right side that allows me to create a branch)
Step 1. Create an OAuth access token for your GitHub account
Log in to GitHub as a user with admin permissions on the account.
Choose Edit Your Profile.
Select OAuth Applications.
Select the Developer Applications tab.
Choose Register new OAuth application.
Enter a name for Application Name.
Enter the JIRA Software URL for both the URL and Callback URL fields. Press Register Application.
Keep your browser open at your GitHub account while you go on with the next step.
Step 2. Add the OAuth token in JIRA Software
Log in to JIRA Software as a user with admin permissions.
From the JIRA Software dashboard click the cog (settings) icon.
Choose Applications.
From the Integrations section on the left, choose DVCS accounts.
Click Link Bitbucket Cloud or GitHub account.
Choose 'GitHub' as the Host value.
Enter a Team or User Account name.
Copy the Client ID and Client Secret values from your GitHub site into the dialog.
Leave the default auto link and Smart Commits (recommended) as is or change them
Click Add.
Grant access when prompted
When JIRA connects successfully, you'll see your account on the 'DVCS accounts' page.

Can I configure a Bluemix Continuous Delivery toolchain to use a private Github repository?

I have a private Github repository in a private Github organisation, and I'd like to configure Bluemix's "Continuous Integration" service to use that repository so that I can load source code from it to build in a delivery pipeline in that toolchain.
The "View docs" link for the GitHub tile in the toolchain points to a documentation page for the older DevOps Services, which doesn't give any information on configuring a GitHub repository in a toolchain.
When I try entering the URL for my repo, it comes up with this error:
The integration could not be set up. Check the settings and try again.
Reason: An error occurred while cloning the git repository. Error details: Unable to read the repository on: (URL removed). User is not authorized, or repository does not exist.
I'd expect to be given the option to authorise Bluemix against my account, but I'm not.
How can I access this repository?
It is possible to set up an integration with a private GitHub repository as long as you have authorized Bluemix with your GitHub account and have granted Bluemix permission in the org that owns the repo.
The first time you attempt to create a GitHub integration, you will be prompted to authorize with GitHub. On the GitHub authorization page, you have the option to select the orgs that you want to give Bluemix access to before you click the "Authorize" button.
It sounds like you've already gone through the initial authorization step and may have missed adding the org authorization. You can update the org authorization on GitHub's authorized applications page (https://github.com/settings/applications). Click the "IBM Bluemix Toolchains" application. On that page, under "Organization Access", grant access to the organization that owns the repo you want to integrate with. That should allow you to set up the integration.

GitHub Organization Repo + Jenkins (GitHub Plugin) integration

I have an organization on GitHub with private repositories. I also have Jenkins set up running on port 8080 on a server, with the GitHub plugin installed. I've created an account on GitHub for my jenkins user, which resides in the owners group.
I'm trying to trigger a job on jenkins when a change is pushed to my development branch (or master branch, neither seem to be working).
When I look at the GitHub Hook Logs in Jenkins, it says that Polling has not run yet. When I go to "Manage Jenkins", the GitHub plugin says my account is Verified when I test it.
Any insight on how to configure this? I have multiple repositories I'd like to work with, so deploy keys don't seem like the solution to me.
Update:
As Craig Ringer mentions in his answer, you can select Grant READ permissions for /github-webhook in "Configure Jenkins" under the GitHub plugin settings, allowing the webhook to be called without authentication.
Another update: Webhooks are now (Dec. 2014) available for organization: see WebHooks API for orgs.
Note: the issue 4 of the hudson-github-plugin was about:
Last GitHub Push
Polling has not run yet.
And the conclusion was:
Nevermind, the only missing piece was a permission checkbox for the github user which ain't documented anywhere on the internet.
So is this a permission issue regarding your Jenkins users?
The article "Set up Jenkins-CI on Ubuntu for painless Rails3 app CI testing" includes the following process:
To restrict the CI system and give access to your Team members to use or see the build logs, first you’ve to create an account.
Go to Manage Jenkins > Configure System,
Check the Enable Security checkbox
Under Security Realm, choose Jenkins's own user database
Check the Allow users to sign up checkbox
Under Authorization, choose Project-based Matrix Authorization Strategy
Add first user with the name admin and another with GitHub (Note: the username for Admin access has to be admin) For GitHub named user, just choose the Overall Read only permission. We’ll use this user later with the GitHub hook.
Note: The admin and GitHub user that we’ve added in the above step does not create the User. Then you’ve to create a real user with that same name. Ya, I know, its a bit weird with Jenkins UI.
Go to Manage Jenkins > Manage Users > Create User. Create both admin and GitHub users.
Hooking with the Github web-hooks
Now to run the build automagically when new commit or branch gets pushed onto Github, we have to setup the repository.
Got to the hooks page for your repository. e.g.
github.com/<username>/<project_name>/admin/hooks
Under AVAILABLE SERVICE HOOKS > Post-Receive URLs, add github:github#your-ci-server.com/github-webhook/.
The github:github is the user that we’d created earlier.
Then we have to verify Jenkins with Github. Go to Manage Jenkins > Configure System and under GitHub Web Hook, add your Github username and password and click the Test Credential button to authorize once with Github.
It looks like the accepted answer is no longer necessary with the current version of the GitHub plugin. You can instead check Grant READ permissions for /github-webhook in "Configure Jenkins" under the GitHub plugin settings, allowing the webhook to be called without authentication.
As explained in the help on this option that's quite safe, and frankly no worse than having a user named "github" with password "github" anyway.
There are two ways to achieve automatic builds on Jenkins. What you choose depends on whether GitHub can call the Jenkins server URL you provide. This may not be the case if you are running Jenkins behind a firewall.
If GitHub can reach that URL you can set up the service hook on your repo there.
If not you can set up Jenkins to poll periodically.
You may set up both, but one solution is enough to get it working. I would always go for the first if feasible as it saves resources CPU and traffic wise.
Either way you need the GitHub plugin for Jenkins.
Hope that helps a bit.