Youtrack integration with Gitlab behind LDAP authentification - version-control

Youtrack 6.5 introduced integration with Gitlab VCS server.
I'm trying to integrate Youtrack 6.5 with stand-alone Gitlab repository (i.e. not gitlab.com)
Our Gitlab server also require users to go through LDAP authentification first.
Is it possible to make Youtrack go through LDAP authentification?

In case your LDAP server supports authentication with a client certificate, you can try adding a corresponding key to Hub as described here https://www.jetbrains.com/help/hub/2.0/Managing-SSL-Keys-and-Trusted-Certificates.html#ManagingSSLKeyStores and then select the key in GitLab properties form.

Related

Has anyone integrated Okta with GitLab successfully?

We would like to integrate Gitlab with Okta, any advice on how to get started?
I met this question a few times while trying to get this working, posted the results on the following GitLab issue https://gitlab.com/gitlab-org/gitlab-ce/issues/14122#note_17669455
Yes, with GitLab 13.0 (May 2020), but only for Premium and more (so not free), and only for gitlab.com (not self-managed)
Okta SCIM Integration Application for GitLab.com
We now offer an Okta SCIM integration application for Gitlab.com groups!
When Okta SCIM is provisioned for a GitLab group, membership of that group is synchronized between GitLab and Okta. This reduces group administrator time spent to onboard and offboard users.
See documentation and issue.
Update 2023: GitLab 15.8 (January 2023) add support for self-managed GitLab instances as well! (still premium+ only).
SCIM support for self-managed GitLab
Self-managed GitLab now supports the open standard System for Cross-domain Identity Management (SCIM), which allows you to automatically:
Create users.
Remove users by deactivating their SCIM identities.
Previously, this was only available for GitLab.com.
SCIM enables GitLab administrators to completely automate their user lifecycle management.
See Documentation and Issue.

Azure Github Integration with custom domain

I want to use github to deploy my webapp on Azure. I setup github on Azure as my deployment source. But since I have a custom domain instead of using the free azurewebsits.net, I think I am having issues seeing the website from github. The webhook on github shows azurewebsites.net.... same on azure. I can edit the webhook on github but can't on Azure. What is the best way to integrate github with azure with a custom domain?
You don't need to edit the webhook on github, let it stick with the default sitename.azurewebsites.net.
When you setup a custom domain name, your default domain name (sitename.azurewebsites.net) still keeps working. Github will use that to deploy to your site

Enable alternative credentials in TFS on premises

Using Visual Studio Team Services you have to enable Alternative Credentials in order to be able to connect to TFS Git Repo. using Eclipse or any other Git Client,
My problem is i want to connect to TFS on-premises Git repo. using Eclipse but there is no way to enable Alternative Credentials, any way to enable Alternative Credentials to be able to do that ? or can i do it other way?
TFS15 now supports Personal Access Tokens and SSH access, so your question isit's not entirely off the mark. There are scenario's where connecting using NTLM or kerberos security is not possible, but as #edward-thomson pointed out, the alternate credential is still linked to a domain account and should not be handed out to 3rd parties.
Instead users will need to be added to Active Directory, or a trust relation (or Federation) needs to be in place so the user is able to join using it's own orgs AD account.
If you're using Git, you could opt to also store the repository on Visual Studio Team Services and push/pull between that and your own TFS server. That way you can give 3rd parties access using their MSA or AAD account, while keeping the main repository secured using AD accounts only. Given the fact that Git is able to transfer data and history with ease, that's not an entirely weird scenario. It fits with the whole Distributed nature of Git quite well.

How to validate GitHub is communicating with OpenShift cartridge running Jenkins?

I have a GitHub hook for a new check-in, but it is not being received by Jenkins (running on a RedHat OpenShift cartridge).
Setup
RedHat OpenShift cartridge running Jenkins
Jenkins plugins in-play
GitHub plugin v1.8
Github Authentication plugin v0.14
Jenkins GIT client plugin v1.4.5
Jenkins GIT plugin v2.0
Public GitHub repository
Debugging
I have narrowed it down specifically to GitHub communicating with OpenShift, but am unsure how to troubleshoot any further, or resolve the issue. To narrow it down, I performed the following steps:
Configured one of each of the following types of Service Hooks in GitHub and captured the results in RequestBin
WebHook URL
Jenkins GitHub Plugin
Jenkins Git Plugin
I then ran Test Hook from GitHub
I took the resultant headers and payload from each RequestBin and manually created a POST request in Fiddler, pointing to the webhook endpoint
I saw some action on Jenkins by logging against com.cloudbees.jenkins.GitHubWebHook
However, the Test Hook from GitHub and checking into the repository never reached the server, at least not as evidenced by the logs.
I believe I have narrowed it down to an SSL issue. GitHub will not post the webhook to an OpenShift configured Jenkins cartridge, because it only responds to SSL/HTTPS. I am not sure of the specifics of how the canned Jenkins cartridge is configured, or how to change whether or not it uses SSL.
It is possible to change whether or not the OpenShift cartridge uses SSL, but I did not want to spend the time to get into it. The solution is to create your own cartridge definition, where you can specify all the settings, specifically which endpoints get created. Here is the OpenShift reference to generate the proper endpoints in case anyone wants to go that route.
I believe I have narrowed it down to an SSL issue. GitHub will not post the webhook to an OpenShift configured Jenkins cartridge, because it only responds to SSL/HTTPS. I am not sure of the specifics of how the canned Jenkins cartridge is configured, or how to change whether or not it uses SSL.
It is possible to change whether or not the OpenShift cartridge uses SSL, but I did not want to spend the time to get into it. The solution is to create your own cartridge definition, where you can specify all the settings, specifically which endpoints get created. Here is the OpenShift reference to generate the proper endpoints in case anyone wants to go that route.

Github Enterprise - Plugin for Jenkins

I'm trying to get the post-commit hooks for github enterprise to talk to our internal jenkins server. Been trying for the last several hours and haven't been able to get it working.
What I was able to do is get the github enterprise webhook with url:
http://192.168.10.123:8080/job/Github%20Build%20Test/build
working to kick off a build.
I'm not able to authenticate with github enterprise using either the basic authentication or oauth2 authentication tokens.
Also with manual setup it doesn't seem to work either. Any ideas / help?
I think you may need to wait for v1.41 of the Jenkins GitHub API plugin
See this pull request