Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-57351

Support for making Jenkins a "GitHub App"

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      To my understanding currently the github-branch-source plugins always requires GitHub user credentials / tokens to authenticate.

      I'd suggest to add authenticating Jenkins to GitHub as a GitHub App too.

      Why is this better than the current way:

      • GitHub Apps can be granted very fine grained permissions
      • GitHub Apps can be added either to a whole org, or just to selected repos
      • The app uses a key pair to then get temporary credentials, so leaked creds to user are only valid for a short period of time
      • Higher API limits! (probably the most important one for bigger orgs)

      This is specifically NOT about authenticating users against GitHub, but for Authenticating Jenkins itself against GitHub

      References: https://developer.github.com/apps/differences-between-apps/

        Attachments

          Issue Links

            Activity

            Hide
            paulomigalmeida Paulo Almeida added a comment -

            Andreas Sieferlinger Isaac Cohen the PR was merged a couple of days ago. Is there anything I can do for helping this new feature to get implemented? (Both directly or indirectly)

            Show
            paulomigalmeida Paulo Almeida added a comment - Andreas Sieferlinger Isaac Cohen the PR was merged a couple of days ago. Is there anything I can do for helping this new feature to get implemented? (Both directly or indirectly)
            Hide
            eric_dales Eric D'ALES DE CORBET added a comment -

            This is definitely a most-wanted.

            • as stated, it avoids putting some user credential that can expire
            • it also brings the capability to enrich pull requests with the github check api
            Show
            eric_dales Eric D'ALES DE CORBET added a comment - This is definitely a most-wanted. as stated, it avoids putting some user credential that can expire it also brings the capability to enrich pull requests with the github check api
            Hide
            ojacques Olivier Jacques added a comment -

            Not finished yet, but some have in progress work to have Jenkins act as a GitHub app. See https://github.com/github-api/github-api/issues/570#issuecomment-562200472

            Show
            ojacques Olivier Jacques added a comment - Not finished yet, but some have in progress work to have Jenkins act as a GitHub app. See https://github.com/github-api/github-api/issues/570#issuecomment-562200472
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            https://github.com/jenkinsci/github-api-plugin release is still blocked due to binary compatibility risks which were introduced in the reccent versions of GitHub API. See https://github.com/github-api/github-api/issues/630 for the feature request.

             

            Show
            oleg_nenashev Oleg Nenashev added a comment - https://github.com/jenkinsci/github-api-plugin  release is still blocked due to binary compatibility risks which were introduced in the reccent versions of GitHub API. See  https://github.com/github-api/github-api/issues/630  for the feature request.  
            Hide
            timja Tim Jacomb added a comment -

            I've opened a draft PR for this: https://github.com/jenkinsci/github-branch-source-plugin/pull/269

            It's still blocked on the github-api-plugin release, and probably needs a bit more work on my side, (automated tests are a bit light)

            Show
            timja Tim Jacomb added a comment - I've opened a draft PR for this: https://github.com/jenkinsci/github-branch-source-plugin/pull/269 It's still blocked on the github-api-plugin release, and probably needs a bit more work on my side, (automated tests are a bit light)

              People

              Assignee:
              timja Tim Jacomb
              Reporter:
              webrat Andreas Sieferlinger
              Votes:
              13 Vote for this issue
              Watchers:
              24 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: