Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-26007

Integrate GitHub with Bamboo without using PAT tokens

XMLWordPrintable

    • 0
    • 2

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Problem Definition
      Currently Bamboo requires the use of a Personal Access Token (PAT) which is not recommended by GitHub. With a PAT customers are subject to lower rate limits and the need to use a shared service account.
      Also, once token is generated they need to individually add it to every linked repo that needs that access. If at any point it's entered incorrectly it will possibly lock the account.

      Suggested Solution

      Establish an OAuth2 connection between GitHub and Bamboo, that would transfer secret and client ID (OAuth2 is a protocol that lets external applications request authorization to private details in a user's GitHub account without accessing their password.
      Currently, we do have that option for Jira Cloud -https://support.atlassian.com/jira-cloud-administration/docs/integrate-with-github/
      We also have an app in Jira for GitHub - https://marketplace.atlassian.com/apps/1219592/github-for-jira?tab=overview&hosting=cloud

      Give an option to customers to clone a GITHUB repository in Bamboo without using a PAT token

            [BAM-26007] Integrate GitHub with Bamboo without using PAT tokens

            Anik Sengupta made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 1035746 ]
            SET Analytics Bot made changes -
            Support reference count Original: 1 New: 2
            Shashank Kumar made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 1034180 ]
            SET Analytics Bot made changes -
            UIS Original: 1 New: 0
            SET Analytics Bot made changes -
            Support reference count New: 1
            Mateusz Szmal made changes -
            Fix Version/s New: 12.0.0 [ 112102 ]
            Mateusz Szmal made changes -
            Status Original: Gathering Interest [ 11772 ] New: In Progress [ 3 ]
            Mateusz Szmal made changes -
            Assignee New: Mateusz Szmal [ 851f15845f55 ]
            SET Analytics Bot made changes -
            UIS New: 1

            Amin Mimoun Bourass added a comment -

            A nice way to do this would be to have the private key and ID as inputs on the Repository section and have a script in the backend that generates the token in run time: 

            https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app-installation

            To summarise, the doc a script would be needed that does: Generate JWT with private Key and ID -> Do API call for Installation ID token -> Use Installation ID token for checkout

            Amin Mimoun Bourass added a comment - A nice way to do this would be to have the private key and ID as inputs on the Repository section and have a script in the backend that generates the token in run time:  https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/authenticating-as-a-github-app-installation To summarise, the doc a script would be needed that does: Generate JWT with private Key and ID -> Do API call for Installation ID token -> Use Installation ID token for checkout

              851f15845f55 Mateusz Szmal
              f84a05b06223 Anik Sengupta
              Votes:
              12 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: