Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GitHub Enterprise Support #99

Open
3 tasks
czechboy0 opened this issue Jul 18, 2015 · 25 comments
Open
3 tasks

GitHub Enterprise Support #99

czechboy0 opened this issue Jul 18, 2015 · 25 comments
Labels
git-host up-for-grabs

Comments

@czechboy0
Copy link
Member

Let's add support for self-hosted GitHub. Unfortunately, I don't have an Enterprise instance running anywhere, so it'd be very hard to test with. If someone is interested in helping me develop this feature for Buildasaur, I will need a couple of things:

  • A dummy git repo hosted on your Enterprise instance, can be just a repo of a template Xcode project
  • A GitHub token that can access that one repo
  • SSH keys that can access that one repo (or preferably, it could be open completely, so no git authentication is required)
@czechboy0 czechboy0 changed the title Support GitHub Enterprise GitHub Enterprise Support Feb 7, 2016
This was referenced Feb 25, 2016
Closed
Closed
@rcaileff
Copy link

rcaileff commented Mar 2, 2016

I've taken a shot at implementing this:
#248

@czechboy0 czechboy0 mentioned this issue Mar 3, 2016
Closed
@rcaileff rcaileff mentioned this issue Mar 9, 2016
Closed
@rcaileff
Copy link

rcaileff commented Mar 9, 2016

Different implementation based on comments to the first one.
#251

@fotiDim
Copy link

fotiDim commented Mar 17, 2016

Voting for SSH keys instead of personal tokes.

@rcaileff
Copy link

Does the implementation in #248 work for you, or did you have a third alternative in mind?

@fotiDim
Copy link

fotiDim commented Mar 17, 2016

I didn't try it yet because the PR was closed so I guessed it wasn't ready. Should I go ahead?

@rcaileff
Copy link

It's the version I'm using for my team. If it is a better form of
authentication for you, you should use it.

-Rachel

On Thu, Mar 17, 2016 at 11:26 AM, Foti Dim [email protected] wrote:

I didn't try it yet because the PR was closed so I guessed it wasn't
ready. Should I go ahead?


You are receiving this because you commented.
Reply to this email directly or view it on GitHub
#99 (comment)

@fotiDim
Copy link

fotiDim commented Mar 18, 2016

@rcaileff just tried it and I cannot past this
screen shot 2016-03-18 at 15 59 07

I have done the workaround but still nothing.

PS: I am using your "enterprise_github" branch.

@rcaileff
Copy link

Do you have a lounge.xcworkspace/xcshareddata/lounge.xcscmblueprint
blueprint file with the string "http" in it?
Did you clone your Lounge repo using github's "SSH" link or the "HTTPS"
link?

On Fri, Mar 18, 2016 at 10:00 AM, Foti Dim [email protected] wrote:

@rcaileff https://github.com/rcaileff just tried it and I cannot past
this
[image: screen shot 2016-03-18 at 15 59 07]
https://cloud.githubusercontent.com/assets/2326415/13881739/60555fd0-ed22-11e5-8aa9-33d9b8116c09.png

I have done the workaround but still nothing.

PS: I am using your "enterprise_github" branch.


You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub
#99 (comment)

@fotiDim
Copy link

fotiDim commented Mar 18, 2016

I cloned using the SSH url. I have setup deploy Keys for authentication. My remote is in the "[email protected]:organization/ios-app.git" form and within the .xcscmblueprint file (in the path you mentioned) I have been trying all combinations. This is it a bit altered:

{ "DVTSourceControlWorkspaceBlueprintPrimaryRemoteRepositoryKey": "AA2A0A40BEDCE6DCA89ECA", "DVTSourceControlWorkspaceBlueprintWorkingCopyRepositoryLocationsKey": {}, "DVTSourceControlWorkspaceBlueprintWorkingCopyStatesKey": { "AA2A0A40BEDCE6DCA89ECA": 0 }, "DVTSourceControlWorkspaceBlueprintIdentifierKey": "987E0-4183-8E69-DD84FE4BEAAD", "DVTSourceControlWorkspaceBlueprintWorkingCopyPathsKey": { "AA2A0A40BEAA46034CE6DCA89ECA": "Folder/" }, "DVTSourceControlWorkspaceBlueprintNameKey": "app", "DVTSourceControlWorkspaceBlueprintVersion": 204, "DVTSourceControlWorkspaceBlueprintRelativePathToProjectKey": "app.xcworkspace", "DVTSourceControlWorkspaceBlueprintRemoteRepositoriesKey": [ { "DVTSourceControlWorkspaceBlueprintRemoteRepositoryURLKey": "[email protected]:organization/ios-app.git", "DVTSourceControlWorkspaceBlueprintRemoteRepositorySystemKey": "com.apple.dt.Xcode.sourcecontrol.Git", "DVTSourceControlWorkspaceBlueprintRemoteRepositoryIdentifierKey": "AA2A0A40BEDCE6DCA89ECA" } ] }

@rcaileff
Copy link

I don't see a problem with the blueprint file. What about the link used to
make the test machine's clone of the repo? Was it the SSH link or the
HTTPS link?

On Fri, Mar 18, 2016 at 10:40 AM, Foti Dim [email protected] wrote:

I have setup deploy Keys for authentication. My remote is in the "
[email protected]:organization/ios-app.git" form and within the
.xcscmblueprint file I have been trying all combinations. This is it a bit
altered:

{
"DVTSourceControlWorkspaceBlueprintPrimaryRemoteRepositoryKey":
"AA2A0A40BEDCE6DCA89ECA",
"DVTSourceControlWorkspaceBlueprintWorkingCopyRepositoryLocationsKey": {},
"DVTSourceControlWorkspaceBlueprintWorkingCopyStatesKey": {
"AA2A0A40BEDCE6DCA89ECA": 0
},
"DVTSourceControlWorkspaceBlueprintIdentifierKey":
"987E0-4183-8E69-DD84FE4BEAAD",
"DVTSourceControlWorkspaceBlueprintWorkingCopyPathsKey": {
"AA2A0A40BEAA46034CE6DCA89ECA": "Folder/"
},
"DVTSourceControlWorkspaceBlueprintNameKey": "app",
"DVTSourceControlWorkspaceBlueprintVersion": 204,
"DVTSourceControlWorkspaceBlueprintRelativePathToProjectKey":
"app.xcworkspace",
"DVTSourceControlWorkspaceBlueprintRemoteRepositoriesKey": [
{
"DVTSourceControlWorkspaceBlueprintRemoteRepositoryURLKey":
"[email protected]:organization/ios-app.git",
"DVTSourceControlWorkspaceBlueprintRemoteRepositorySystemKey":
"com.apple.dt.Xcode.sourcecontrol.Git",
"DVTSourceControlWorkspaceBlueprintRemoteRepositoryIdentifierKey":
"AA2A0A40BEDCE6DCA89ECA"
}
]
}


You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub
#99 (comment)

@fotiDim
Copy link

fotiDim commented Mar 18, 2016

I used the SSH link for all operations. Notice that it starts with git@ and not with ssh://

@rcaileff
Copy link

The blueprint file contents and the repo cloning method don't necessarily
match. That was a mistake I made when setting up buildasaur the first
time. :)

On Fri, Mar 18, 2016 at 10:49 AM, Foti Dim [email protected] wrote:

I used the SSH link for all operations. Notice that it starts with git@
and not with ssh://


You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub
#99 (comment)

@rcaileff
Copy link

Is your EnterpriseGitHubHostname pod key value set to the same
github.my.custom.url that appears in your blueprint file?

On Fri, Mar 18, 2016 at 11:01 AM, Caileff, Rachel [email protected]
wrote:

The blueprint file contents and the repo cloning method don't necessarily
match. That was a mistake I made when setting up buildasaur the first
time. :)

On Fri, Mar 18, 2016 at 10:49 AM, Foti Dim [email protected]
wrote:

I used the SSH link for all operations. Notice that it starts with git@
and not with ssh://


You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub
#99 (comment)

@fotiDim
Copy link

fotiDim commented Mar 18, 2016

@rcaileff good question, I'll have to check. I also noticed some letfovers from an old remote URL inside the .xccheckout file. I'll try to test on a fresh project to make sure. I am under intranet so I will have to wait until Monday for this.

@fotiDim
Copy link

fotiDim commented Mar 21, 2016

@rcaileff I have been trying to figure it out since morning. Seems that the problem is at WorkspaceMetadata.swift at line 85 and 88:
switch scheme { ... case GitService.EnterpriseGitHub.hostname(): return (CheckoutType.SSH, .EnterpriseGitHub) ...

my scheme variable is
"github._subdomain_._domain_.com"
while GitService.EnterpriseGitHub.hostname() returns "git@github._subdomain_._domain_.com:organisation/ios-app.git"
Is it a misconfiguration from my side?

@rcaileff
Copy link

GitService.EnterpriseGitHub.hostname() should be returning the value from
your EnterpriseGitHubHostname pod key, which is why I asked about it.

On Mon, Mar 21, 2016 at 9:30 AM, Foti Dim [email protected] wrote:

@rcaileff https://github.com/rcaileff I have trying to figure it out
since morning. Seems that the problem is at WorkspaceMetadata.swift at line
85 and 88:
switch scheme {
...
case GitService.EnterpriseGitHub.hostname():
return (CheckoutType.SSH, .EnterpriseGitHub)
...

my scheme variable is "github.subdomain.domain.com" while
GitService.EnterpriseGitHub.hostname() returns "
git@github.subdomain.domain.com:organisation/ios-app.git"

Is it a misconfiguration from my side?


You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub
#99 (comment)

@fotiDim
Copy link

fotiDim commented Mar 22, 2016

Finally I got past this step. I just had to change the pod key value to "github.subdomain.domain.com" :/

So now I am on this screen and a bit confused
screen shot 2016-03-22 at 17 39 11

I have set up ssh authentication already. This means that I can pull/push though git without providing a password.

I have pointed buildasaur to my private SSH key. Do I need to perform oauth authentication as well? If yes then when I click on the login button and enter my credentials I am redirect to a 404 page. The URL that it points to is this: https://github.subdomain.domain.com/login/oauth/authorize?client_id=a&redirect_uri=buildasaur%3A%2F%2Foauth-callback%2Fgithub&response_type=code&scope=repo&state=30N9BUAJZkrIp7yoO06t

Any ideas?

Keep in mind that I haven't set a client ID and secret for oauth to pod keys.

@rcaileff
Copy link

The version in #248 (or in my works_for_me or enterprise_github branches of
my repo) requires using OAuth. Using it requires registering an OAuth
application with an Authorization callback URL of
"buildasaur://oauth-callback/github".
The version in #251 does not require using OAuth. Using it requires
generating a Personal Access Token.

On Tue, Mar 22, 2016 at 11:44 AM, Foti Dim [email protected] wrote:

Finally I got past this step. I just had to change the pod key value to
"github.subdomain.domain.com" :/

So now I am on this screen and a bit confused
[image: screen shot 2016-03-22 at 17 39 11]
https://cloud.githubusercontent.com/assets/2326415/13959597/07b9835c-f055-11e5-9988-d127dd279215.png

I have set up ssh authentication already. This means that I can pull/push
though git without providing a password.

I have pointed buildasaur to my private SSH key. Do I need to perform
oauth authentication as well? If yes then when I click on the login button
and enter my credentials I am redirect to a 404 page. The URL that it
points to is this:
https://github.subdomain.domain.com/login/oauth/authorize?client_id=a&redirect_uri=buildasaur%3A%2F%2Foauth-callback%2Fgithub&response_type=code&scope=repo&state=30N9BUAJZkrIp7yoO06t

Any ideas?


You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub
#99 (comment)

@fotiDim
Copy link

fotiDim commented Mar 23, 2016

OK got past this step as well. Unfortunately I stumble upon my old problem (same as with personal token). We are using SAML for authentication and this takes Buildasaur to the HTML page to enter the SAML credentials before being let into GitHub.

Buildosaur app is granted access on GitHub
screen shot 2016-03-23 at 13 51 44

Strange thing is that Buildosaur says it is logged in.
screen shot 2016-03-23 at 13 39 00

PS: I am trying to find a way to bypass this step but so far our IT guys say it is not possible.

@rcaileff
Copy link

Which error message are you currently getting?

On Wed, Mar 23, 2016 at 8:03 AM, Foti Dim [email protected] wrote:

OK got past this step is well. Unfortunately I stumble upon my old problem
(same as with personal token). We are using SAML for authentication andhis
takes Buildasaur to the HTML page to enter the SAML credentials before
being let into GitHub.

[image: screen shot 2016-03-23 at 13 51 44]
https://cloud.githubusercontent.com/assets/2326415/13985705/7fe5e966-f0fe-11e5-9be2-70970c26082d.png

Buildosaur app is granted access on GitHub
[image: screen shot 2016-03-23 at 13 47 30]
https://cloud.githubusercontent.com/assets/2326415/13985606/0e43a438-f0fe-11e5-83fe-95b299150822.png

Strange thing is that Buildosaur says it is logged in.

PS: I am trying to find a way to bypass this step but so far our IT guys
say it is not possible.


You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub
#99 (comment)

@fotiDim
Copy link

fotiDim commented Mar 24, 2016

On the console I am getting only this: "[ERROR]: No X-RateLimit info provided by GitHub in headers: [Pragma: no-cache, Content-Type: text/html;charset=ISO-8859-1, Server: Apache-Coyote/1.1, Date: Thu, 24 Mar 2016 14:47:45 GMT, Content-Length: 1838, Cache-Control: no-cache, no-store, must-revalidate, max-age=0, Expires: 0], we're unable to detect the remaining number of allowed requests. GitHub might fail to return data any time now :("

but as you see on the screenshot I get "Failed to access server, error:" and then the HTML of the SAML login page.

@rcaileff
Copy link

Here's my best guess at what's happening:
In GitHubServer.swift the private _sendRequest function is parsing header data that your server doesn't provide. It looks like you'd need to change what headers Buildasaur expects or change what headers the server is sending to get past your current problem.
If that's not it, I have no idea what's wrong. :(

@czechboy0
Copy link
Member Author

Yeah for GitHub Buildasaur expects rate limit information in the headers. You could make that optional for EnterpriseGitHub which should hopefully fix the first issue.
The second one seems to be that the API Buildasaur is calling when verifying credentials is returning HTML instead of JSON for some reason. Hopefully that should be easy to debug with an attached debugger.

@rcaileff
Copy link

Why does GitHub Buildasaur expect that information? Is it safe to remove
it for Enterprise GitHub? If so, why keep it for regular GitHub?

On Mon, Mar 28, 2016 at 5:58 PM, Honza Dvorsky [email protected]
wrote:

Yeah for GitHub Buildasaur expects rate limit information in the headers.
You could make that optional for EnterpriseGitHub which should hopefully
fix the first issue.
The second one seems to be that the API Buildasaur is calling when
verifying credentials is returning HTML instead of JSON for some reason.
Hopefully that should be easy to debug with an attached debugger.


You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub
#99 (comment)

@czechboy0
Copy link
Member Author

So that when you're using too short of a sync interval and run out of the allowed 5k requests per hour, Buildasaur will tell you what happened. Otherwise it'd just start failing without telling you it was gonna happen.

If there are no limits for Enterprise GitHub, feel free to ignore it there. But regular GitHub needs it.

@czechboy0 czechboy0 mentioned this issue May 10, 2016
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
git-host up-for-grabs
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@czechboy0 @fotiDim @rcaileff