With the migration of our GitHub organisation to Single Sign-On (SSO), the GitHub user that was being used in our tools (like Jenkins) was not beeing added as a new LDAP user. With this in mind, we had the need to have a way of authenticating using GitHub Apps.
The creation of this Go library is to be able to use in any code base that needs to authenticate on GitHub, like our fetch-bots-ips.
To generate a new GitHub App access token that can be used to authenticate.
package main
import "github.com/kununu/go-github"
func main() {
// Create a new GithubApp with JWT authentication
ghApp, err := github.NewGitHubApp(&github.GitHubAppConfig{
// GitHub APP ID to use to authenticate
ApplicationID: appId,
// GitHub Installation ID for the APP
InstallationID: instId,
// GitHub APP generated private key path to file
PrivateKeyFile: string,
// GitHub APP generated private key value
PrivateKey: keyBytes,
})
token, err := ghApp.GetAccessToken()
if err != nil {
panic(err)
}
}
We also provide a binary that outputs a GitHub token and can be in any a linux command line by
setting the GIT_ASKPASS
env variable to the binary.
The binary can be configured to be used byt setting the environment variables
GITHUB_APP_ID
GITHUB_INST_ID
and GITHUB_KEY_PATH
or by passing the values using flags.
Use the -h
flag for more information on the available flags.
NOTE: If both GITHUB_KEY_PATH and GITHUB_KEY_VALUE are passed, only the first one is used.
GIT_ASKPASS=<path_to_binary>