GitHub App Integration for Dedicated Cloud
Introduction
The GitHub App Integration allows Codecov to:
- Provide login with GitHub functionality to end users
- Post comments and status on Pull Requests in GitHub
- Sync Codecov state to GitHub via webhooks
- For the user to provide fine grained controls for determining which GitHub repositories Codecov can access
Ingredients list from the new Codecov GitHub app
Codecov needs several different values from the GitHub App Integration to enable the communication between your GitHub organization and your instance of the Dedicated Cloud.
- New Codecov Github App Client ID
- New Codecov Github App Client Secret
- New Codecov Github App App ID
- New Codecov GitHub App PEM (Private Key)
- New Codecov Github Webhook Secret
On sharing Codecov GitHub app credentials
Please do not email or send unencrypted credentials. Please work with your Codecov representative or email [email protected] for one of several secure methods for sharing credentials.
A common method is to send credentials that have been encrypted using Codecov's public PGP Key.
Creating a GitHub App Integration
There are 2 paths for creating the required GitHub App Integration
Please ensure you have created the GitHub App following 1 of the methods above prior to continuing
Credentials
Once the GitHub App is created, a Client ID will be generated automatically by GitHub. Additionally you will need to generate a new Client Secret and private key for the App in the GitHub user interface.
Client ID and App ID
GitHub provides these 2 credentials by default on creation of the GitHub App.
Client Secret
Directly below the client id section of the GitHub App UI is the client secret section. Generate a new secret and copy the value for later transmission to your Codecov representative.
Private Keys
Near the bottom of the GitHub App UI, there is the option to generate a private key. This will allow you download a secret key (.pem file), which you will need to share with your Codecov representative. This is required for Codecov to properly authenticate and validate the author of the GitHub application.
Credentials Summary
Following the instructions above, you will now have all the credentials needed to allow Codecov to integrate with GitHub. The next step is to securely send your GitHub App credentials to your Codecov representative. Each required credential was called out above with instructions on how to obtain them. Please reach out with any questions.
Install App Integration to your organizations
Depending on your GitHub settings, you may have to install the Codecov GitHub App on any organizations that you wish to use it with. This can be done from the app settings screen. If you install the app prior to providing the app credentials to your Codecov representative, you may need to reinstall to ensure Codecov knows about your installation.
After setting up the app you can verify the installation on the organization's "Installed GitHub Apps" page.
Troubleshooting
- If you don't receive comments on Pull Requests for Repositories with the App Integration installed, visit the repo settings page for that particular repository on your Codecov Enterprise install:
For GitHub.com:
<your-codecov-url>/gh/<org-name>/><repo-name>/settings
For GitHub Enterprise:
<your-codecov-url>/ghe/<org-name>/><repo-name>/settings
Once there, check the "GitHub Webhook" section and press the "Create Web Hook" button if a webhook is not already set. Please send this value to your Codecov representative.
Updated about 1 year ago