Setting Up a GitHub App

PreviousCloud Builder NextSetting Up a GitLab App

Last updated 2 years ago

Was this helpful?

Setting Up a GitHub App

If GitHub is your VCS provider, you must create a and install it on the repositories that Garden Cloud should have access to. The app will be used to authenticate users, import projects, run workflows on GitHub events (e.g. when a pull request is opened), and more.

Note that you must create a GitHub App, not an Oauth App.

The relevant GitHub App properties (e.g. App ID and private key) will be provided to Garden Cloud. See for more.

Creating the GitHub App

Please refer to the for up to date instructions on creating a GitHub App. Once you're at the "Create GitHub App" page, fill in the appropriate values as described below.

Basic information

GitHub App name

You can choose your own app name and description.

Homepage URL

You can choose which URL you set here but we recommend using the for Garden Enterprise. For Garden Cloud, you will receive your main URL from the Garden Team.

Identifying and authorizing users

Callback URL

The for Garden Enterprise along with the path /github/callback. For Garden Cloud, you will receive your main URL from the Garden Team.

For example:

https://<main-url>/github/callback

Expire user authorization tokens

Unselect.

Request user authorization (OAuth) during installation

Select.

Post Installation

Skip.

Webhook

Active

Select.

Webhook URL

For example:

https://<main-url>/api/webhooks

Webhook secret

The webhook secret is required for Garden Cloud, even though it's marked as optional by GitHub. The value you provide here will also be used during the installation of Garden Cloud. Note that you can always look it up from the GitHub App page later.

SSL verification

Select "Enable SSL verification".

Repository Permissions

Permission

Access

Checks

Read & write

Content

Read-only

Issues

Read-only

Metadata

Read-only

Pull requests

Read & write

Webhooks

Read & write

Organization Permissions

Permission

Access

Members

Read-only

User Permissions

Permission

Access

Email Addresses

Read-only

Event Subscriptions

The GitHub App should subscribe to the following events:

Check Run
Check Suite
Issue Comment
Pull Request
Push

Installing the GitHub App

We recommend that you only install the GitHub App on the repositories that Garden Cloud should have access to, as opposed to the entire organization. This is because Garden Cloud will receive events from all the repositories the GitHub App is installed on which may result in unnecessary traffic. Furthermore, it's good practice to only grant the minimum levels of access required.

Note that the access token only works for clones over HTTPS. If your workflow runs require remote sources to be cloned over SSH, you will still need to configure git specifically for that.

Required Values for Garden Cloud

You'll need to have the following values from your GitHub App at hand when installing Garden Cloud:

App ID and Client ID (see top of the app page)
A generated Client secret (see top of the app page)
The user generated webhook secret
A generated Private key (see bottom of app page)

PreviousCloud Builder NextSetting Up a GitLab App

Last updated 2 years ago

Was this helpful?

Note that you must create a GitHub App, not an Oauth App.

The relevant GitHub App properties (e.g. App ID and private key) will be provided to Garden Cloud. See for more.

Creating the GitHub App

Please refer to the for up to date instructions on creating a GitHub App. Once you're at the "Create GitHub App" page, fill in the appropriate values as described below.

Basic information

GitHub App name

You can choose your own app name and description.

Homepage URL

You can choose which URL you set here but we recommend using the for Garden Enterprise. For Garden Cloud, you will receive your main URL from the Garden Team.

Identifying and authorizing users

Callback URL

The for Garden Enterprise along with the path /github/callback. For Garden Cloud, you will receive your main URL from the Garden Team.

For example:

https://<main-url>/github/callback

Expire user authorization tokens

Unselect.

Request user authorization (OAuth) during installation

Select.

Post Installation

Skip.

Webhook

Active

Select.

Webhook URL

The for Garden Enterprise along with the path /api/webhooks. For Garden Cloud, you will receive your main URL from the Garden Team.

For example:

https://<main-url>/api/webhooks

Webhook secret

SSL verification

Select "Enable SSL verification".

Repository Permissions

Permission

Access

Checks

Read & write

Content

Read-only

Issues

Read-only

Metadata

Read-only

Pull requests

Read & write

Webhooks

Read & write

Organization Permissions

Permission

Access

Members

Read-only

User Permissions

Permission

Access

Email Addresses

Read-only

Event Subscriptions

The GitHub App should subscribe to the following events:

Check Run
Check Suite
Issue Comment
Pull Request
Push

Installing the GitHub App

The GitHub App must be installed on all the repositories that Garden Cloud should have access to. This includes repositories that are referenced as remote sources in your Garden projects. Please follow the for installing the app.

Note that the access token only works for clones over HTTPS. If your workflow runs require remote sources to be cloned over SSH, you will still need to configure git specifically for that.

Required Values for Garden Cloud

You'll need to have the following values from your GitHub App at hand when installing Garden Cloud:

App ID and Client ID (see top of the app page)
A generated Client secret (see top of the app page)
The user generated webhook secret
A generated Private key (see bottom of app page)