Introducing: GitHub Apps authentication

The most popular Git integration in Buddy has just become more flexible and powerful than ever thanks to the newly introduced support for GitHub Apps authentication. Although creating new projects with GitHub-hosted repositories has always been just a few clicks away, now, with GitHub Apps, you can fine-tune the way Buddy works with your repos exactly to what you want.

Upon creating a new project, you can precisely define the repositories that you want to give Buddy access to. Thanks to the granular nature of this model, you can allow Buddy to access all repositories within your organization, select just a few of them, or specify a single repo you want to create pipelines for. The choice is yours!

What’s more, the new integration separates the permissions that Buddy requires when using GitHub to sign in to Buddy from the permissions required to create CI/CD flows. Now, signing up and signing in to Buddy with GitHub accounts is handled by the GitHub OAuth app, which narrows down the access requirements to the user’s email address only - a feature that many Buddy users have requested.

Repository access is now a separate matter, handled through GitHub Apps: users are asked to give Buddy such access only if they decide to create a new project for a GitHub repository.

What you need to know

• The projects that you've created so far continue to use the legacy OAuth integration with GitHub and don’t require any action from the user.
• Any new project that you add, however, will use the new integration setup. This means that you’ll need to give Buddy a permission to access your GitHub account and work with your repos.

How it works

Adding new projects is just as easy as it ever was. First, click Create a new project. In the Git provider selection menu, you’ll see that no GitHub integration is available even if you have created projects for GitHub repositories in the past.

Click the plus icon to add a project with the new GitHub Apps integration:

Creating a new project in Buddy

In the popup window, click Authorize Buddy:

Permission requirements screen

Next, select which organizations should be available to use in Buddy:

Selecting GitHub organizations

Finally, select whether you want to give Buddy access to all your repositories within the selected organization, or if you want to limit the permissions to a single repository. Confirm your choice by entering your GitHub password:

Selecting the scope of repository access

Once you’re done, define the name of your Buddy project and choose the repository you want to use:

Repository selection screen in Buddy

What about Buddy On-Premises?

The new GitHub Apps integration comes to Buddy On-Premises, too. Your existing projects don’t require any action as they continue to use the legacy OAuth integration. However, starting with version 2.4.27 of Buddy, you must configure a GitHub App to create new projects for your GitHub / GitHub EE repositories.

What’s next?

The new GitHub integration opens up some exciting possibilities, such as harnessing the power of GitHub’s Checks API that will allow us to send even more detailed commit statuses to GH. We’ll keep you posted!