Introducing: GitHub Apps authentication

Introducing: GitHub Apps authentication

The most popular Git integration in Buddy has just become more flexible and powerful than ever thanks to the newly introduced support for GitHub Apps authentication. Although creating new projects with GitHub-hosted repositories has always been just a few clicks away, now, with GitHub Apps, you can fine-tune the way Buddy works with your repos exactly to what you want.

Upon creating a new project, you can precisely define the repositories that you want to give Buddy access to. Thanks to the granular nature of this model, you can allow Buddy to access all repositories within your organization, select just a few of them, or specify a single repo you want to create pipelines for. The choice is yours!

What’s more, the new integration separates the permissions that Buddy requires when using GitHub to sign in to Buddy from the permissions required to create CI/CD flows. Now, signing up and signing in to Buddy with GitHub accounts is handled by the GitHub OAuth app, which narrows down the access requirements to the user’s email address only - a feature that many Buddy users have requested.

Repository access is now a separate matter, handled through GitHub Apps: users are asked to give Buddy such access only if they decide to create a new project for a GitHub repository.

What you need to know

  • The projects that you've created so far continue to use the legacy OAuth integration with GitHub and don’t require any action from the user.
  • Any new project that you add, however, will use the new integration setup. This means that you’ll need to give Buddy a permission to access your GitHub account and work with your repos.

How it works

Adding new projects is just as easy as it ever was. First, click Create a new project. In the Git provider selection menu, you’ll see that no GitHub integration is available even if you have created projects for GitHub repositories in the past.

Click the plus icon to add a project with the new GitHub Apps integration:

Image loading...Creating a new project in Buddy

In the popup window, click Authorize Buddy:

Image loading...Permission requirements screen

Next, select which organizations should be available to use in Buddy:

Image loading...Selecting GitHub organizations

Finally, select whether you want to give Buddy access to all your repositories within the selected organization, or if you want to limit the permissions to a single repository. Confirm your choice by entering your GitHub password:

Image loading...Selecting the scope of repository access

Once you’re done, define the name of your Buddy project and choose the repository you want to use:

Image loading...Repository selection screen in Buddy

What about Buddy Self-Hosted?

The new GitHub Apps integration comes to Buddy Self-Hosted, too. Your existing projects don’t require any action as they continue to use the legacy OAuth integration. However, starting with version 2.4.27 of Buddy, you must configure a GitHub App to create new projects for your GitHub / GitHub EE repositories.

What’s next?

The new GitHub integration opens up some exciting possibilities, such as harnessing the power of GitHub’s Checks API that will allow us to send even more detailed commit statuses to GH. We’ll keep you posted!

Warning
Buddy is 100% customer-driven. If there’s a feature or integration you miss, drop a line to our live-chat or directly at support@buddy.works.
Tomek Papiernik

Tomek Papiernik

Technical Writer

A philologist with a knack for technology, a technical writer by trade. Dedicated himself to guiding his audience through the labyrinths of technology using everything at hand to make the journey smooth and fruitful. In his spare time, he's an amateur musician dreaming of recording a platinum album.

Nov 8th 2021
Share