GitHub

Guide on integrating GitHub with Ketryx

1. Introduction

1.1. Purpose

This guide provides an introduction to the integration of GitHub with Ketryx. Our focus is on outlining the process of setting up this integration, utilizing Personal Access Tokens (PAT), to enhance your software development practices. This guide will walk you through the steps required to establish a connection between GitHub and Ketryx.

1.2. Tools

Tools used to develop and release a product with Ketryx Lifecycle Management are provided in MAN-01 Ketryx Lifecycle Management. The release process is described in detail in MAN-02 Software Release Process, while setting up code repositories is described in MAN-03 Supply Chain Management.

2. Repository access

The integration process with GitHub varies slightly depending on whether you are working with public or private repositories. Here's a breakdown of the key differences:

2.1. Public Repositories

Accessibility: Public repositories are open to the public, meaning that anyone can view the repository content and its history.
Integration Setup: For public repositories, the setup process for integrating with Ketryx is generally straightforward. You do not need to use a Personal Access Token for basic integration tasks, such as SOUP dependency analysis.
Data Retrieval: Accessing publicly available data from GitHub, like pull requests or code changes still need a Personal Access Token to access GitHub's API.

2.2. Private Repositories

Accessibility: Private repositories restrict access to authorized individuals or collaborators. Only those with permission can view and interact with the repository.
Integration Setup: When integrating with private repositories, you typically require a PAT. This token ensures secure and authorized communication between GitHub and Ketryx for tasks like SOUP dependency analysis and Code Change Reviews.

It's important to consider your repository's visibility when setting up the integration, as public and private repositories have distinct access requirements. The integration guide provides specific instructions based on the type of repository you are working with, ensuring a seamless and secure integration experience.

3. Access tokens

3.1. Creating a Personal Access Token (classic) for GitHub

Please see GitHub's documentation or follow the following steps to create a PAT:

Go to your GitHub account settings
Navigate to Developer settings and then Personal access tokens
Click on Generate new token (classic)
Give your token a relevant name and select the desired scopes for access, but at least:
1. repo
2. read:user
Click Generate token and make sure to copy it immediately, as it won't be shown again

This token will serve as the authentication method to fetch both Pull Request data and the Git repository for SOUP dependency analysis from GitHub.

When entering the authentication credentials in Ketryx, the username has no effect, but the password should be the PAT.

3.2. Creating a fine-grained Personal Access Token for GitHub

Please see GitHub's documentation for more information on how to create a fine-grained PAT.

NOTE: Make sure to choose the right organization as the Resource owner. On the screenshot below, fine-grained Personal Access Token will grant certain permissions only on the repositories owned by the Ketryx organization. In your case, the Resource owner will most likely be your organization (the company you are working for).

The following Read-only permissions are required for the integration with Ketryx:

Contents
Metadata
Pull requests

It should look like this: