Creating a GitHub Configuration Source Provider
Create a configuration source provider in Resource Manager from GitHub.
Before You Begin
Following are the prerequisites to connect Oracle Cloud Infrastructure Resource Manager to GitHub.
- Private Git server: Network information is required to set up a private endpoint for use with the configuration source provider, including an SSL certificate. For more information, see Private Git Server.
- Public Git server: This server must be accessible over the internet using a public IP address.
- Resolvable URL: Ensure that Resource Manager can resolve the server URL. Ensure that the server is deployed with a well-known root certificate, such as
DigiCert
, so that OCI can trust its endpoint. - APIs: Your GitHub server must use GitHub APIs. An example of a GitHub server that doesn't meet this prerequisite is an Azure native GitHub solution (example).
- Network configuration for IP addresses: Configure your network to allow access from OCI
IP address ranges. Ensure that you include ranges for all relevant services, including the Oracle Services Network (tag:
OSN
). - Ingress rules: Enable network ingress rules on the VCN where the server is deployed to allow access from OCI IP addresses.
- Repository permissions: You must have admin or owner permissions for the repository.
- Personal access token (PAT): You must have a PAT to the server. To create a PAT, see the relevant guidance and documentation:
- The scope
repo
(which includesrepo:status
,repo_deployment
, andpublic_repo
) is required for use with Resource Manager. See https://docs.github.com/en/free-pro-team@latest/github/authenticating-to-github/creating-a-personal-access-token - For GitHub Enterprise Cloud, single sign-on (SSO) must be enabled on the PAT. See Authenticating with SAML single sign-on (GitHub site).
Note
Resource Manager reads the customer's repository content but doesn't push changes to the repository. - The scope
Importing an Existing Certificate
To access a private GitHub server, make its associated SSL certificate available in the OCI Certificates service.
For more information about the Certificates service, see Certificates.
After the certificate is in the Certificates service, you can select it along with a private endpoint when you create the configuration source provider.
After completing all the prerequisites, follow these steps in the Console to create a configuration source provider from GitHub. Use the
oci resource-manager configuration-source-provider create-github-access-token-provider
command and required parameters to create a configuration source provider from GitHub.oci resource-manager configuration-source-provider create-github-access-token-provider --access-token <personal_access_token> --api-endpoint <GitHub_service_endpoint>
For a complete list of parameters and values for CLI commands, see the Command Line Reference for Resource Manager.
Run the CreateConfigurationSourceProvider operation to create a configuration source provider from GitHub.
For an example of the
configSourceProviderType
part of the request, see CreateGithubAccessTokenConfigurationSourceProviderDetails.