Changes

GitHub

614 bytes removed, 17:48, 29 January 2018

update 3rd party app process & repo move

{{note|Some 3rd party apps use GitHub as an OAuth identity provider for their website (e.g. for a dashboard). An ''OAuth Application'' will block the installation process if the app is not already approved. The "Request access" block is what this section describes.|gotcha}}

3rd party applications can easily impact many other repositories than the initial one. For that reason, the following steps are strongly encouraged. Note that there are three ways 3rd party apps can be associated with the entire organization, or a specific repository:~~# via a manually configured webhook. This~~ Each type of has it's own installation ~~is not automatically affected by the other approaches.# via an "GitHub App" (nee integration), which is connected by "Installing" it into the target. Both of those steps require an "owner" to perform~~and approval process. Please ~~open a bug. (This is~~ follow the ~~new, preferred way.)# via granting access via OAUTH tied to~~ instructions in the installer's credentials. Please open a bug. Some services will OAuth just as an Identitdy Provider for access to a dashboard on their site. You only need to file if you get to a "Request access" promptcorrect section below.

==== GitHub Apps Installation & Approval Process ====

~~You can help speed up~~ GitHub Apps (formerly called "integrations") are "Installed" into either the ~~approval process by opening~~ entire organization, or into individual repositories. Each integration has a ~~bug as the way~~ documented, granular, access to ~~contact~~ various of the ~~owners and provide answers to~~ repository resources. This is good. However, the ~~questions they will~~ GitHub App installation can only be done by an organization owner, who may have to do additional housekeeping. This is not so good, so please plan accordingly (~~the~~ you may need to coordinate with [[#contact|GitHub owners ~~will open a bug for a security review if needed~~]]):. * ~~Use~~ File a request using this [https://bugzilla.mozilla.org/enter_bug.cgi?cc=gene%40mozilla.com&comment=I%20want%20to%20use%20the%20NAME_HERE%20addon%20in%20ORG_NAME_HERE%20for%20the%20following%20reasons%3A%0D%0A%0D%0ABelow%20are%20my%20answers%20to%20your%20stock%20questions%3A%0D%0A%0D%0A%2A%2A%20Which%20repositories%20do%20you%20want%20to%20have%20access%3F%20%28all%20or%20list%29%0D%0A%0D%0A%2A%2A%20Are%20any%20of%20those%20repositories%20private%3F%0D%0A%0D%0A%2A%2A%20Provide%20link%20to%20vendor%27s%20description%20of%20permissions%20needed%20and%20why%0D%0A%0D%0A%2A%2A%20Provide%20the%20Install%20link%20for%20a%20GitHub%20app%0D%0A&component=Github%3A%20Administration&product=mozilla.org&short_desc=Assess%20use%20of%20external%20addon%20NAME_HERE%20in%20Mozilla%27s%20GitHub%20organization%20ORG_NAME_HERE bug template]

* Include answers to these questions:

** Which repositories do you want to have access? (all or list)

** Provide installation instructions (both may be needed):

*** For GitHub Apps, the "install" link

*** For OAuth apps, request the approval of the app for the organization (part of their workflow).

~~==== GitHub Apps ====~~

GitHub Apps (formerly called "integrations") are "Installed" into either the entire organization, or into individual repositories. Each integration has a documented, granular, access to various of the repository resources. This is good.

However, the GitHub App installation can only be done by an organization owner, who may have to do additional housekeeping. This is not so good, so please plan accordingly (you may need to coordinate with [[#contact|GitHub owners]]).

===== Initial Installation =====

* Authorizing an application to work with GitHub utilizes the permissions your account has -- so, any repositories you have access to the application will have access to as well (including private ones). If you want to grant access to an application that no one else has used with the Mozilla organization yet you'll see a "Request access" button during the set up flow. You'll need to click that button to request approval. See below for an example:

[[File:github_approval.png]]

* In some cases, the application does not need to be "approved" to function correctly, as it has read only access to any public repository. (Some applications only want write access to help you configure the application first time.)

* In other cases, the application does need write permission, and/or permission to read a private repository. In these cases, ~~it is helpful to send the details to the owner's team, either by~~ open a bug using [https://bugzilla.mozilla.org/enter_bug.cgi?cc=gene%40mozilla.com&comment=I%20want%20to%20use%20the%20NAME_HERE%20addon%20in%20ORG_NAME_HERE%20for%20the%20following%20reasons%3A%0D%0A%0D%0ABelow%20are%20my%20answers%20to%20your%20stock%20questions%3A%0D%0A%0D%0A%2A%2A%20Which%20repositories%20do%20you%20want%20to%20have%20access%3F%20%28all%20or%20list%29%0D%0A%0D%0A%2A%2A%20Are%20any%20of%20those%20repositories%20private%3F%0D%0A%0D%0A%2A%2A%20Provide%20link%20to%20vendor%27s%20description%20of%20permissions%20needed%20and%20why%0D%0A%0D%0A%2A%2A%20Provide%20the%20Install%20link%20for%20a%20GitHub%20app%0D%0A&component=Github%3A%20Administration&product=mozilla.org&short_desc=Assess%20use%20of%20external%20addon%20NAME_HERE%20in%20Mozilla%27s%20GitHub%20organization%20ORG_NAME_HERE ~~opening a~~ this template].** Please be sure to have clicked the "Request Approval" link before submitting bug] .* Include answers to these questions:** Which repositories do you want to have access? (all or ~~[[#contact|email]].~~list)** Are any of those repositories private?** Provide link to vendor's description of permissions needed and why** Provide installation instructions (both may be needed):

=== Reviewing owners and permissions ===

If you have created a repo on your own account (for example, myuser/myrepo) and it should live under the Mozilla organization, here are the steps:

{{note|As soon as you transfer, your repository will be in "limbo" (only you will have write access) ~~until~~ . An automated process should grant you ~~get the assistance of an~~ "admin" access within a few minutes. If that does not happen, please [[#contact|org admin]] who can make ~~the changes~~that change. Please plan in advance if timing is critical.}}

# If you're not a member of any team, talk to an [[#contact|org admin]].

Hwine

Confirm

1,351

edits

Changes

GitHub

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

How to Contribute

MozillaWiki

Around Mozilla

Tools