Automate the creation of GitHub Enterprise eval server
npearce opened this issue · 4 comments
Document the process to spin up a new GitHub Enterprise eval service, license it (45-day eval license), and provision it with:
- webhook configration
- user account for webhook server callback to deployment repo
- creation of service template examples
Some thoughts:
Document the process to spin up a new GitHub Enterprise eval service, license it (45-day eval license), and provision it with:
The licensing is approved manually and issued, so this could be a chokepoint in full automation. However, once you have the license, the upload is available via the API:
webhook configration
Are there specific events you're looking to configure for webhook events?
user account for webhook server callback to deployment repo
We don't have a POST endpoint to the api for user creation, however here's a dirty workaround using curl to send a post to the first user creation screen:
$EC2_IP correlates to the hostname of GitHub Enterprise
$1 = github username you wish to define
$2 = email address for user
$3 = password
echo "Creating first GitHub Enterprise administrator account"
TEMPDIR=`mktemp -d /tmp/XXXXXXXXXXXXX`
echo $TEMPDIR
# Check if the join endpoint is up and running
curl -iskL https://$EC2_IP/join | grep 'Status: 200 OK'
curl -k -v -L -c $TEMPDIR/cookies https://$EC2_IP/login > $TEMPDIR/github-curl.out
authenticity_token=$(grep 'name="authenticity_token"' $TEMPDIR/github-curl.out | head -1 | sed -e 's/.*value="\([^"]*\)".*/\1/')
curl -X POST -k -v -b $TEMPDIR/cookies -c -L $TEMPDIR/cookies \
-F "authenticity_token=$authenticity_token" \
-F "user[login]=$1" \
-F "user[email]=$2" \
-F "user[password]=$3" \
-F "user[password_confirmation]=$3" \
-F "source_label=Detail Form" \
https://$EC2_IP/join >$TEMPDIR/github-curl.out 2>&1
cat $TEMPDIR/github-curl.out
grep "< Set-Cookie: logged_in=yes;" $TEMPDIR/github-curl.out
rm -rf $TEMPDIR
creation of service template examples
Assuming this is a big-ip thing?
@webdog
That cover bullet 2 nicely! Thanks.
#3 (BIG-IP Service Definition templates) I can cover by sharing a repo on github.com, which an administrator can download and then change the remote to their GitHub Enterprise, like with these instructions: https://help.github.com/articles/changing-a-remote-s-url/
Hmmm, feels like we're getting there...
@npearce Sounds great!
What are your thoughts around a Service Template being around only as long as a Pull Request is opened?
User opens PR -> Webhook to BIG IP, create service template for architecture and rules
User updates PR with new commits -> BIG IP examines the commit object for any necessary changes to the template (Maybe a port being updated in an application?
User closes/merges PR -> The environment is shut down
Ok!!! This is exactly where my head is at! I’m looking at ephemeral entry points, or entry template representations of such, so long as I’m solid with the source of truth being in the GitHub repo.
The first rule of IaC club is, never look at the “I” to understand the truth.