Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Improving your workflow with the GitHub API

Keavy McMinn
October 11, 2017
660

Improving your workflow with the GitHub API

Keavy McMinn

October 11, 2017
Tweet

Transcript

  1. Personal Access Token • It’s a String (“f3e4b0c62a15dc2e5c…”) • Like

    a password • Functions like an OAuth token - broad permissions.
  2. Personal Access Token: Good Ideas! • Acting just as yourself

    • Authenticating over the API as yourself • One off cURL commands • Personal scripts
  3. Personal Access Token: Bad Ideas! • Setting up something for

    your whole team/company to use • Pretending to be a bot
  4. OAuth Application • It’s an application. • It needs to

    be hosted somewhere. • You grant it broad permissions, e.g. to your repositories.
  5. OAuth Application: Good Ideas! • Act as a GitHub user,

    across all of GitHub • Just identity - “login with GitHub”
  6. OAuth Application: Bad Ideas! • Doing stuff on a specific

    repository (but not the rest!) • Doing stuff that should be acting as the Application itself
  7. GitHub App • It’s an application. • It needs to

    be hosted somewhere. • You install it on specific repositories. • You grant it narrow permissions, e.g. to write issues
  8. GitHub App: Good Ideas! • The app needs to take

    actions, independently of a user • You only want to do stuff on specific repos • You want a direct connection to an Organization • You don't need to know and do everything the user can
  9. GitHub App: Bad Ideas! • Identity provider: "login with GitHub”

    • Only want to act as the GitHub user, in everything they can do.
  10. Script to fetch your contributions : ${GITHUB_TOKEN:=`git config github.token`} :

    ${GH_LOGIN:=`git config github.user`} # e.g. for PRs I opened that were merged query = "author:$GH_LOGIN+is:merged+is:pr" url="https://api.github.com/search/issues? access_token=$GITHUB_TOKEN&q=$query"
  11. 1. Register a GitHub App 2. Configure your app 3.

    Host it somewhere 4. Install it on the desired repos on GitHub 5. Steps to building a GitHub App
  12. What installations do I have? Who am I? What installations

    can I show this user? Give me a token for this installation.
  13. What installations do I have? Who am I? What installations

    can I show this user? Give me a token for this installation. Authenticate as the App
  14. payload = { iat: Time.now, exp: 10.minute.from_now, iss: ENV["GITHUB_APP_IDENTIFIER"] }

    JWT.encode payload, Config.private_key, "RS256" Configure your GitHub App App credentials
  15. @app_client.get "/app" Configure your GitHub App To make high-level API

    requests as the App https://developer.github.com/v3/apps/
  16. What repositories can I work with? What repositories can I

    show this user? What are the latest PRs in this repo? What members are in this team? What issues have mentioned this team lately?
  17. What repositories can I work with? What repositories can I

    show this user? What are the latest PRs in this repo? What members are in this team? What issues have mentioned this team lately? Authenticate as the installation
  18. @installation_client.get "/installation/repositories" Configure your GitHub App To make API requests

    for a specific installation https://developer.github.com/v3/apps/installations/
  19. post "/webhook" do case request.env['HTTP_X_GITHUB_EVENT'] when "installation" Demo::Installation.create_from_webhook( parsed_post_params["installation"] )

    end halt 200 end Configure your GitHub App https://developer.github.com/v3/activity/events/types/#installationevent
  20. https://developer.github.com/v3/search/#search-issues { "total_count": 280, "incomplete_results": false, "items": [ { "html_url":

    "https://github.com/batterseapower/pinyin-toolkit/issues/132", "number": 132, "title": "Line Number Indexes Beyond 20 Not Displayed", "user": { "login": "Nick3C", }, "labels": [ { "url": "https://api.github.com/repos/batterseapower/pinyin-toolkit/labels/bug", "name": "bug", "color": "ff0000" } ], "state": "open" } ] }
  21. https://developer.github.com/v3/search/#search-issues { "total_count": 280, "incomplete_results": false, "items": [ { "html_url":

    "https://github.com/batterseapower/pinyin-toolkit/issues/132", "number": 132, "title": "Line Number Indexes Beyond 20 Not Displayed", "user": { "login": "Nick3C", }, "labels": [ { "url": "https://api.github.com/repos/batterseapower/pinyin-toolkit/labels/bug", "name": "bug", "color": "ff0000" } ], "state": "open" } ] }
  22. def formatted_results(category, items) "\n### #{category} (#{items.count})\n" + # format each

    item end def formatted_result(item) # get the repo name for that item " * [x] [#{repo}##{item.number}](#{item.html_url}) #{item.title}" end Format the results
  23. def deliver!(content) status = 200 content_type :json { :response_type =>

    'in_channel', :text => content }.to_json end Send the results to a Slack App
  24. Prepare the content # Check for data from other tools,

    e.g. who’s on call via PagerDuty # Check for checkbox items from the previous week’s radar # Prepare the text bits: @title ||= "Radar: Week of #{Date.today}” @body << "What's up, #{team_name}? What happened? " + "What's about to happen? What's going on in your head? "
  25. Onboard new team member https://developer.github.com/v3/orgs/teams/ https://developer.github.com/v3/repos/collaborators/ • Add someone as

    a collaborator to certain repositories • Add them to certain teams (and/or the organization itself)
  26. PR approval process https://developer.github.com/v3/orgs/teams/ • At least 2 people have

    reviewed a PR • The PR has been reviewed by someone who didn’t write the code • Separate approval for the code AND deployment • A manager has approved it, on the 2nd Wednesday of the month
  27. PR approval process https://developer.github.com/v3/orgs/teams/ • At least 2 people have

    reviewed a PR • The PR has been reviewed by someone who didn’t write the code • Separate approval for the code AND deployment • A manager has approved it, on the 2nd Wednesday of the month
  28. PR approval process https://developer.github.com/v3/orgs/teams/ • At least 2 people have

    reviewed a PR • The PR has been reviewed by someone who didn’t write the code • Separate approval for the code AND deployment • A manager has approved it, on the 2nd Wednesday of the month
  29. List commits on a PR https://developer.github.com/v3/pulls/#list-commits-on-a-pull-request [ { "sha": "6dcb09b5b57875f334f61aebed695e2e4193db5e",

    "commit": { "url": "https://api.github.com/repos/octocat/Hello-World/git/commits/6dcb09b5", "message": "Fix all the bugs", }, "author": { "login": "octocat", "id": 1 } } ]
  30. List commits on a PR https://developer.github.com/v3/pulls/#list-commits-on-a-pull-request [ { "sha": "6dcb09b5b57875f334f61aebed695e2e4193db5e",

    "commit": { "url": "https://api.github.com/repos/octocat/Hello-World/git/commits/6dcb09b5", "message": "Fix all the bugs", }, "author": { "login": "octocat", "id": 1 } } ]
  31. List reviews on a PR https://developer.github.com/v3/pulls/reviews/#list-reviews-on-a-pull-request [ { "id": 80,

    "user": { "login": "octocat", "id": 1 }, "body": "Here is the body for the review." } ]
  32. List reviews on a PR https://developer.github.com/v3/pulls/reviews/#list-reviews-on-a-pull-request [ { "id": 80,

    "user": { "login": "octocat", "id": 1 }, "body": "Here is the body for the review." } ]
  33. Work back from the problem • I want an ‘at

    a glance’ view of current bugs. • I want to check what PRs my team should look into. • I want to know what my team is up to.