Copilot GitHub App setting

github-copilot-resources / copilot-metrics-viewer

Tool to visualize the Copilot metrics provided via the Copilot Business Metrics API (current in public beta)

https://copilot-metrics-viewer-gthcc5cmd9ebf2ff.westeurope-01.azurewebsites.net/

MIT License

308 stars 155 forks source link

Copilot GitHub App setting #112

Open pejmanmohammadi opened 1 week ago

pejmanmohammadi commented 1 week ago

Hi Guys, I hope you are doing well, To create a GitHub app for authentication, do we know what the value of GitHub App fields like Callback URL and Permissions that should selected for the app in the Permissions part? And besides the GitHub App, do we still need to create an Access Token in the .env file?

I want to have a secure deployment since after running the container, the content of the .env file is available as plain text in this path localhost:/assets/app-config.js

@martedesco & @karpikpl Thanks for your help

karpikpl commented 1 week ago

Hey, For permissions, callback - please check https://github.com/github-copilot-resources/copilot-metrics-viewer/blob/main/DEPLOYMENT.md#github-app-registration

Once you use GitHub App, you don't need to provide the token.

For deploying a secure app, those are your options (described in more details here: https://github.com/github-copilot-resources/copilot-metrics-viewer/blob/main/DEPLOYMENT.md)

Deploy with PAT in the backend - metrics are visible to anyone accessing the website, but tokens are hidden
Deploy with PAT in the backend, authentication in the frontend - people have to login, token is hidden. It can be easily achieved in Azure Web Apps or Container Apps using the authentication option.
Deploy with GitHub App - only people with copilot metrics permissions will see the metrics, tokens are not exposed.

pejmanmohammadi commented 15 hours ago

Hi Piotr I hope you are doing well. It was really helpful. Now, the only thing that I need to set is the Callback URL inside the GitHub app, and I need your help. For example, if our URL is copilot.test.com http://copilot.test.com, what should I put for the Callback, and should I add some other environment variables related to the callback URL to run the container. Our GitHub is integrated with Okta SSO and we are deploying the app through the EKS. with the local test, everything was worked but with the real one, i got the error which I attached in the latest comment Thanks for your help Pejman Mohammadi

pejmanmohammadi commented 15 hours ago

I got this when i added the callback URL



The redirect_uri is not associated with this application.

The application might be misconfigured or could be trying to redirect you to a website you weren't expecting.

karpikpl commented 7 hours ago

Hey, the callback should be "your app URL as seen in the browser"/callaback.

In case of my deployments, I use azure container apps and the callback has the following format:

http://<YOUR Container APP URL>.azurecontainerapps.io/callback
https://<YOUR Container APP URL>.azurecontainerapps.io/callback

I don't think there should be any issues with authentication, callback is just where github will redirect you in the browser, it's not an API call

karpikpl commented 7 hours ago

oh, and usually you can capture the callback in dev tools - just see what it was when you got the error and add it to your app :)