Unable to sync private repo on GitHub enterprise

[joannenolan-sky]

Hi I am trying to integrate with Wuffle. I have created a GithubApp and connected it to a repository but I can't seem to access localhost:3000/board . I just get

Cannot GET /board

and terminal logs are

] 15:06:47.954Z  INFO http: GET /board 404 - 3.81 ms (id=1d6ca4b1-7b9c-40b1-90c6-2c639ff20bc5)

On startup I have noticed the following error which I believe is related

[dev:sync ] 15:01:22.369Z ERROR wuffle:background-sync: must declare <config.repositories> to let wuffle know which repositories should be synched in background

This was fixed by adding a wuffle.config.jsfile but I am still unable to access the /board. Am I missing a step somewhere?

[nikku]

Did you add your repositories to the config such as nikku/wuffle or the like?

[joannenolan-sky]

Yes I have added a test repository to wuffle.config.js. Is that the only place I need to add the repository? I am connecting to an Enterprise repository. When I run npm run start I get the following error

sync ] 09:26:14.602Z  INFO wuffle:background-sync: syncing project
09:26:14.603Z  INFO wuffle:org-auth: fetching auth (login=private-repo)
09:26:14.913Z ERROR wuffle:org-auth: (login=private-repo)
  failed to authenticate HttpError: 'Issued at' claim ('iat') must be an Integer representing the time that the assertion was issued
      at /Users/blah/repos/wuffle/packages/sync/node_modules/@octokit/request/lib/request.js:56:27
      at processTicksAndRejections (internal/process/task_queues.js:89:5) {
    name: 'HttpError',
    status: 401,
    headers: {
      'access-control-allow-origin': '*',
      'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, ' +
        'X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, ' +
        'X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, ' +
        'X-GitHub-Media-Type',
      connection: 'close',
      'content-length': '164',
      'content-security-policy': "default-src 'none'",
      'content-type': 'application/json; charset=utf-8',
      date: 'Wed, 29 May 2019 09:24:02 GMT',
      'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',
      server: 'GitHub.com',
      status: '401 Unauthorized',
      'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',
      'x-content-type-options': 'nosniff',
      'x-frame-options': 'deny',
      'x-github-media-type': 'github.machine-man-preview; format=json',
      'x-github-request-id': '[REDACTED]',
      'x-xss-protection': '1; mode=block'
    },
    request: {
      method: 'GET',
      url: 'https://api.github.com/app/installations?per_page=100',
      headers: {
        accept: 'application/vnd.github.machine-man-preview+json',
        'user-agent': 'octokit.js/16.25.0 Node.js/12.3.1 (macOS Sierra; x64)',
        authorization: 'Bearer [REDACTED]'
      },
      request: { retryCount: 1 }
    },
    documentation_url: 'https://developer.github.com/v3'
  }
09:26:14.913Z  WARN wuffle:background-sync: (repositoryName=private-repo/test-app)
  failed to synchronize open issues HttpError: 'Issued at' claim ('iat') must be an Integer representing the time that the assertion was issued
      at /Users/blah/repos/wuffle/packages/sync/node_modules/@octokit/request/lib/request.js:56:27
      at processTicksAndRejections (internal/process/task_queues.js:89:5) {
    name: 'HttpError',
    status: 401,
    headers: {
      'access-control-allow-origin': '*',
      'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, ' +
        'X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, ' +
        'X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, ' +
        'X-GitHub-Media-Type',
      connection: 'close',
      'content-length': '164',
      'content-security-policy': "default-src 'none'",
      'content-type': 'application/json; charset=utf-8',
      date: 'Wed, 29 May 2019 09:24:02 GMT',
      'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',
      server: 'GitHub.com',
      status: '401 Unauthorized',
      'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',
      'x-content-type-options': 'nosniff',
      'x-frame-options': 'deny',
      'x-github-media-type': 'github.machine-man-preview; format=json',
      'x-github-request-id': '[REDACTED]',
      'x-xss-protection': '1; mode=block'
    },
    request: {
      method: 'GET',
      url: 'https://api.github.com/app/installations?per_page=100',
      headers: {
        accept: 'application/vnd.github.machine-man-preview+json',
        'user-agent': 'octokit.js/16.25.0 Node.js/12.3.1 (macOS Sierra; x64)',
        authorization: 'Bearer [REDACTED]'
      },
      request: { retryCount: 1 }
    },
    documentation_url: 'https://developer.github.com/v3'
  }

[nikku]

What do you refer to as an enterprise repository?

[nikku]

Did you install the bot with that repository?

[joannenolan-sky]

I have :

• downloaded the wuffle repo
• ran the npm install and npm run dev steps
• added the "homepage": "https://github.com/nikku/wuffle.git", to the packages/sync/package.json
• Created the githubApp
• linked it to a single repo on an organization github
• created a tmp/storedump.json and wuffle.config.js
• this is just running locally Did I miss a step in the setup?

[nikku]

Did you install the bot with that repository?

You must give the bot access permissions to the repository or background synchronization won't work.

Go to https://github.com/apps/your-app-name and authenticate the bot accordingly.

[joannenolan-sky]

I am not getting that as an option as my organisation has SSO enabled on our repositories but I can't see how to enable that for the app

I was able to get the board working for a public repo in our organisation and authorise it so I think the SSO may be blocking me

[nikku]

I encourage you to try out whether it works on your own private repository.

I am not getting that as an option as my organisation has SSO enabled on our repositories but I can't see how to enable that for the app

With regards to SSO, could you point me to some documentation on GitHub that allows me to understand how that is configured? Do you guys use GitHub enterprise or GitHub.com?

[joannenolan-sky]

It does work on my own private repository as I have successfully set that up as well. We are using Github Enterprise

Here is the github page about SSO

[nikku]

Thanks for the clarification.

Can you verify the following things work:

• Logging in as a user
• New card created pops up on the board
• Moving the card cards on the board
• Card changes extenally (label added) updates the card on the board

As you posted, the following does not work:

• Authenticating the app against GitHub (cf. implementation) when performing a background sync

This may be due to the fact that the app has not been given access to that private GitHub repository.

[joannenolan-sky]

Signed into github, I can :

• connect to a personal private repo and move cards, add label etc using wuffle-app1
• connect to an open source repo within my organisation using wuffle-app2

Signed into github, I cannot :

• connect to a private repo within my organisation using wuffle-app2 I have added the repo to the app but I cannot add the app to the private organisation repo

[joannenolan-sky]

Hey. I updated with the latest code changes and created a new app. This worked perfectly first time so the issue can be closed