GitHub Auth
First, you'll need to create a GitHub OAuth app for your organisation.
Creating a GitHub OAuth app
From GitHub, click on your profile picture and chose "Settings":
Then "Developer settings" from the left-hand menu:
Then "OAuth Apps":
And create a new OAuth app:
Give it a name, and a homepage URL. The authorization callback is the important bit. It needs to be in this form:
[your-nx-cloud-url]/auth/github/callback
Once you create, keep a note of the Client ID:
And then generate a new client secret, and save it somewhere secure (we'll use it in a bit):
Configure Nx Cloud Installation
Using Helm:
image:
tag: 'latest'
nxCloudAppURL: 'https://nx-cloud.myorg.com'
github:
auth:
enabled: true
secret:
name: 'cloudsecret'
nxCloudMongoServerEndpoint: 'NX_CLOUD_MONGO_SERVER_ENDPOINT'
githubAuthClientId: 'GITHUB_AUTH_CLIENT_ID'
githubAuthClientSecret: 'GITHUB_AUTH_CLIENT_SECRET'
Note that the secret must contain GITHUB_AUTH_CLIENT_ID
and GITHUB_AUTH_CLIENT_SECRET
( see Nx Cloud Helm Charts for more context).
Not using Helm:
Provide the following env variables to the nx-cloud-api
container:
GITHUB_AUTH_CLIENT_ID
GITHUB_AUTH_CLIENT_SECRET
If you are running Nx Cloud as a single container, the two env vars should be provisioned for that container.
GitHub Enterprise
If you are running an on-premise version of GitHub (Enterprise Server), you will need to configure one additional environment variable:
GITHUB_API_URL=https://custom-github-instance.com
This will point all auth endpoints to your GitHub server (rather the public one).
Good to know!The above environment variable, also helps with setting up the GitHub app integration, so you can have Nx Cloud build stats directly on your pull request. See full set up instructions here.