github enterprise auto upload publish SSH key
Hey folks! I'm curious if anyone has had any luck setting up https://registry.coder.com/modules/github-upload-public-key to automate uploading SSH keys to make git clone easier? I've got things mostly plumbed together as https://coder.com/docs/admin/external-auth#github-enterprise prescribes, but I keep getting 401 errors so I'm curious what I'm missing
Github Upload Public Key - Coder Registry
Automates uploading Coder public key to Github so users don't have to.
Solution:Jump to solution
Finally got it to work! I learned a couple things:
* https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/differences-between-github-apps-and-oauth-apps I originally had created a github app. Looking back at this, I think I might be able to get the github app to work, but 🤷 I have an oauth app working now
* When I posted last night I was missing
github_api_url completely. I initially tried https://github.example.com but this afternoon I realized I needed to use https://github.example.com/api/v3...26 Replies
<#1263374396844933182>
Category
Help needed
Product
Coder OSS (v2)
Platform
Linux
Logs
Please post any relevant logs/error messages.
During workspace startup, I see the following at the top of our startup logs
hi, could you send your main.tf over?
Could it be due to the incorrect configuration as highlighted in
https://github.com/coder/coder/pull/13780
GitHub
Clarify OAUTH2 configuration for Github Entrerprise by ggolin · Pul...
This change clarifies how to configure OAUTH2 configuration for Github Enterprise. Note that coder does not log any errors when the enterprise URL is set without the protocol scheme (https://). The...
@Phorcys do you mean the main.tf from our template? I can't share that since it includes a bunch of internal setup.
Or do you mean the main.tf referenced from https://registry.coder.com/modules/github-upload-public-key ? I followed the example towards the bottom of that page and added that to our template
Github Upload Public Key - Coder Registry
Automates uploading Coder public key to Github so users don't have to.
@Atif I think that's for using github for authenticating to coder (i.e. https://coder.com/docs/admin/auth ) vs their external auth (https://coder.com/docs/admin/external-auth ) ? I'm currently using
https:// in all the env vars that get set in our k8s argocd appset yaml file.
Yes. You are right.
Looks like I forgot to set the
github_api_url variable when I used the module! 🤦♂️
It's still not quite working, but the error code (406) makes more sense than what I was seeing before (401) because I can manually get a 406yes, I do mean that, but it seems you got on another track
if it is needed we might ask you to send a redacted template file, even over DMs if you're more comfortable with that
Solution
Finally got it to work! I learned a couple things:
* https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/differences-between-github-apps-and-oauth-apps I originally had created a github app. Looking back at this, I think I might be able to get the github app to work, but 🤷 I have an oauth app working now
* When I posted last night I was missing
github_api_url completely. I initially tried https://github.example.com but this afternoon I realized I needed to use https://github.example.com/api/v3Hi @tpottinger glad to know that you have found the solution. Please share your feedback if you think docs can be improved around this. What did you find confusing and what's missing. Also you are welcome to contribute to docs ❤️
@Atif the docs on https://coder.com/docs/admin/external-auth#github say "it's easier to configure a GitHub OAuth app!" but the screenshots are from a "GitHub App" not a GitHub "Oauth App". I suspect both are able to work, but the instruction "Install the App for your organization" only applies for GitHub Apps, not GitHub Oauth Apps. I wasn't able to convince our GHE admins to install the GitHub App, so idk if/what that step is necessary for.
Also, the docs on https://registry.coder.com/modules/github-upload-public-key reference
CODER_EXTERNAL_AUTH_0_SCOPES but I suspect that's only required for GitHub Oauth Apps? GitHub Apps need to configure permissions, and the docs on https://coder.com/docs/admin/external-auth#github includes a screenshot for "Permissions & events" that I think replaces the need for the _SCOPES env var. I'm not 100% sureGithub Upload Public Key - Coder Registry
Automates uploading Coder public key to Github so users don't have to.
And finally, an easy addition would be a note on https://registry.coder.com/modules/github-upload-public-key for Github Enterprise: adding the
github_api_url parameter in the example tf module usage is needed.Github Upload Public Key - Coder Registry
Automates uploading Coder public key to Github so users don't have to.