Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note

Note that this feature is supported from GitHub Enterprise version v2.14 and newer.

SeaLights GitHub App Setup

In order to benefit of the Pull Request Analysis, you will need to create a new Appon your Github Enterprise instance.

  • This app will be used by the Sealights Task Runner to push the information to your GitHub Entreprise instance.

The application will not require any access to your source code.It only requires:

  • Read access to metadata

  • Read and write access to checks

  • Website & Website hook must be filled in

The creation of the application is a pretty simple and straightforward procedure in GitHub Entreprise settings:

  1. Open your GitHub Settings > Developer Settings > Github Apps > New GitHub App page

  2. Specify the app ID based on the following, after the application has been created:

...

3. The following Private Key is to be downloaded and placed in the same folder as the TaskRunner agent:

...

4. Then, navigate to Install App, and choose an account to install the SeaLights app on:

...

5. Select “All Repositories” in the following screen

...

SeaLights Task Runner App Configuration

To report the Pull Request data to SeaLights, the Task Runner must be installed locally on the GitHub server, or on a server with access to the GitHub Enterprise instance:

  1. Download the Task Runner from the following link: https://

...

  1. agents.

...

  1. sealights.

...

  1. co/sl_task_runner/sl_task_runner-

...

  1. 4.

...

  1. 0.

...

  1. 2397.zip

  2. Prepare a configuration file to be used by the Task Runner in JSON format:

    • The GitHub Enterprise server properties in this configuration file should be defined within json property "github" as follows:

sl-taskrunner-cfg.json example:

Code Block
{
    "tokenFile": "config/sltoken.txt",
	"github":
        {
            "url": "https://github.internal.net:443/api/v3",
            "owner":"repo-owner",
            "repo":"reponame",
            "appId":1,
            "privateKeyFile":"config/github-private-key"
        }
}
  • The token to be used should be an Agent token

  • The value of the URL should be the on prem Github API url

  • Once the above steps have been completed, it’s time to run the task runner .jar file, specifying the configuration file created in the previous step:

info
Code Block
breakoutModewide
java -Dsl.config.file=config/sl-taskrunner-cfg.json -jar sl_task_runner.jar

It is also possible to pass the same parameters as Java properties, like in the example below

...

breakoutModewide

java

...

-Dsl.tokenFile=/path/to/sltoken.txt

...

-Dsl.github.url=http://github.internal.net:443

...

/api/v3 -Dsl.github.appId=<app

...

ID

...

assigned

...

to

...

SL

...

app>

...

-Dsl.github.privateKeyFile=</path/to/private-key-file>

...

-jar

...

sl_task_runner.jar

SeaLights GitHub App Setup

...

...

  • Read access to metadata

  • Read and write access to checks

  • Website & Website hook must be filled in

  • Specify the app ID based on the following, after the application has been created:

...

  • The following Private Key is to be downloaded and placed in the same folder as the TaskRunner agent:

...

Then, navigate to Install App, and choose an account to install the SeaLights app on:

...

  • Select “All Repositories” in the following screen

...

Info

See Task Runner Agent - Command Reference for full list of parameters

Configuring the pull request job

...

You create the Pull Request build session ID by using the SeaLights Java Build Scanner (See: Downloading the java agent files) with the prConfig option:

Code Block
java -jar sl-build-scanner.jar -prConfig {-token <arg> | -tokenfile <arg>} -appname <arg> -targetBranch <arg> -latestCommit <arg> -pullRequestNumber <arg> -repoUrl <arg> [-pi <arg>] [-pe <arg>]

Parameter

Description

token

Access token generated from the SeaLights server

tokenfile

Path to file containing the access token generated from the SeaLights server

appname

The name of the app the Pull Request is being merged to (as provided to SeaLights)

targetBranch

The name of the branch the Pull Request is being merged to (as provided to SeaLights)

latestCommit

The latest commit SHA of the Pull Request branch

pullRequestNumber

The Pull Request number that is being evaluated

repoUrl

The repository URL of the Pull Request and merged branches

pi, packagesincluded

Comma-separated list of packages to include in scan

Supports wildcards (* = any string, ? = any character). For example: 'com.example.* ,io.*.demo, com.?ello.world'

pe, packagesexcluded

Comma-separated list of packages to exclude from scan

Supports wildcards (* = any string, ? = any character). For example: 'com.example.* ,io.*.demo, com.?ello.world'

proxy

Address of proxy to run connection through

The
Note
Note

For Java applications, the packages included and excluded should be exactly the same as what was defined to SeaLights for the merged branch so that the compared results will be the same

Info

See prConfig - Command Reference for full parameter details in Java agent, node agent or via the Sealights Jenkins plugin.

Pull Request parameters explanation as seen in GitHub.com

...