Skip to content
/ heroku-buildpack-github-netrc Public
forked from timshadel/heroku-buildpack-github-netrc

Heroku buildpack to access private Github repos over HTTPS without storing user/pass in your files.

0 stars 56 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

poegroup/heroku-buildpack-github-netrc

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
bin
bin
 
 
lib
lib
 
 
support
support
 
 
README.md
README.md
 
 

Repository files navigation

Heroku buildpack: Github private repo access via ~/.netrc

This buildpack uses a Github OAuth2 token exposed as GITHUB_AUTH_TOKEN to resolve private repository URLs without putting a specific username or password in the URLs saved in local files (e.g. package.json).

See Easier builds and deployments using Git over HTTPS and OAuth and Github OAuth — Non-web Application Flow for more detail. Also, you may want to choose a user with read-only access.

If you use this in conjunction with the labs:pipeline feature of Heroku, you may avoid setting the GITHUB_AUTH_TOKEN environment variable on your test & prod apps, and instead only set it on the app where you push your code & which runs the buildpack.

Requirements

You'll need to make a Github authorization token. Here's the curl command you can use.

$ curl -u 'my-read-only-user' -d '{"scopes":["repo"],"note":"GITHUB_AUTH_TOKEN for Heroku deplyoments","note_url":"https://github.com/timshadel/heroku-buildpack-github-netrc"}' https://api.github.com/authorizations  # Github API call
Enter host password for user 'username':  [type password]

{
  "scopes": [
    "repo"
  ],
  "token": "your_token",
  "app": {
    "url": "http://developer.github.com/v3/oauth/#oauth-authorizations-api",
    "name": "Help example (API)"
  },
  "url": "https://api.github.com/authorizations/123456",
  "note": "GITHUB_AUTH_TOKEN for Heroku deplyoments.",
  "note_url": "https://github.com/timshadel/heroku-buildpack-github-netrc",
  "id": 123456,
}

This token may be revoked at any time by visiting the Applications area of your Github account. You'll see the note linked to the note_url and the revoke button right next to it.

Check out the Github help article and OAuth documentation for more details.

Usage

Example usage:

$ heroku create --buildpack https://github.com/fs-webdev/heroku-buildpack-netrc.git

Set the token.

$ heroku config:set GITHUB_AUTH_TOKEN=<my-read-only-token>

Deploy your app.

$ git push heroku master  # push your changes to Heroku

...git output...

-----> Fetching custom git buildpack... done
-----> Multipack app detected
=====> Downloading Buildpack: https://github.com/timshadel/heroku-buildpack-github-netrc.git
=====> Detected Framework: github-netrc
       Generated .netrc & .curlrc files (available only at build-time)
       Github User:   my-read-only-user
       Authorization: GITHUB_AUTH_TOKEN for Heroku deplyoments (private repo access)
       Organizations: my-org, another-org

About

Heroku buildpack to access private Github repos over HTTPS without storing user/pass in your files.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Ruby 88.0%
  • Shell 12.0%