Skip to main content

Integrate a Self hosted Git server with IDEs

If you are using a managed (SaaS) Git service provided by Bitbucket, GitHub, Gitlab or Azure DevOps, you do not need to configure this integration as these are already configured out-of-the-box by Conveyor.

If you are using a self-managed version you do need to allow Conveyor IDEs to access your Git repositories. Conveyor makes use of the git-credential-oauth tool for accessing Git repositories, as it has several advantages for enterprise environments:

  • protection against token theft
  • automatic support for popular hosts
  • cloning of public repositories without setup

Prerequisites

This setup requires that your Git server supports the OAuth flow and your Git server is network-accessible from Conveyor.

In order to configure this setup, you will need to perform two steps:

  • Create an OAuth application on your Git server
  • Configure the OAuth credentials (e.g. clientId, clientSecret) in Conveyor IDEs using either environment variables or Git configuration.

Create an OAuth application

In order for Conveyor IDEs to access your Git repository, you need to create an OAuth application. This will allow Conveyor IDEs to use your credentials to access your Git repository.

When creating an OAuth application, two settings need be configured:

  • The callback url will be redirected to after successfully obtaining a token. For Conveyor this setting should be: https://app.conveyordata.com/api/v2/ide/callback. This URL is unique to Conveyor IDEs as our backend needs to forward the redirect to the correct IDE instance.
  • read, write permissions to your repository should be provided. This allows you to manage your Git repository when using a Conveyor IDE.

After creating the OAuth application with these settings, you will obtain a key and secret for the application, which you need in the next step.

Configuring the OAuth credentials in Conveyor IDEs

The git-credential-oauth tool supports two ways for configuring custom hosts: environment variables and Git configuration. Using the custom IDE configuration or IDE base images, the following properties can be set:

git config --global credential.https://<gitHost>.oauthClientId <CLIENTID>
git config --global credential.https://<gitHost>.oauthClientSecret <CLIENTSECRET>
git config --global credential.https://<gitHost>.oauthScopes read_repository write_repository
git config --global credential.https://<gitHost>.oauthAuthURL /oauth/authorize
git config --global credential.https://<gitHost>.oauthTokenURL /oauth/token

In this example the gitHost is the hostname of your Git server (e.g: gitlab.dataminded.com).

You can set these properties as follows using the buildSteps block in the IDE configuration:

buildSteps:
  - name: Set OAuth application configuration for custom host
    cmd: |
      git config --global credential.https://<gitHost>.oauthClientId <CLIENTID>
      git config --global credential.https://<gitHost>.oauthClientSecret <CLIENTSECRET>
      git config --global credential.https://<gitHost>.oauthScopes read_repository write_repository
      git config --global credential.https://<gitHost>.oauthAuthURL /oauth/authorize
      git config --global credential.https://<gitHost>.oauthTokenURL /oauth/token

With this setup, the provided OAuth credentials will be used when cloning a repository from your self-hosted Git server in a Conveyor IDE. The user flow is described in more detail here.