Configuring GitHub OAuth for Spinnaker
This post describes how to configure GitHub and Spinnaker to use GitHub as an OAuth2 authenticator.
- Ability to modify developer settings for your GitHub organization
- Access to Halyard
- A Spinnaker deployment with DNS and SSL configured
Configuring GitHub OAuth
- Login to GitHub and go to Settings > Developer Settings > OAuth Apps > New OAuth App
- Note the Client ID / Client Secret
- Homepage URL: This would be the URL of your Spinnaker service e.g. https://spinnaker.acme.com
- Authorization callback URL: This is going to match your
--pre-established-redirect-uriin halyard and the URL needs
loginappended to your gate endpoint e.g. https://gate.spinnaker.acme.com/login or https://spinnaker.acme.com/gate/login
Configuring Spinnaker with Halyard
Run the following commands in Halyard with your Client ID and Client Secret.
CLIENT_ID=a08xxxxxxxxxxxxx93 CLIENT_SECRET=6xxxaxxxxxxxxxxxxxxxxxxx59 PROVIDER=github hal config security authn oauth2 edit \ --client-id $CLIENT_ID \ --client-secret $CLIENT_SECRET \ --provider $PROVIDER \ --scope read:org,user:email \ --pre-established-redirect-uri "https://gate.spinnaker.acme.com/login" hal config security authn oauth2 enable
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.