GitHub Auth

First, you'll need to create a GitHub OAuth app for your organisation.

Creating a GitHub OAuth app

From GitHub, click on your profile picture and chose "Settings":

Step 1

Then "Developer settings" from the left-hand menu:

Step 2

Then "OAuth Apps":

Step 3

And create a new OAuth app:

Step 4

Give it a name, and a homepage URL. The authorization callback is the important bit. It needs to be in this form:

[your-nx-cloud-url]/auth/github/callback

Step 5

Once you create, keep a note of the Client ID:

Step 6

And then generate a new client secret, and save it somewhere secure (we'll use it in a bit):

Step 7

Configure Nx Cloud Installation

Using Helm:

1image:
2  tag: 'latest'
3
4nxCloudAppURL: 'https://nx-cloud.myorg.com'
5
6github:
7  auth:
8    enabled: true
9
10secret:
11  name: 'cloudsecret'
12  nxCloudMongoServerEndpoint: 'NX_CLOUD_MONGO_SERVER_ENDPOINT'
13  githubAuthClientId: 'GITHUB_AUTH_CLIENT_ID'
14  githubAuthClientSecret: 'GITHUB_AUTH_CLIENT_SECRET'
15

Note that the secret must contain GITHUB_AUTH_CLIENT_ID and GITHUB_AUTH_CLIENT_SECRET ( see Nx Cloud Helm Charts for more context).

Not using Helm:

Provide the following env variables to the nx-cloud-api container:

GITHUB_AUTH_CLIENT_ID
GITHUB_AUTH_CLIENT_SECRET

If you are running Nx Cloud as a single container, the two env vars should be provisioned for that container.

GitHub Enterprise

If you are running an on-premise version of GitHub (Enterprise Server), you will need to configure one additional environment variable:

GITHUB_API_URL=https://custom-github-instance.com

This will point all auth endpoints to your GitHub server (rather the public one).