It's all about the answers!

Ask a question

Integrating EWM with GitHub Enterprise - Validating commits


Rakesh A (33117) | asked Oct 07 '22, 6:03 a.m.
Hello,
   Registered GitHub repository in Source control generates a unique Webhook URL having repo key.
   To link GitHub commits to EWM work-items, we need this Webhook to be used in GitHub for workitem linking to work.

  I have observed, using one valid Webhook URL(from Git registered repositories in EWM):
  • we can establish linking to all project areas across EWM from GitHub. 
  • Also, we can establish linking from all GitHub repo's to all project areas.
  Question :
  • is this the expected behavior  ?
  • If yes, why is this URL specific to project area & generates a unique key ?

Accepted answer


permanent link
Shubjit Naik (1.5k1613) | answered Oct 10 '22, 4:08 a.m.

Hello Rakesh


Although the URL is project specific, if the secret key used in the webhook URL no explicit user authorization is required. 

However, we do provide pre-receive hooks as part of the Integration toolkit that allow you to enable Process enforcements for Git Commits. 

To configure process enforcement for Git Push operations, create a pre-receive hook in GitHub Enterprise, and set permissions and preconditions in the IBM® Engineering Workflow Management (EWM) project area.

Rakesh A selected this answer as the correct answer

Comments
Rakesh A commented Oct 10 '22, 4:42 a.m. | edited Oct 10 '22, 4:53 a.m.
Hi Shubjit ,
        Still i don't get your it completely. In my case i am not using secret key. Only Webhook URL is used.  Also we have not enabled pre-receive hooks.

Does this mean, above behaviors I have mentioned is expected one ?

1
Shubjit Naik commented Oct 10 '22, 5:06 a.m.

 Hi Rakesh


Yes, the behavior is expected when Webhooks are used.
The Secret key is embedded in the Webhook URL


Rakesh A commented Oct 17 '22, 5:49 a.m. | edited Oct 17 '22, 5:57 a.m.
Hi Shubjit ,
        Using this webhook URL, it's possible to make/ integrate Git commits across the different project areas. I am not understanding why its still called from IBM as project / project area specific.

Our Current Approach :
Currently we have 500+ GitHub repos & growing. We are registering GitHub repo's in different project areas to get webhook URL for integration.
For Eg:
CCM Project Area A-> repo 1 - Webhook URL 1
CCM Project Area B -> repo 2 - Webhook URL 2

Future Approach : As integration of commits is working with webhook URL irrespective of project areas. I'm planning to register all GitHub repo's in one project area (fore better maintenance).  Do you see any problems here ?

For Eg:
CCM Project Area A -> repo 1 - Webhook URL 1
CCM Project Area A-> repo 2 - Webhook URL 2


1
Shubjit Naik commented Oct 17 '22, 5:58 a.m.

 Hi Rakesh


Could you raise a case on this with our Support team? We will look into it and see If there is a need to update any documentation.

Your answer


Register or to post your answer.