fix(frontend): pass redirect_uri for multi-cluster GitHub App OAuth#1441
Merged
markturansky merged 3 commits intoambient-code:mainfrom Apr 23, 2026
Merged
Conversation
…-cluster support When multiple clusters share a single GitHub App, GitHub doesn't know which cluster's callback URL to use. Pass redirect_uri derived from the current origin (or GITHUB_CALLBACK_URL env var) so GitHub redirects back to the correct cluster. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
✅ Deploy Preview for cheerful-kitten-f556a0 canceled.
|
Contributor
|
Warning Rate limit exceeded
Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 55 minutes and 26 seconds. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (5)
✨ Finishing Touches🧪 Generate unit tests (beta)
✨ Simplify code
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
- Revert removal of _GH_WRAPPER_DIR/_PATH imports, add noqa suppression - Document GITHUB_APP_SLUG and GITHUB_CALLBACK_URL in frontend README Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
jsell-rh
force-pushed
the
fix/github-oauth-redirect-uri
branch
from
c1977f2 to
39171fa
Compare
3 tasks
markturansky
pushed a commit
that referenced
this pull request
Apr 23, 2026
…Map patch (#1443) ## Summary Follow-up to #1441. Two things that didn't make it into the squash merge: - **Callback path fix**: Update fallback from `/integrations/github/setup` to `/api/auth/github/user/callback` (confirmed by team as the correct path for all clusters) - **Production overlay patch**: Add kustomize JSON patch that injects `GITHUB_CALLBACK_URL` from a per-cluster `frontend-config` ConfigMap ## Per-cluster setup after deploy ```bash # UAT oc create configmap frontend-config \ --from-literal=github-callback-url=https://ambient-code.apps.rosa.vteam-uat.0ksl.p3.openshiftapps.com/api/auth/github/user/callback \ -n ambient-code # Stage oc create configmap frontend-config \ --from-literal=github-callback-url=https://ambient-code.apps.rosa.vteam-stage.7fpc.p3.openshiftapps.com/api/auth/github/user/callback \ -n ambient-code ``` Then `oc rollout restart deployment/frontend -n ambient-code` on each. ## Test plan - [ ] Verify GitHub App install redirects back to correct cluster on UAT - [ ] Verify GitHub App install redirects back to correct cluster on stage - [ ] Verify fallback works when `frontend-config` ConfigMap is not present 🤖 Generated with [Claude Code](https://claude.ai/code) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Configuration Updates** * Updated GitHub OAuth callback URL endpoint configuration for frontend deployments across staging and production environments. * Callback URL now defaults to the API authentication endpoint instead of the integrations setup route. * **Documentation** * Updated configuration documentation to reflect the new default GitHub callback URL path and deployment setup instructions. <!-- end of auto-generated comment: release notes by coderabbit.ai --> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
redirect_uriin the GitHub App install URL so GitHub redirects to the correct clusterGITHUB_CALLBACK_URLenv var for explicit override; falls back towindow.location.origin + '/integrations/github/setup'Root cause
The
handleConnectfunction sent users tohttps://github.com/apps/{slug}/installations/newwithout aredirect_uri. GitHub would pick its default callback URL, which could point to a different cluster.Test plan
GITHUB_CALLBACK_URLon frontend deployment, verify redirect goes to correct clusterGITHUB_CALLBACK_URLset, verify it falls back to current origin🤖 Generated with Claude Code