This tool is intended to allow managing GitHub Contributor License Agreements.
Below are the steps that are necessary to set this project up.
Register a new OAuth application with GitHub
Example values for the form might be:
Application Name - Pivotal CLA
Homepage URL - https://pivotal.io
Application description - Allows managing Contributor License Agreements for contributions to Pivotal sponsored projects
Authorization callback URL - This needs to point back to your application’s OAuth endpoint. For development it might be http://localhost:8080/login/oauth2/github If you are needing to test receiving GitHub events, you will probably want to setup ngrok. If you are using ngrok, the URL would look something like https://123456.ngrok.io/login/oauth2/github
After clicking Register application you should make the application aware of the Client ID and the Client Secret.
Create a new file named application-local.properties
# Replace values from registered application at https://github.com/settings/developers # See the README for additional detail security.oauth2.main.clientId=Value from Client ID security.oauth2.main.clientSecret=Value from Client Secret
Register a personal access token
Generate a New personal access token that contains only
public_reposcope. This will be used for adding comments to pull requests that require the contributor to sign the CLA.
Copy the personal access token and place it in application-local.properties
# Replace values from registered application at https://github.com/settings/developers # See the README for additional detail security.oauth2.main.clientId=Value from Client ID security.oauth2.main.clientSecret=Value from Client Secret security.oauth2.pivotal-cla.tokenSecret=A Personal Access Token with public_repo scope
If you are needing to test receiving GitHub events, you will probably want to setup ngrok. If there is no need to test receiving the GitHub events from GitHub, then you can skip this step.
Running the Application
You can run the application using:
$ ./gradlew bootRun
This mode enables the
local profile which uses H2 for the in-memory database and Redis for storing sessions.
Redis must be started locally on port
Open the Application
You can open the application at a context root of "/". If you are running, the default URL is at http://localhost:8080/
Deploying the application to Cloud Foundry can be performed using the Cloud Foundry CLI. It’s set up for TravisCI and manual deployment mode.
Deployment scripts for
pivotal-cla require a set of properties to be deployed. Please keep in mind that secrets should not get published.
cfUsername: Your username to log into Pivotal Cloud Foundry
cfPassword: Your password to log into Pivotal Cloud Foundry
security.oauth2.main.clientId: GitHub Client ID
security.oauth2.main.clientSecret: GitHub Client Secret
security.oauth2.pivotal-cla.tokenSecret: A Personal Access Token with public_repo scope
For manual deployment only:
space: Name of the space
Deployment is done with zero-downtime using a strategy similar to the autopiolot plugin. The application is deployed to multiple application names and if successful, the old application name is removed.
TravisCI builds the
master branch and deploys to production.
The build is set up to provide deployment properties as environment variables:
Manual Deployment with Cloud Foundry CLI
First log into Cloud Foundry. For example:
$ cf login -a api.run.pivotal.io -o pivotal-cla -s production -u $CF_USERNAME -p $CF_PASSWORD
Pushing to Cloud Foundry activates the
cloudfoundry profile which requires a MySQL database and a Redis instance.
You can perform a zero-downtime deploy to Cloud Foundry using the included cf-push.sh script.
$ ./ci/scripts/cf-push.sh pivotal-cla-production $CLIENT_ID $CLIENT_SECRET $TOKEN_SECRET $TRAVIS_BUILD_NUMBER-$TRAVIS_COMMIT
pivotal-cla uses two profiles to distinguish between running modes:
local(enabled by default): Uses a H2 in-memory database
cloudfoundry: Uses a MySQL database, Spring Session and Spring Data Redis. All connectors are obtained using Spring Cloud.