GitHub integration with Salesforce using OAuth 2.0
In a time when Agile methodology, DevOps, CI/CD are no more just a new kid in the block, industries are looking for something way beyond than just automated deployment pipeline or improved branching strategy. The new focus is towards controlling the different units of this pipeline remotely, or rather, having a 360 degree view of your pipeline with minimum movement across tabs,pages or platforms.
Why GitHub-Salesforce Integration is an important step towards boosting your CI/CD pipeline?
While doing a Salesforce deployment,especially jenkins based ANT deployment, there is a lot that goes inside GitHub as well. If we take an example of a feature deployment, a standard branching strategy would want you to create a feature branch for a particular feature to be deployed and post all the validations, a pull request can be made to merge the same to a developer or a release branch. The commit id of the same can be retrieved and used to deploy the latest changes. Seems like a lot of work, but what if, we could do all this and even more without even opening GitHub.
Connecting to GitHub
Github provides its API, popularly known as GitHub REST API v3, to connect to its platform. However, for a more secure authentication as well as a better control over the access given to a particular user, we will use OAuth 2.0. It lets us specify exactly what kind of access we need and we can limit or revoke the access of an OAuth Token any time without any hassle. We can use the connected app feature of GitHub. Upon successful creation it gives us client id and secret to be used for authentication and as the user credentials do not come into the play at any point of time, the authentication becomes more secure.
Creating a new connected app in GitHub
The developer settings section in GitHub allows you to create a connected app and use it for authentication. Since we will be using client id and secret for authentication, a basic understanding of Oauth 2.0 makes the process a tad easier to understand and implement. You can also refer the OAuth documentation provided by GitHub. To create a new Connected app:
-
Login to your Github Account and go to settings.
-
Go to developer settings and then to OAuth Apps.
-
Click on New OAuth App.
A single OAuth app can be used to connect to only one Salesforce org(account) at a time.
-
Enter the Name, homepage url and description of the application which you want to connect.
-
The Authorization callback url is the one that makes all the difference here. We have to make sure that we choose a page that has a page load or onload function associated with it.
Once we click on Register application a new connected app will be created and we will be provided with a new client id and secret. Please do not share the same with anyone. We can see how many users are using the connected app and we also have the option below to revoke access and reset the security token of this connected app in case of any security breach.
We can use the newly provided id and secret to initiate an Authentication from Salesforce and can perform various tasks like fetching and creating repositories and branches, creating pull requests, fetching commits etc.