Skip to content

[Devant migration] Add private GitHub repository support for the cloud variant#750

Merged
gabilang merged 2 commits into
wso2:devant-migrationfrom
gabilang:cloud-private-github-repo-support
Jul 15, 2026
Merged

[Devant migration] Add private GitHub repository support for the cloud variant#750
gabilang merged 2 commits into
wso2:devant-migrationfrom
gabilang:cloud-private-github-repo-support

Conversation

@gabilang

@gabilang gabilang commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Purpose

Implements the cloud RepositoryApi against the BFF's /git/github routes (platform GitHub App flow): installation binding from the authorize popup, per-installation repo/branch/tree listing with an owner-to- installation cache, and flat-to-nested tree conversion.

Create flow sends secretRef: "" plus the githubApp source binding for private repos; the BFF persists the binding and provisions per-build clone secrets. Adds the 409 authorized-but-not-installed install-popup flow (new GITHUB_APP_SLUG runtime config, 'installing' auth status) and gates the private GitHub option on githubAppClientId.

resolves https://github.com/wso2-enterprise/integration-engineering/issues/1949

Goals

Describe the solutions that this feature/fix will introduce to resolve the problems described above

Approach

Describe how you are implementing the solutions. Include an animated GIF or screenshot if the change affects the UI (email documentation@wso2.com to review all UI text). Include a link to a Markdown file or Google doc if the feature write-up is too long to paste here.

User stories

Summary of user stories addressed by this change>

Release note

Brief description of the new feature or bug fix as it will appear in the release notes

Documentation

Link(s) to product documentation that addresses the changes of this PR. If no doc impact, enter “N/A” plus brief explanation of why there’s no doc impact

Training

Link to the PR for changes to the training content in https://github.com/wso2/WSO2-Training, if applicable

Certification

Type “Sent” when you have provided new/updated certification questions, plus four answers for each question (correct answer highlighted in bold), based on this change. Certification questions/answers should be sent to certification@wso2.com and NOT pasted in this PR. If there is no impact on certification exams, type “N/A” and explain why.

Marketing

Link to drafts of marketing content that will describe and promote this feature, including product page changes, technical articles, blog posts, videos, etc., if applicable

Automation tests

  • Unit tests

    Code coverage information

  • Integration tests

    Details about the test cases and coverage

Security checks

Samples

Provide high-level details about the samples related to this feature

Related PRs

List any other related PRs

Migrations (if applicable)

Describe migration steps and platforms on which migration has been tested

Test environment

List all JDK versions, operating systems, databases, and browser/versions on which this feature/fix was tested

Learning

Describe the research phase and any blog posts, patterns, libraries, or add-ons you used to solve the problem.

Implements the cloud RepositoryApi against the BFF's /git/github routes
(platform GitHub App flow): installation binding from the authorize
popup, per-installation repo/branch/tree listing with an owner-to-
installation cache, and flat-to-nested tree conversion.

Create flow sends secretRef: "" plus the githubApp source binding for
private repos; the BFF persists the binding and provisions per-build
clone secrets. Adds the 409 authorized-but-not-installed install-popup
flow (new GITHUB_APP_SLUG runtime config, 'installing' auth status) and
gates the private GitHub option on githubAppClientId.
@coderabbitai

coderabbitai Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0f8d0055-c5f4-4ca1-a466-fe90cbdb84f5

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

The cloud API now supports GitHub App installations for private repository discovery, branch and tree access, authorization binding, and component creation. Runtime configuration exposes the GitHub App slug, while authentication tracks installation as a distinct state and opens the installation page when required. Import and project flows pass installation identifiers, display installation progress, and fall back to public mode when GitHub App configuration is unavailable. BFF failures now use an exported error type, and component creation logs non-fatal warnings.

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name Status Explanation Resolution
Description check ⚠️ Warning The description only fills Purpose and leaves the required template sections mostly empty, so it is not complete enough. Add content for Goals, Approach, User stories, Release note, Documentation, Automation tests, Security checks, and the remaining required sections.
Docstring Coverage ⚠️ Warning Docstring coverage is 30.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly summarizes the main change: adding private GitHub repository support for the cloud variant.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@gabilang

Copy link
Copy Markdown
Contributor Author

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@gabilang
gabilang requested review from SandaminiM and sm1990 July 15, 2026 06:15

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
ipaas/src/pages/ImportIntegration.tsx (1)

332-339: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Remove unreachable loading state.

This inline loading state is unreachable because the component already performs an early return for these exact conditions (!isPublicRepo && (authStatus === 'authenticating' || authStatus === 'installing')) at line 532. Since renderGitHubArea is only rendered when !isPublicRepo (line 597), it will never evaluate this branch.

Consider removing the dead code to simplify the render function.

♻️ Proposed refactor
     return (
       <Box sx={{ mb: 4 }}>
-        {authStatus === 'authenticating' || authStatus === 'installing' ? (
-          <Stack direction="row" spacing={1.5} alignItems="center" sx={{ minHeight: 50 }}>
-            <CircularProgress size={16} />
-            <Typography color="text.secondary" variant="body2">
-              {authStatus === 'installing' ? 'Install the GitHub App in the popup, then return here…' : 'Completing GitHub authorization…'}
-            </Typography>
-          </Stack>
-        ) : (
-          <Box>
-            {authStatus === 'failed' && (
-              <Alert severity="error" sx={{ mb: 1.5 }}>
-                GitHub authorization failed. Please try again.
-              </Alert>
-            )}
-            <Button
-              variant="outlined"
-              startIcon={
-                <Box sx={{ color: 'common.black', display: 'flex' }}>
-                  <GitHub size={16} />
-                </Box>
-              }
-              onClick={() => startGitHubAuth(refetchRepos)}
-              size="small">
-              Authorize with GitHub
-            </Button>
-          </Box>
-        )}
+        <Box>
+          {authStatus === 'failed' && (
+            <Alert severity="error" sx={{ mb: 1.5 }}>
+              GitHub authorization failed. Please try again.
+            </Alert>
+          )}
+          <Button
+            variant="outlined"
+            startIcon={
+              <Box sx={{ color: 'common.black', display: 'flex' }}>
+                <GitHub size={16} />
+              </Box>
+            }
+            onClick={() => startGitHubAuth(refetchRepos)}
+            size="small">
+            Authorize with GitHub
+          </Button>
+        </Box>
       </Box>
     );
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@ipaas/src/pages/ImportIntegration.tsx` around lines 332 - 339, Remove the
unreachable `authStatus === 'authenticating' || authStatus === 'installing'`
loading branch from `renderGitHubArea`; the component’s existing early return
already handles these states before this renderer is reached. Preserve the
remaining GitHub area rendering behavior for all other authentication states.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@ipaas/src/api/cloud/repository.ts`:
- Around line 139-154: Update the installations mapping in the user repository
fetch flow to catch errors for each installation independently, allowing
successful installations to remain in the Promise.all result. Within the
callback around the repository request, rethrow only authentication-required
errors using the existing auth-error detection behavior; otherwise log or skip
the failed installation and return an empty/omitted repository result consistent
with the surrounding API contract.

---

Nitpick comments:
In `@ipaas/src/pages/ImportIntegration.tsx`:
- Around line 332-339: Remove the unreachable `authStatus === 'authenticating'
|| authStatus === 'installing'` loading branch from `renderGitHubArea`; the
component’s existing early return already handles these states before this
renderer is reached. Preserve the remaining GitHub area rendering behavior for
all other authentication states.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 075ebe7c-ebf3-4923-9259-248d27f6c117

📥 Commits

Reviewing files that changed from the base of the PR and between b7aa2cd and 985e8fc.

📒 Files selected for processing (17)
  • ipaas/src/api/cloud/_client.ts
  • ipaas/src/api/cloud/components.ts
  • ipaas/src/api/cloud/repository.ts
  • ipaas/src/api/contracts.ts
  • ipaas/src/components/ProjectCreate/GitProviderCards.tsx
  • ipaas/src/config/runtimeConfig.ts
  • ipaas/src/hooks/useGitHubAuth.ts
  • ipaas/src/pages/CreateIntegrationOptions.tsx
  • ipaas/src/pages/CreateProject.tsx
  • ipaas/src/pages/GitHubOAuthCallback.tsx
  • ipaas/src/pages/ImportIntegration.tsx
  • ipaas/src/pages/ImportProject.tsx
  • ipaas/src/pages/Project.tsx
  • ipaas/src/paths.ts
  • ipaas/src/types/component.ts
  • ipaas/src/types/import.ts
  • ipaas/src/types/repository.ts

Comment thread ipaas/src/api/cloud/repository.ts Outdated
@gabilang
gabilang merged commit 6ff97ba into wso2:devant-migration Jul 15, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants