This project is no longer maintained because the Spring team has switched to using Developer Certificate of Origin. For more information, please refer to the blog post. |
This tool is intended to allow managing GitHub Contributor License Agreements.
Below are the steps that are necessary to set this project up.
This application uses OAuth to access GitHub’s APIs. The first step is to Register a new OAuth application with GitHub.
Example values for the form might be:
Application Name - Pivotal CLA
Homepage URL - https://pivotal.io
Application description - Allows managing Contributor License Agreements for contributions to Pivotal sponsored projects
Authorization callback URL - This needs to point back to your application’s OAuth endpoint. For development it might be http://localhost:8080/login/oauth2/github If you are needing to test receiving GitHub events, you will probably want to setup ngrok. If you are using ngrok, the URL would look something like https://123456.ngrok.io/login/oauth2/github
After clicking Register application you should make the application aware of the Client ID and the Client Secret.
Create a new file named application-local.properties
# Replace values from registered application at https://github.com/settings/developers
# See the README for additional detail
security.oauth2.main.clientId=Value from Client ID
security.oauth2.main.clientSecret=Value from Client Secret
Generate a New personal access token that contains only
scope. This will be used for adding comments to pull requests that require the contributor to sign the CLA. -
Copy the personal access token and place it in application-local.properties
Modify application-local.properties
# Replace values from registered application at https://github.com/settings/developers
# See the README for additional detail
security.oauth2.main.clientId=Value from Client ID
security.oauth2.main.clientSecret=Value from Client Secret
security.oauth2.pivotal-cla.token-secret=A Personal Access Token with public_repo scope
If you are needing to test receiving GitHub events, you will probably want to setup ngrok. If there is no need to test receiving the GitHub events from GitHub, then you can skip this step.
You can run the application using:
$ ./gradlew bootRun
This mode enables the local
profile which uses H2 for the in-memory database and Redis for storing sessions.
Redis must be started locally on port 6379
To start a docker image for Redis and MySQL invoke ./ci/scripts/start-services.sh .
The docker images can be shutdown using ./ci/scripts/stop-services.sh .
You can open the application at a context root of "/". If you are running, the default URL is at http://localhost:8080/
Deploying the application to Cloud Foundry can be performed using the Cloud Foundry CLI. It is set up for TravisCI and manual deployment mode.
Deployment scripts for pivotal-cla
require a set of properties to be deployed. Please keep in mind that secrets should not get published.
: Your username to log into Pivotal Cloud Foundry -
: Your password to log into Pivotal Cloud Foundry -
: GitHub Client ID -
: GitHub Client Secret -
: A Personal Access Token with public_repo scope -
For manual deployment only:
: Name of the space
Deployment is done with zero-downtime using a strategy similar to the autopiolot plugin. The application is deployed to multiple application names and if successful, the old application name is removed.
Manual deployment with Cloud Foundry CLI can be done after installing it.
First log into Cloud Foundry. For example:
$ cf login -a api.run.pivotal.io -o pivotal-cla -s production -u $CF_USERNAME -p $CF_PASSWORD
Pushing to Cloud Foundry activates the cloudfoundry
profile which requires a MySQL database and a Redis instance.
You can perform a zero-downtime deploy to Cloud Foundry using the included cf-push.sh script.
For example:
$ ./ci/scripts/cf-push.sh pivotal-cla-production $CLIENT_ID $CLIENT_SECRET $TOKEN_SECRET $TRAVIS_BUILD_NUMBER-$TRAVIS_COMMIT