Adding a Private Repository as a Source

If your source is a private GitHub repository, you'll have to follow these steps so that Kubiya can access it

If you try to add a private repository as a source, you will get an error as Kubiya doesn't have access to it.

Provide Kubiya tool-manager access to the Repo

In order to provide the tool-manager access to the repo, create a token for github with

Permission: metadata:readonly, Contents: read,write

Expiration: 1 year

Run script on K8s cluster where Kubiya runner is installed

Next, run the following Bash script on the K8s cluster where the runner is installed:

#!/bin/bash


# Function to display usage information
usage() {
 echo "Usage: $0 [options] <GitHub token>"
 echo ""
 echo "Options:"
 echo "  --dry-run      Simulate the actions without applying any changes"
 echo "  --help         Display this help message"
 exit 1
}


# Parse arguments
dry_run_flag=""
token=""


while [[ "$#" -gt 0 ]]; do
 case $1 in
   --dry-run) dry_run_flag="--dry-run=client" ;;
   --help) usage ;;
   *) token=$1 ;;
 esac
 shift
done


# If no token was passed as an argument, prompt the user
if [ -z "$token" ]; then
 echo "Enter your GitHub token:"
 read -s token
fi


# Create or update the Kubernetes secret
kubectl delete secret github-token -n kubiya $dry_run_flag &>/dev/null
kubectl create secret generic github-token -n kubiya --from-literal=gh-token=$token $dry_run_flag


# Define the patch content
patch=$(cat <<EOF
spec:
template:
  spec:
    containers:
      - name: tool-manager
        env:
          - name: TOOLS_GH_TOKEN
            valueFrom:
              secretKeyRef:
                name: github-token
                key: gh-token
EOF
)


# Apply the patch to the deployment
kubectl patch deployment -n kubiya tool-manager --patch "$patch" $dry_run_flag


# Optionally restart the deployment if not in dry-run mode
if [ -z "$dry_run_flag" ]; then
 kubectl rollout restart deployment -n kubiya tool-manager
fi

The script will ask for the GitHub token if not provided (interactive mode).

The GitHub token can also be provided as an argument.

# To run normally with a GitHub token as an argument:
./script.sh <your-github-token>

# To run in dry-run mode:
./script.sh --dry-run <your-github-token>

# To display the help message:
./script.sh --help

Once you've completed this, you can add the GitHub repository to Kubiya as a source.

After that, continue by connecting that source to a Kubiya Teammate, then instructing your AI Teammate to perform tasks via Slack.

Last updated