Setting up a GitHub repository
A GitHub repository, often referred to as a repo, serves as the central location for storing project files such as code, documentation, images, and other resources. Each deployment project needs its own repository to track and manage changes to ensure that all changes are properly managed and versioned throughout the development process.
Zuora recommends using private repositories. If a repository is publicly accessible, be aware that the content in it is at your own risk.
If your organization already has a GitHub Cloud or GitHub Enterprise repository configured, you can skip this step and move directly to adding the source code repository in Deployment Manager.
Admin settings
In the Admin Settings, configure team members' access to the repository by assigning appropriate permissions, ensuring secure collaboration and management of the project. This step allows for controlling who can read, write, or manage repository settings, ensuring proper access control.
Creating a GitHub account
If you or your team members don't already have a GitHub account, go to GitHub’s sign-up page to create one. If accounts already exist, you’re good to go!
Adding team members as collaborators
Once your account is set up, request the repository owner to add you as a collaborator. The repository owner can follow these steps:
- Navigate to the owner’s profile on GitHub.
- Select Organizations from the profile menu.
- Click on Settings. This option is visible only to the owner.
- Add members and assign them roles.
Once added, you can begin collaborating on the project and proceed with integration.
Enabling privileges
The repository owner should provide specific privileges to team members. The collaborator can perform the following permission levels and the associated tasks:
- Admin Permission: Grants the ability to add collaborators, manage read/write access, and more.
- Write Permission: Enables the user to push, pull, and read files, allowing them to upload files to the repository.
- Read Permission: Allows users to pull and read files, but they cannot upload files.
Configuring token settings
- Go to Personal Access Tokens > Settings.
- Enable the Access through fine-grained personal access tokens option.
- Enable the Require administrator approval option for added security.
- Choose whether requests for personal access tokens should be auto-approved or require manual approval. If manual approval is selected, the repository owner will need to review and approve requests under Personal Access Tokens > Pending Requests.
- Click Save.
Once set up, the token can be used for API calls with the organization's name serving as the username in the requests.
Creating access token from a user’s profile
- Go to Settings > Developer Settings > Personal Access Tokens > Generate new token.
- Set an expiration time for the token (default is 30 days).
- Select Organization as the resource owner and choose a specific repository for access.
You can use the generated token for API calls, where the organization name will be used as the username in the requests.
For security, the repository should be marked as private. Deployment Manager recommends this for better security, and a warning message will appear if the repository is public.
Repository permissions
The following permissions are recommended for each repository:
- Actions: Read and Write
- Administration: Read and Write
- Commit Statuses: Read and Write
- Contents: Read and Write
- Deployments: Read and Write
- Metadata: Read-only
- Workflows: Read and Write