GitHub Enterprise Integration

GitHub Enterprise Server allows you to host GitHub on your own infrastructure, giving you full control over your version control system (VCS). By integrating GHE with env0, you can leverage all of env0’s capabilities, including infrastructure as code (IaC) automation, governance, and cost management, while maintaining a self-hosted and secure environment for your repositories.

This integration ensures that teams using GHE can seamlessly manage and automate their cloud infrastructure with env0, without compromising security or compliance requirements.

🚧

Note

GitHub Enterprise is only supported on env0 Organizations signed up for our Self-Hosted Agent.

Supported GitHub Enterprise Server versions are:

  • 2.21.13 and above
  • 3.x

GitHub Enterprise Setup

For env0 to be able to clone your code and post back commit statuses when running Plan on Pull Request you need to create and install a personal env0 GitHub App on your organization.

This only needs to be done once per GitHub Server.

  1. Create GitHub App

    1. Name your GitHub app env0
    2. Set Homepage URL to https://env0.com
    3. Skip ahead to the Webhooks section
      • Make sure Active is checked
      • You will now need to set the Webhook URL and Secret.
      • To fetch these, go to the VCS Create Connection.
    4. Skip ahead to the Repository permissions section and grant the following permissions:
      • Checks - Read and write
      • Contents - Read-only
      • Deployments - Read and Write
      • Metadata - Read-only
      • Pull requests - Read and Write
    5. Skip ahead to the Subscribe to events section and check the following:
    6. On "Where can this GitHub App be installed?" Check "Any account - Allow this GitHub App to be installed by any user or organization.". Note however - currently you may only install the app on a single organization of your choice on your GitHub Enterprise instance
    7. Click "Create GitHub App"
    8. Make a note of the App ID
    9. Scroll all the way down and "Click the Generate a private key". A pem file will be downloaded and saved on your computer. You'll need it later.
    10. Under the "Display information", click the "Upload a logo..." button and upload a logo (Optional)
  2. On the lefthand side menu, click on Install App to install the app on any organization of your choice

    1. Grant env0 access to all or selected repositories in the organization.
    2. Ensure you have granted permission for any organization's repository you need access to. If permission is not granted for a specific repository, you may encounter a 'Not Found' error at certain points.


  3. You'll need the following set as Helm values when installing the env0 agent:

    • githubEnterpriseAppId - The App ID from step 1.8
    • githubEnterpriseAppPrivateKeyEncoded - The content of the pem file downloaded in step 1.9 Please base64 encode it before setting it
    • githubEnterpriseAppInstallationId - (Optional) You can restrict permissions to a single installation ID through this configuration.

🚧

Note

If deploying via Docker, DO NOT base64 encode the following keys:

  • githubEnterpriseAppClientSecretEncoded
  • githubEnterpriseAppPrivateKeyEncoded

📘

Encode to Base64

You can open browser Dev Tools - go to console and use

btoa("secret")

to encode the string to base 64

On Mac

base64 -i private.pem
githubEnterpriseAppId: 111
githubEnterpriseAppPrivateKeyEncoded: aa==
githubEnterpriseAppInstallationId: 222 # Optional 
GITHUB_ENTERPRISE_APP_ID: 111
GITHUB_ENTERPRISE_APP_PRIVATE_KEY: aa==
GITHUB_ENTERPRISE_APP_INSTALLATION_ID: 222
  1. Install the agent

Now you can create templates for GitHub Enterprise