App Directory
GitHub
Learn about Tempest’s GitHub integration capabilities and supported resources
GitHub provides cloud-based version control and collaboration features for software development. The GitHub App in Tempest enables comprehensive management of repositories and related resources, powering core functionality for project orchestration and preview environments.
For detailed information about each resource, see the Resources section below.
Tempest supports both fine-grained and classic tokens.
Authentication
These are the supported authentication methods for GitHub in Tempest:Tempest GitHub App (Recommended)
The GitHub App provides the most streamlined experience with automated permissions management and full webhook integration support.
How to connect with GitHub App
How to connect with GitHub App
1
Access Recipes
In your Tempest web console, navigate to Recipes and select “Create Recipe”
2
Select GitHub Resource
Locate the automatically added GitHub resource
3
Add Credentials
Click “Add credentials” then “Link credentials”
4
Choose App Authentication
Select “Github App” and “Authenticate with Github”
5
Review Permissions
Review required accesses and select “Authorize”
6
Select Organization
Choose the GitHub organization to connect with Tempest
OAuth 2.0
OAuth2 authentication provides a scoped access token with repository permissions.How to connect with OAuth
How to connect with OAuth
1
Start OAuth Flow
Follow steps 1-3 from GitHub App connection above
2
Select OAuth
Choose “OAuth” authentication method
3
Complete Authorization
Review permissions and authorize the connection
Personal Access Token
Personal Access Tokens do not support webhook integration, limiting GitHub functionality in Tempest.
Fine-grained Token Requirements
Fine-grained Token Requirements
Repository access: “All repositories”Required permissions:
- Administration: Read & write
- Commit statuses: Read
- Contents: Read & write
- Deployments: Read & write
- Environments: Read & write
- Pull requests: Read
- Webhooks: Read & write
- Workflows: Read & write
Classic Token Requirements
Classic Token Requirements
Required scopes:
- repo (all sub-options)
- workflow
- delete_repo
Resources
Repository
Parent resource for managing GitHub repositories. Configuration options:- Name (required): Alphanumeric with hyphens and underscores
- Visibility: Public or private
- Dependabot: Enable/disable security updates
- Template options: Create from template or as template
- HTML, HTTPS, and SSH URLs
- Repository metadata
- Default branch configuration
Repository File
Manage files within repositories. Configuration options:- File path and content
- Pull request creation options
- File location and metadata
- Git SHA tracking
- Browser URLs
Workflow
Configure GitHub Actions workflows. Configuration options:- Built-in templates or custom workflows
- File naming and content
- Pull request automation
- Workflow identification
- State tracking
- Web interface access
Deploy Key
Manage SSH deploy keys for repositories. Configuration options:- Key title and content
- Public key configuration
- Key identification
- Access URLs
- Public key data
Deployment
Handle GitHub deployments. Configuration options:- Target branch
- Environment specification
- Deployment description
- Deployment identification
- Git reference tracking
- Environment status