github.com/grafana/pyroscope@v1.18.0/docs/sources/configure-server/configuring-github-integration.md

github.com/grafana/pyroscope@v1.18.0/docs/sources/configure-server/configuring-github-integration.md (about)

     1  ---
     2  description: Learn how to configure the source code integration for Grafana Pyroscope.
     3  menuTitle: Configure source code integration
     4  title: Configure Pyroscope source code integration
     5  weight: 550
     6  ---
     7  
     8  # Configuring source code integration
     9  Currently, the Pyroscope source code integration only supports GitHub.
    10  
    11  This guide walks you through setting up the Pyroscope source code integration with GitHub with minimal permissions for Grafana Pyroscope.
    12  
    13  ## Creating a GitHub App
    14  
    15  1. Go to your GitHub account settings
    16  2. Navigate to **Developer settings** > **GitHub Apps**
    17  3. Click **New GitHub App**
    18  4. Configure the app with the following settings:
    19      #### **Basic Information**
    20        - **GitHub App name**: Choose a name for your app (e.g., "my-pyroscope")
    21        - **Homepage URL**: This is a required field, you can use any URL. (e.g., `https://grafana.com/oss/pyroscope/`)
    22        - **Callback URL**: Set this to your Grafana installation URL with the GitHub callback path. (e.g., `https://grafana.your-domain.com/a/grafana-pyroscope-app/github/callback`)
    23  
    24      #### Permissions
    25  
    26        The GitHub App works without any extra permissions for public repositories. If you want to access private repositories, you need to add these permissions:
    27  
    28        - **Repository permissions**:
    29          - **Metadata**: Read-only access
    30          - **Contents**: Read-only access
    31  
    32      #### Where can this GitHub App be installed?
    33        - Select **Any account** if you want to allow installation on any GitHub account
    34        - Select **Only on this account** if you want to restrict installation to your account only
    35  5. Click **Create GitHub App**
    36  6. After creating the GitHub App, you should end up in the GitHub App settings, find the **Client ID** and take a note of it.
    37  7. Now scroll down to the **Client secrets** section and click **Generate a new client secret**
    38  8. **Important**: Copy the generated client secret immediately - you won't be able to see it again after closing the dialog
    39  
    40  For anything not covered in this guide, you can refer to the GitHub docs: [Registering a GitHub App](https://docs.github.com/en/apps/creating-github-apps/registering-a-github-app/registering-a-github-app).
    41  
    42  
    43  ## Configuring Pyroscope
    44  
    45  This section explains how to configure the Pyroscope source code integration in Grafana Pyroscope. The integration requires three environment variables to be set:
    46  
    47  | Variable | Description | Required |
    48  |----------|-------------|----------|
    49  | `GITHUB_CLIENT_ID` | The Client ID of your GitHub App | Yes |
    50  | `GITHUB_CLIENT_SECRET` | The Client Secret of your GitHub App | Yes |
    51  | `GITHUB_SESSION_SECRET` | A random string used to encrypt the session | Yes |
    52  
    53  ### Using the Helm Chart
    54  
    55  If you're using the official Helm chart, follow these steps to configure the Pyroscope source code integration:
    56  
    57  1. Create a Kubernetes secret containing the required values, this will also generate a new random session secret:
    58  
    59      ```bash
    60      kubectl create secret generic pyroscope-github \
    61        "--from-literal=client_id=<The Client ID from the 6. step>" \
    62        "--from-literal=client_secret=<The Client secret from the 8. step>" \
    63        "--from-literal=session_secret=$(openssl rand -base64 48)"
    64      ```
    65  
    66  2. Update your `values.yaml` to expose these secrets as environment variables:
    67  
    68      ```yaml
    69      pyroscope:
    70        extraEnvVars:
    71          GITHUB_CLIENT_ID:
    72            valueFrom:
    73              secretKeyRef:
    74                name: pyroscope-github
    75                key: client_id
    76          GITHUB_CLIENT_SECRET:
    77            valueFrom:
    78              secretKeyRef:
    79                name: pyroscope-github
    80                key: client_secret
    81          GITHUB_SESSION_SECRET:
    82            valueFrom:
    83              secretKeyRef:
    84                name: pyroscope-github
    85                key: session_secret
    86      ```
    87  
    88  3. Apply the changes using helm upgrade:
    89  
    90  
    91  ### Other Deployment Methods
    92  
    93  For other deployment methods, ensure the same environment variables are set in your deployment configuration.
    94  
    95  ## Verifying the integration is correctly configured
    96  
    97  The configuration of the Pyroscope source code integration is now completed. In order to verify everything works as expected follow the user guide: [Integrate your source code on GitHub with Pyroscope profiling data](../../view-and-analyze-profile-data/line-by-line/).