Add configurable GitHub Enterprise API base URL for key checks and API calls #3597

SuyashJain17 · 2026-01-16T17:35:04Z

Description

This PR adds support for GitHub Enterprise API endpoints by making the GitHub API base URL configurable.
A new github_api_base_url option is introduced under the Keys configuration section, defaulting to the public GitHub API.
All hardcoded https://api.github.com references across the codebase have been replaced with calls to a centralized URL management utility.

This PR fixes #3277

Summary
This implementation addresses issue #3277 by:

Adding configurability – Users can now specify their GitHub Enterprise API URL via the github_api_base_url config option.
Centralizing URL management – All GitHub API URLs are constructed through a single utility module.
Maintaining backward compatibility – The default value remains https://api.github.com, so existing installations work without any changes.
Comprehensive coverage – Updated all 17 files that previously contained hardcoded GitHub API URLs, including REST, GraphQL, rate-limit, and worker endpoints.

Notes for Reviewers

The change is fully backward compatible and opt-in for GitHub Enterprise users.
The centralized URL utility ensures consistent API URL construction across tasks, workers, and key validation.
Some GitHub Enterprise installations may require /api/v3 in the base URL; users can provide the full API root via configuration as needed.

Signed commits

Yes, I signed my commits.

guptapratykshh · 2026-01-16T17:45:44Z

In your local branch, run: git rebase HEAD~1 --signoff
Force push your changes to overwrite the branch: git push --force-with-lease origin feat/github-enterprise-api-support

MoralCode

Thanks for the enthusiasm with submitting a PR

I left some feedback in the review. I think this PR has potential as a more narrow refactoring to allow us to swap out the github base domain by using a function, but I think we may need to wait for a more comprehensive method of fetching the urls (i.e. from a database) before we are able to swap things in like that.

we are quite backlogged on PRs at the moment as well, so please be patient as we try and get through them all starting in mid-February

MoralCode · 2026-01-16T17:56:18Z

augur/application/config.py

-                "gitlab": "<gl_api_key>"
+                "gitlab": "<gl_api_key>",
+                "github_api_base_url": "https://api.github.com"


im not sure this is the good long-term solution we are hoping for.

Whille this issue is specifically about githubs url, we also have our sights set on adding more platforms, and using the config in this way will require code changes for every url that is added - i.e. if someone wants to add a self hosted Forgejo instance).

Ultimately, we want to be able to dynamically find API keys for a particular platform and domain

i think this PR acts as necessary stepping stone, by refactoring these hardcoded strings now, we isolate "Base URL" dependency into single utility functiongithub_api_url.py

I believe this PR begins to address, and may sufficiently for a proof of concept, fully address multitenancy, which is a long ambition of Augur. Handling Enterprise GitHub is a pretty huge step forward.

One question: @SuyashJain17 : Do we have an enterprise GitHub we can test this against, because I do not have such access.

I don’t currently have access to a live GitHub Enterprise instance.
This was implemented against GitHub’s documented Enterprise API behavior (including /api/v3 and /graphql), and the change is fully opt-in.
If there’s an internal Enterprise test environment available, I’m happy to validate or adjust based on real responses.

augur/tasks/github/util/github_api_url.py

MoralCode

Looking better! Just a few more things to really clean things up

Given how much you change the except blocks (probably for pylint) I'd say move those into a new PR (or better yet, see if theres an issue you can document them in we need some nice good first issues for CHAOSScon attendees

MoralCode · 2026-01-19T21:55:22Z

augur/tasks/github/util/gh_graphql_entities.py

-                    err = process_graphql_dict_response(logger,result,response_data)
+                    err = process_dict_response(logger, result, response_data)


This change doesnt seem related to swapping out github API urls

@SuyashJain17 : I have a theory about why this is here, but i would like to know from you.

That’s fair - this change is not strictly required for the base URL work.
It was done while refactoring the surrounding logic to reduce duplicated response-handling paths, but I agree it expands the scope.

MoralCode · 2026-01-19T21:56:06Z

augur/tasks/github/util/gh_graphql_entities.py

-        except:
+        except (json.JSONDecodeError, AttributeError):


Helpful change, but hesitant about including it in this PR? I guess its probably fine

MoralCode · 2026-01-19T21:57:03Z

augur/tasks/github/util/github_api_key_handler.py

 import random

 from typing import List
-from sqlalchemy.orm import Session


Why was this removed?

Also my question.

I removed it since it wasn’t being used in the current code path.
If it’s meant to support future logic or an implicit dependency, I’m happy to add it back.

if youd like to clean it up. that may be better for a separate PR specifically dedicated to cleanup and formatting. Having too many unrelated changes in one PR makes it hard to be confident that things will still work afterwards

sgoggins

We need some of the questions answered by @SuyashJain17 to understand the state here, but I like the direction!

sgoggins · 2026-01-20T17:29:52Z

augur/application/config.py

-                "gitlab": "<gl_api_key>"
+                "gitlab": "<gl_api_key>",
+                "github_api_base_url": "https://api.github.com"


I believe this PR begins to address, and may sufficiently for a proof of concept, fully address multitenancy, which is a long ambition of Augur. Handling Enterprise GitHub is a pretty huge step forward.

One question: @SuyashJain17 : Do we have an enterprise GitHub we can test this against, because I do not have such access.

sgoggins · 2026-01-20T17:30:45Z

augur/tasks/github/util/gh_graphql_entities.py

-                    err = process_graphql_dict_response(logger,result,response_data)
+                    err = process_dict_response(logger, result, response_data)


@SuyashJain17 : I have a theory about why this is here, but i would like to know from you.

sgoggins · 2026-01-20T17:31:15Z

augur/tasks/github/util/github_api_key_handler.py

 import random

 from typing import List
-from sqlalchemy.orm import Session


Also my question.

MoralCode

No code changes have been made since my prior comments so my prior request for changes stands. I'd be willing to merge this if it only swapped out the github domain everywhere we use it with a function call such that we COULD put an enterprise URL there in the future. I think the broader "support GHE properly" type fixes need to be done as part of my broader effort towards expanding platform support

I suspect i could find someone with GHE access to help validate too, but i dont think that it should block the merging of this if changed to match the above

SuyashJain17 · 2026-01-21T18:02:24Z

Thanks for clarifying ,
I understand now that you’re looking for a narrowly scoped refactor that only abstracts the GitHub base domain behind a function call, without any additional behavior or cleanup changes.

I’ll push an update that reverts the unrelated refactors and keeps this PR limited strictly to swapping api.github.com usage with a centralized accessor.

… AttributeError on bare metal installs Signed-off-by: Pratyksh Gupta <pratykshgupta9999@gmail.com> Signed-off-by: Suyash Jain <suyashjain1707@gmail.com>

…nts and contributors Signed-off-by: Shlok Gilda <gildashlok@hotmail.com> Signed-off-by: Suyash Jain <suyashjain1707@gmail.com>

…eter and skip the db stuff Signed-off-by: Adrian Edwards <adredwar@redhat.com> Signed-off-by: Suyash Jain <suyashjain1707@gmail.com>