Installation
Overview
Installing Snapr requires a Kubernetes environment and a few setup steps to connect it with your development workflow. Snapr is distributed as a Helm chart and runs fully inside your cluster, ensuring that your code and data never leave your infrastructure.
This guide explains the infrastructure prerequisites, Snapr configuration requirements, and how to deploy it.
Prerequisites
Before setting up your cluster or installing Snapr, make sure you have the following tools installed locally:
Snapr runs as a set of pods within your Kubernetes cluster, so make sure your environment meets these conditions:
- A Kuberneter Cluster running.
- TBD
Snapr License
A valid Snapr license is required to deploy and operate the platform. The license validates your installation and unlocks access to Snapr’s core features. Contact us in order to get your license.
You’ll receive your license key from the Snapr team during onboarding or evaluation. If your license is missing or invalid, the installation will not complete successfully.
Once you have your license, you must provide it in your Helm configuration:
license:
key: "<your-license-key>"
Public Access and DNS Configuration
Snapr provides a web-based interface and integrates with GitHub through webhooks and authentication callbacks. To make all these components work correctly, your Snapr instance must be accessible through a public HTTPS hostname.
This hostname will be used for:
- Accessing the Snapr frontend (admin panel).
- Receiving GitHub webhooks.
- Handling OAuth and GitHub App callbacks.
The FQDN will be supplied later in the Helm values during deployment, as Snapr will use it to configure ingress rules, callback URLs, and webhook endpoints.
ingress:
tls:
- hosts:
- <your-fqdn>
github:
oauthCallbackURL: https://<your-fqdn>/api/auth/callback
When configuring the GitHub OAuth App, the Authorization Callback URL must point to your provided domain using the following path:
https://<your-fqdn>/api/auth/callback
This endpoint is required for Snapr to complete the OAuth authentication flow.
Github Integration
Oauth Authentication
Snapr uses OAuth authentication to allow users to securely log in to the admin panel using their GitHub accounts. This ensures that only authorized members of your organization can access Snapr’s configuration and activity data.
You’ll need to create a GitHub OAuth App in your organization or personal account before deployment. Once created, make sure to keep the following information handy, you’ll need it when configuring Snapr:
- Client ID
- Client Secret
- Callback URL
You’ll provide these values later in your Snapr configuration:
auth:
github:
clientId: "<your-client-id>"
clientSecret: "<your-client-secret>"
callbackUrl: "https://<your-fqdn>/api/auth/callback"
Github App Setup
Snapr integrates with GitHub through a dedicated GitHub App that acts as the bridge between your repositories and Snapr’s automation engine. This app enables Snapr to receive repository events (such as issues, pull requests, and comments) and to perform actions securely on behalf of your organization.
Why a GitHub App?
Unlike a personal access token or OAuth app, a GitHub App provides fine-grained permissions, improved security, and better auditability. Each installation of the Snapr App is tied to a specific organization or user account, giving you full control over which repositories Snapr can access.
GitHub Apps are also the only way Snapr can subscribe to webhook events at the organization or repository level and perform authenticated actions, such as creating branches, opening pull requests, or commenting on issues within the limits of your permissions.
Create a GitHub App
TBD
Deploy Snapr App
Once every requirement to run Snapr is in place, including your Kubernetes cluster, license key, public FQDN, GitHub OAuth App, and GitHub App, you can deploy Snapr using Helm.
This section walks you through preparing your Helm values file and installing the Snapr chart into your cluster.
Prepare Your values.yaml
Create a file named values.yaml and include all required configuration fields. Below is a minimal but complete example using the information gathered in previous sections:
license:
key: "<your-license-key>"
ingress:
enabled: true
className: "nginx" # or your ingress class
hosts:
- host: "<your-fqdn>"
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- "<your-fqdn>"
secretName: snapr-tls
auth:
github:
clientId: "<your-client-id>"
clientSecret: "<your-client-secret>"
callbackUrl: "https://<your-fqdn>/api/auth/callback"
github:
app:
id: "<your-github-app-id>"
privateKey: |
-----BEGIN RSA PRIVATE KEY-----
<your-private-key>
-----END RSA PRIVATE KEY-----
webhookSecret: "<your-github-app-webhook-secret>"
oauthCallbackURL: "https://<your-fqdn>/api/auth/callback"
Add the Snapr Helm Repository
helm repo add snapr https://charts.snapr.dev
helm repo update
Install Snapr
Deploy Snapr using your values.yaml:
helm install snapr snapr/snapr \
--namespace snapr-system \
-f values.yaml
Helm will deploy all Snapr components into your cluster, create the required Kubernetes resources, and inject the configuration values your Snapr API will use (including GitHub integration settings, ingress parameters, and your license key).
Verify the Deployment
You can check Snapr’s pods:
kubectl get all -nsnapr
All pods should eventually reach the Running state, and all services should be created and available before you proceed.
NAME READY STATUS RESTARTS AGE
pod/snapr-api-5df6c89d58-5gnnt 1/1 Running 0 44m
pod/snapr-frontend-5f56cdcc54-skg4k 1/1 Running 0 55m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/snapr-api ClusterIP 10.100.7.182 <none> 8080/TCP 55m
service/snapr-frontend ClusterIP 10.100.97.1 <none> 80/TCP 55m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/snapr-api 1/1 1 1 55m
deployment.apps/snapr-frontend 1/1 1 1 55m
NAME DESIRED CURRENT READY AGE
replicaset.apps/snapr-api-5df6c89d58 1 1 1 55m
replicaset.apps/snapr-frontend-5f56cdcc54 1 1 1 55m
Access Snapr
After DNS propagation, open your configured domain:
https://<your-fqdn>
You will be redirected to GitHub to authenticate via your OAuth App.