Skip to main content
All CollectionsData CloudConnectors
GitHub Security
GitHub Security
Updated over a week ago

Introduction

Before proceeding, please make sure that you have first enabled the GitHub connector by following the steps documented here.

To enable the GitHub Security connector, you need a GitHub App ID and Private Key PEM file. Note—if your GitHub instance is behind a firewall or has IP restrictions, you must allowlist DX IP addresses in order to accept inbound API requests.

See the schema reference for GitHub >

Steps to connect

Steps 1 - 5 must be completed by a GitHub Organization Owner.

Step 1

Log in to your GitHub account, and browse to the URL below with ORGANIZATION replaced with your GitHub organization username:

https://github.com/organizations/ORGANIZATION/settings/apps/new?public=false&members=read&url=https://getdx.com&metadata=readrequest_oauth_on_install=false&setup_on_update=false&webhook_active=false

Then, enable the permissions listed below:

Repository permissions

  • Read-only access to Dependabot alerts

  • Read-only access to Code scanning alerts

  • Read-only access to Secret Scanning Alerts

Organization permissions

  • Read-only access to Members

Step 2

Scroll to the bottom of the page and click the "Create GitHub App" button.

Step 3

The App ID will be shown at the top of the subsequent screen. Copy this ID down so it can be entered into DX later.

Step 4

On the same screen, scroll down to the "Private keys" heading and click "Generate a private key" which will initiate a download of a PEM file. Copy the contents of this file to be entered into DX later.

Step 5

Click on the "Install App" link in the sidebar navigation and then click "Install" beside your GitHub organization. Enable access to the same repositories that are enabled for your main GitHub connector.

Step 6

Navigate to the Data Cloud > Connections screen within DX, then add a connection using your credentials generated in the previous steps.

API Reference

Endpoint URL

Documentation Link

Permissions Needed (via GitHub App)

/repos/{org}/{repo}/dependabot/alerts

List Dependabot Alerts for a Repository

dependabot_alerts:read

/repos/{org}/{repo}/code-scanning/alerts

List Code scanning alerts for a Repository

code_scanning_alerts:read

/repos/{org}/{repo}/secret-scanning/alerts

List Secret scanning alerts for a Repository

secret_scanning_alerts:read

Errors

This table lists error codes that you may encounter when adding a connection in DX.

Error

Description

invalid_credentials

Your API credentials entered are not valid.

invalid_permissions

Your GitHub App installation does not have the permissions required by DX.

no_resources

Your GitHub App installation cannot access any repositories.

private_key_needed

The key passed in is not an RSA private key.

Did this answer your question?