GitHub for Snyk Essentials
GitHub setup guide for Snyk Essentials
Pulled entities by Snyk Essentials from GitHub
Repositories
Builds - only when using GitHub Actions.
Scans - only when using Code security.
Prerequisites
Ensure you meet all prerequisites listed on the GitHub and GitHub Enterprise permission requirements page.
Integrate GitHub using Snyk Essentials
Profile name (
mandatory
): Input your integration profile name.Organizations (
mandatory
): Input the names of all the relevant GitHub organizations.
Access Token (
mandatory
): Create your GitHub PAT from your GitHub Organization.
Generate your GitHub PAT by following the instructions in the Generate a Personal access token from your GitHub settings section.
Authorize your GitHub PAT if you have configured SAML SSO. See the How to authorize your Personal Access Token and enable SSO page for more details.
Broker Token (
mandatory
): Create and add your Broker token if you use Snyk Broker.Generate your Broker token by following the instructions from the Obtain your Broker token for Snyk Broker page.
Copy and paste the Broker token on the integration setup menu from the Integration Hub.
API URL (
mandatory
) - Input the API URL. The default URL ishttps://api.github.com
.Pull personal repositories (
optional
): Enable the option if you only want to pull the repositories you own.Add Backstage Catalog (
optional
): If you want to add your Backstage catalog, follow the instructions from the Backstage file for SCM Integrations page.
If you enabled the Pull personal repositories option, only your personal repositories are pulled, not the public ones.
If you want to pull data from both organization and personal repositories, then you must set up separate profiles.
Generate a Personal access token from your GitHub settings
Open GitHub and click the Settings menu for your profile.
Select Developer settings from the left sidebar.
Select Personal access tokens and then Tokens (classic).
Click Generate new token and, from the dropdown, select Generate new token (classic).
Add a description for your token in the Note field.
Select the required permissions:
repo
read:org
read:user
user:email
.
Click Generate token.
Copy and store the displayed key.
API Version
You can use the GitHub REST API repository to access information about the API.
You can use as the host Address the IP/URL of the GitHub server. The default URL is https://api.github.com
.
The user associated with the token needs to have write permissions on relevant repositories to collect a breakdown of scan issues.
Last updated
Was this helpful?