All Collections
Privado Code Analyzer
Integrations
Connecting with GitHub Server
Connecting with GitHub Server
Vaibhav Antil avatar
Written by Vaibhav Antil
Updated over a week ago

After signing up, you will be redirected to the onboarding page. As part of onboarding, you will be prompted to connect Privado with your source code management tool for scanning the repositories.

Follow the steps below to connect with Github Server:

Prerequisite :

  1. A user with GitHub admin credentials for authentication. You can invite your team member with appropriate permissions to the Privado dashboard by clicking on 'Invite a team member'.

  2. Create a Privado application in GitHub Enterprise Server. You will need, “Application ID”, “Webhook Secret” and “Private Key” of the application you create to finish the integration.

Creating Privado Application on GitHub Server

Login to the GitHub Server and navigate to Settings

Scroll down and click on Developer Settings

Here, in the GitHub Apps section, click on New GitHub App button

Enter the following details:

  1. GitHub App Name: Privado Integrator

  2. Homepage URL: https://www.privado.ai/

  3. Callback URL: https://api.code.privado.ai/prod/ce/integrations/github-ent-server/success

  4. Expire user authorization tokens: Check this option

  5. Request user authorization (OAuth) during installation: Check this option

  6. Post Installation Section: Dont do anything

  7. In the Webhook section, Active: Tick the checkbox

  8. Webhook URL: https://api.code.privado.ai/prod/ce/hooks/github-ent-server

  9. Webhook secret: Generate a random 32-character long char string. Please save it because you will need this while integrating in Privado later.

  10. SSL Verification: Enable SSL verification

  11. Repository Permissions: Provide permissions for the below items -

    1. Administration: Read Only

    2. Contents: Read Only

    3. Deployments: Read Only

    4. Metadata: Read Only

    5. Pull Requests: Read & Write. We need write permission to add comments to the PR raised about the privacy issues in the new PR.

    6. Checks: Read and WrtTo add/update privacy checks in the form of github checks on a Pull request

  12. We do not need any Organization or Account permissions

  13. Subscribe to events: Enable the below checkboxes –

    1. Meta

    2. Create

    3. Delete

    4. Deployment

    5. Deployment Status

    6. Fork

    7. Member

    8. Pull Request

    9. Push

    10. Release

    11. Repository

  14. Where can this app be installed: Any Account. This is important because the organization where the application is created could be different from where it will get installed (or any other organization on the GitHub instance).

Keys & Secrets Needed for Privado Integration

Once you create the App, GitHub will take you to the App page. Scroll down to the bottom of the page and click on Generate Private key. It will download the private key on your machine.

To finish the integration you will need the following:

  1. Host: This is the domain of your GitHub server instance, for example, github.company.com

  2. GitHub App ID: It will be right at the top of your app with the field App Id

  3. GitHub App Key: Private key that you generated and downloaded on your machine

  4. GitHub Webhook Secret: Secret you created in the last step as Webhook Secret

Authenticating GitHub on Privado

Now you have finished all the prerequisites to finish the installation. Login to the Privado dashboard and click on Setup for the option of Connect GitHub Server

Now enter the values from the last step in the next screen and click Connect

Once you enter the details and click Connect, GitHub Authentication Screen will open, click on Install & Authorize to finish the installation.

This completes the integration with GitHub Server and Privado will start fetching the repository names in the account.

Please note that Privado will only scan the repositories selected for scanning in this step.

Did this answer your question?