After signing up, you will be redirected to the onboarding page. As part of onboarding, you will be prompted to connect Privado with your source code management tool for scanning the repositories.
Follow the steps below to connect with Github Server:
A user with GitHub admin credentials for authentication. You can invite your team member with appropriate permissions to the Privado dashboard by clicking on 'Invite a team member'.
Create a Privado application in GitHub Enterprise Server. You will need, “Application ID”, “Webhook Secret” and “Private Key” of the application you create to finish the integration.
Creating Privado Application on GitHub Server
Login to the GitHub Server and navigate to Settings
Scroll down and click on Developer Settings
Here, in the GitHub Apps section, click on New GitHub App button
Enter the following details:
GitHub App Name: Privado Integrator
Homepage URL: https://www.privado.ai/
Expire user authorization tokens: Check this option
Request user authorization (OAuth) during installation: Check this option
Post Installation Section: Dont do anything
In the Webhook section, Active: Tick the checkbox
Webhook secret: Generate a random 32-character long char string. Please save it because you will need this while integrating in Privado later.
SSL Verification: Enable SSL verification
Repository Permissions: Provide permissions for the below items -
Administration: Read Only
Contents: Read Only
Deployments: Read Only
Metadata: Read Only
Pull Requests: Read & Write. We need write permission to add comments to the PR raised about the privacy issues in the new PR.
Checks: Read and WrtTo add/update privacy checks in the form of github checks on a Pull request
We do not need any Organization or Account permissions
Subscribe to events: Enable the below checkboxes –
Where can this app be installed: Any Account. This is important because the organization where the application is created could be different from where it will get installed (or any other organization on the GitHub instance).
Keys & Secrets Needed for Privado Integration
Once you create the App, GitHub will take you to the App page. Scroll down to the bottom of the page and click on Generate Private key. It will download the private key on your machine.
To finish the integration you will need the following:
Host: This is the domain of your GitHub server instance, for example, github.company.com
GitHub App ID: It will be right at the top of your app with the field App Id
GitHub App Key: Private key that you generated and downloaded on your machine
GitHub Webhook Secret: Secret you created in the last step as Webhook Secret
Authenticating GitHub on Privado
Now you have finished all the prerequisites to finish the installation. Login to the Privado dashboard and click on Setup for the option of Connect GitHub Server
Now enter the values from the last step in the next screen and click Connect
Once you enter the details and click Connect, GitHub Authentication Screen will open, click on Install & Authorize to finish the installation.
This completes the integration with GitHub Server and Privado will start fetching the repository names in the account.
Please note that Privado will only scan the repositories selected for scanning in this step.