Skip to main content

GitHub

Configure Connector​

Integrating StackGuardian with GitHub allows you to leverage Infrastructure and Policy as Code from your private repositories. By configuring a VCS (Version Control System), you can fetch the latest IaC (Infrastructure as Code) or Policy code during your workflow runtime. This document provides step-by-step instructions on how to set up the GitHub integration.

Setting up GitHub Connector​

  1. Navigate to the Connectors Tab: Log in to the StackGuardian Platform and navigate to the "Connectors" tab.
  2. Connect to GitHub: Click on "Connect to GitHub" You will be redirected to Github.com
  3. Install the StackGuardian GitHub App: On GitHub, you will see a screen with an "Install" button. Click on it to start the installation process.
  4. Select Repositories: Follow the instructions to allow access to selected repositories or all repositories within your GitHub organization or user account.
  5. Complete Installation: After granting permissions, you will be redirected back to the StackGuardian Platform. You should now see a VCS Connector named "github_com" in the "Connectors" tab.

When installation is complete you will be redirected back to StackGuardian Platform and you should see a VCS Connector named "github_com" in Connectors tab.


Successful GitHub Connector

GitHub Triggers​

Github triggers for your workflows, such as initiating builds on commits or deploying on tag creation.

Trigger Settings​

To set up Github triggers in Orchestrator:

  1. Access Workflow Groups and select the target Workflow.
  2. Inside the workflow, navigate to the Settings > Source and Parameters > Git Repository.
  3. Within Advanced Options dropdown, access the triggers settings by clicking on the Configure GitHub Triggers (Preview) button.

Triggers Options​

Available options to set up triggers for your GitHub workflows:

Run Workflow When:​

  • All pull requests in the repository - Triggers a workflow when any pull request is created.
  • A pull request towards the tracked branch - Triggers a workflow when a pull request is opened towards a specific branch.
  • A push made to the tracked branch - Triggers a workflow when a push is made to the tracked branch.
  • A tag creation - Triggers a workflow when a new tag is created in the repository.

Workflow Options:​

  • Run Terraform plan only - When enabled, only a Terraform plan is executed.
  • Require Terraform plan approval before apply - When enabled, Terraform plan must be approved before it is applied.

After Execution (Post):​

  • The commit status back to the Github checks - Sends the commit status back to GitHub after execution.
  • The summary as a comment to the pull request - Posts a summary as a comment to the pull request after execution.

Target Branch Configuration:​

  • Specify the target branch - Set the default branch for triggers; available when "A push or pull request towards the tracked branch" is selected.

Make sure to review and verify all configurations and Save respectively.