Skip to main content

GitHub

Configure Connector

Integrating StackGuardian with GitHub allows you to leverage Infrastructure and Policy as Code from your private repositories. By configuring a VCS (Version Control System), you can fetch the latest IaC (Infrastructure as Code) or Policy code during your workflow runtime. This document provides step-by-step instructions on how to set up the GitHub integration.

Setting up GitHub Connector

  1. Navigate to the Connectors Tab: Log in to the StackGuardian Platform and navigate to the "Connectors" tab.
  2. Connect to GitHub: Click on "Connect to GitHub" You will be redirected to github.com
  3. Install the StackGuardian GitHub App: On GitHub, you will see a screen with an Install button. Click on it to start the installation process.
  4. Select Repositories: Follow the instructions to allow access to selected repositories or all repositories within your GitHub organization or user account.
  5. Complete Installation: After granting permissions, you will be redirected back to the StackGuardian Platform. You should now see a VCS Connector named "github_com" in the Connectors tab.

When installation is complete you will be redirected back to StackGuardian Platform and you should see a VCS Connector named "github_com" in Connectors tab.


Successful GitHub Connector

Successful GitHub Connector

GitHub Triggers

Github triggers for your workflows, such as initiating builds on commits or deploying on tag creation.

Trigger Settings

To set up Github triggers in Orchestrator:

  1. Access Workflow Groups and select the target Workflow.
  2. Inside the workflow, navigate to the Settings > Source and Parameters > Git Repository.
  3. Within Advanced Options dropdown, access the triggers settings by clicking on the Configure GitHub Triggers (Preview) button.
Trigger Settings

Trigger Settings

Triggers Options

Available options to set up triggers for your GitHub workflows:

Run Workflow When:

  • All pull requests in the repository - Triggers a workflow when any pull request is created.
  • A pull request towards the tracked branch - Triggers a workflow when a pull request is opened towards a specific branch.
  • A push made to the tracked branch - Triggers a workflow when a push is made to the tracked branch.
  • A tag creation - Triggers a workflow when a new tag is created in the repository.

Workflow Options:

  • Run Terraform plan only - When enabled, only a Terraform plan is executed.
  • Require Terraform plan approval before apply - When enabled, Terraform plan must be approved before it is applied.

After Execution (Post):

  • The commit status back to the Github checks - Sends the commit status back to GitHub after execution.
  • The summary as a comment to the pull request - Posts a summary as a comment to the pull request after execution.

Target Branch Configuration:

  • Specify the target branch - Set the default branch for triggers; available when "A push or pull request towards the tracked branch" is selected.

Make sure to review and verify all configurations and Save respectively.