Set up GitHub

Integrating with GitHub enables oak9 to scan for any IaC files within a repository with the end result of pinpointing any existing security design gaps as well as potentially fixing those configurations via pull requests. This process is done:
  • Continuously: oak9 triggers these scans once a day to ensure full monitoring of your repository
  • Autonomously: this process is 100% automatic. After integration, you’ll never have to trigger a scan manually on your end (though you will always still have this option!). That’s right, no more button clicking!
  • Securely: we prioritize client confidentiality and security. We only ask for the permissions absolutely necessary to run this workflow and we ensure that none of your code is kept in our system after execution
  • Seamlessly: oak9 and GitHub work together as essentially, a single application
How to Integrate:
  1. 1.
    Log in to oak9
2. Click on the Integrations icon in the navigation bar on the left\
3. Scroll down until you locate the GitHub integration underneath the Repository Integrations section\
4. Click Add Integration\
5. Click Open GitHub
6. Click Configure
7. Choose a designated account to install the application on
8. You’ll have two options when installing the application:
8A. Allow the oak9 app to access all repositories:
8B. Allow the oak9 app to access specific repositories:
8C.In this case, we only want to give the oak9io app permission to access a specific repository called personal-account/my-repository. Let’s go ahead and click Install\
9. You'll then have to select one or more repositories to be monitored
10. Select a project to integrate the GitHub repository with. By default, if you do not select a project, we’ll create one for you with the following name: {GitHub username}/{Repository name}\
11. Click Save
12. You’ll be redirected to the project page in which you just integrated with. Within a few seconds you should be able to see that your validation has completed\
13. You’ll next receive an email from [email protected] (or a member of your admin team) with information relating to a newly created PR by the oak9io bot. Some of the information included in this email will be:
  • The title of the PR
  • A high-level summary of the design gaps found
  • A link to the PR
  • A link to the validation results
  • The number of files changes
  • A commit messages with a date stamp included
14. Login to GitHub and try to find a newly created PR made by the oak9io bot
15. Click on the Pull Request
16. Check out to see if any of your files have changed:
Hoorah! You’ve integrated with GitHub and have validated your IaC code. Get working on getting those changes in if you have any!