Set up GitHub

Integrating with GitHub enables oak9 to scan for any IaC files within a repository with the end result of pinpointing any existing security design gaps as well as potentially fixing those configurations via pull requests. This process is done:
  • Continuously: oak9 triggers these scans once a day to ensure full monitoring of your repository
  • Autonomously: this process is 100% automatic. After integration, you’ll never have to trigger a scan manually on your end (though you will always still have this option!). That’s right, no more button clicking!
  • Securely: we prioritize client confidentiality and security. We only ask for the permissions absolutely necessary to run this workflow and we ensure that none of your code is kept in our system after execution
  • Seamlessly: oak9 and GitHub work together as essentially, a single application
How to Integrate:
  1. 1.
    Log in to oak9
  2. 2.
    Click on the Integrations icon in the navigation bar on the lef
Seletct GitHub Integration Setup
  1. 3.
    Scroll down until you locate the GitHub integration underneath the Repository Integrations section
  2. 4.
    Click Add Integration on the GitHub card
  3. 5.
    Click Open GitHub
  4. 6.
    Login to your correct GitHub account (not show in screenshots)
  5. 7.
    Click to Install the oak9 App
    Adding the GitHub Integration
You’ll have two options when installing the application
a. Allow the oak9 app to access all repositories:
Install All Repos
b. Allow the oak9 app to access specific repositories:
Install to Specific Repo
8. Click Install
  1. 9.
    You'll then have to select one or more repositories to be monitored
  2. 10.
    Select a project to integrate the GitHub repository with. By default, if you do not select a project, we’ll create one for you with the following name: {GitHub username}/{Repository name}
  3. 11.
    Adjust your code review settings to select which branch, any specific paths to follow, and priority of findings that create a PR
    Code Review Settings
Complete GitHub Integration
12. Click Save
13. You’ll be redirected to Findings View for the project, a validation should run the first time automatically
Findings View
14. You’ll next receive an email from [email protected] (or a member of your admin team) with information relating to a newly created PR by the oak9io bot. Some of the information included in this email will be:
  • The title of the PR
  • A high-level summary of the design gaps found
  • A link to the PR
  • A link to the validation results
  • The number of files changes
  • A commit messages with a date stamp included
15. Login to GitHub and try to find a newly created PR made by the oak9io bot
16. Click on the Pull Request
17. Check out to see if any of your files have changed:
Hoorah! You’ve integrated with GitHub and have validated your IaC code. Get working on getting those changes in if you have any!