Configure GitHub Checks

Prerequisites

To install the BluBracket app for GitHub Checks, permissions to install a GitHub App on an org are required. This would be an organization owner or someone with admin level permissions in a repository.

Choosing which app to install

The BluBracket app for GitHub Checks is available for all BluBracket editions, and multiple offerings of GitHub.

GitHub CloudGitHub Enterprise
(including Server)
BluBracket Community EditionBluBracket Community & Team Editionn/a
BluBracket Team EditionBluBracket Community & Team Editionn/a
BluBracket Enterprise EditionBluBracket Enterprise EditionBluBracket Enterprise Edition & GitHub Enterprise Server

GitHub Checks setup for GitHub Cloud and BluBracket Community & Team Edition accounts

BluBracket Community and Team Edition accounts are monitored by the BluBracket Community Edition app..

Github Checks for GitHub Cloud and BluBracket Community & Team Editions

The BluBracket app for GitHub Checks is automatically installed when adding a GitHub org to your BluBracket Community Edition and BluBracket Team Edition account.

Note: if you added your GitHub org to BluBracket before 1 June 2022, the GitHub Checks was not automatically configured. Please follow these instructions to add GitHub Checks:

  • If you are monitoring all repos in the GitHub org: go through the steps to add the GitHub org as a code server again (don’t delete the old code server). This won’t create any duplicate, it will simply add GitHub Checks to the existing configuration.
  • If you are not monitoring all repos in the GitHub org: remove the current code server and re-add it to BluBracket. When re-adding the code server, the GitHub interface will allow you to select which repos you wish to monitor.

Whatever path you choose, your future PRs + commits to PRs in monitored repos will be checked by BluBracket.

GitHub Checks setup for BluBracket Enterprise Edition

BluBracket Enterprise Edition accounts are monitored by the BluBracket Checks App..

Once your BluBracket Enterprise Edition account is configured and code servers setup, simply install the BluBracket Checks App. (this must be done by someone who has permissions in GitHub to install the app). Once installed, your future PRs + commits to PRs in monitored repos will be checked by BluBracket.

Github Checks for GitHub Cloud and BluBracket Enterprise Edition

GitHub Checks setup for GitHub Enterprise Server

This version of GitHub Checks is for paid customers using the on-premise GitHub Enterprise Server

  1. Setup your BluBracket Enterprise Edition and configure code servers setup
  2. Create the GitHub Enterprise Server Checks app (follow the instructions here)
    1. One step in those instructions is to send the configuration details to the customer success team. Wait for confirmation from the team before proceeding.
  3. Install the app created from step 2 on the organization (this must be done by someone who has permissions in GitHub to install the app).

Once installed, your future PRs + commits to PRs in monitored repos will be checked by BluBracket.

GitHub Checks Enterprise

BluBracket app for GitHub Checks workflow

Whatever version of the BluBracket app for GitHub Checks you choose, it will run for every pull request, and for every new commit to any open pull requests.

The app will alert you to any secrets found in the pull request, including both the tip of the pull request and the history of any commits. The alert includes details on where and what type of secret was found.

Example of a failing check on a pull request

Example of a failing check on a pull request

By default, the BluBracket app for GitHub Checks does not block any pull requests. Usage statistics show over 80% of warnings about secrets in PRs are fixed before commit, and the non-blocking workflow is more respectful of developer needs.

Configuring repositories

To configure which repositories the BluBracket app for GitHub Checks monitors after installation, go to your GitHub organization → settings → GitHub apps (the URL pattern is github.com/organizations/{orgname}/settings/installations) to review all applications installed in the org.

Configuration is the same for all versions of the BluBracket app for GitHub Checks.

The BluBracket app for GitHub Checks for BluBracket Community and Team Edition accounts as it appears in the GitHub app configuration page

The BluBracket app for GitHub Checks for BluBracket Community and Team Edition accounts as it appears in the GitHub app configuration page

Find the BluBracket app for GitHub Checks in the list and click the “configure” button.

Configuring the BluBracket app for GitHub Checks for BluBracket Community and Team Edition accounts

Configuring the BluBracket app for GitHub Checks for BluBracket Community and Team Edition accounts

Using the GitHub interface, make selections about which repos the app can access, and save the changes.

Any changes take effect with the next pull request (or commit in an open pull request), and apply to all users of the org.

Disabling GitHub Checks

Follow the steps to configure the BluBracket app for GitHub Checks app. From the configuration page, select either suspend or uninstall.

The options to uninstall the BluBracket app for GitHub Checks for BluBracket Community and Team Edition accounts

The options to uninstall the BluBracket app for GitHub Checks for BluBracket Community and Team Edition accounts

Both options take effect immediately and apply to the entire GitHub org.

Edit this page on GitHub