Configure GitHub Checks
Prerequisites
To install the BluBracket app for GitHub Checks, permissions to install a GitHub App on an org are required. This would be an organization owner or someone with admin level permissions in a repository .
Choosing which app to install
The BluBracket app for GitHub Checks is available for all BluBracket editions, and multiple offerings of GitHub.
| GitHub Cloud | GitHub Enterprise (including Server) | |
|---|---|---|
| BluBracket Community Edition | BluBracket Community & Team Edition | n/a |
| BluBracket Team Edition | BluBracket Community & Team Edition | n/a |
| BluBracket Enterprise Edition | BluBracket Enterprise Edition | BluBracket Enterprise Edition & GitHub Enterprise Server |
GitHub Checks setup for GitHub Cloud and BluBracket Community & Team Edition accounts
BluBracket Community and Team Edition accounts are monitored by the BluBracket Community Edition app. .
The BluBracket app for GitHub Checks is automatically installed when adding a GitHub org to your BluBracket Community Edition and BluBracket Team Edition account.
Note: if you added your GitHub org to BluBracket before 1 June 2022, the GitHub Checks was not automatically configured. Please follow these instructions to add GitHub Checks:
- If you are monitoring all repos in the GitHub org: go through the steps to add the GitHub org as a code server again (don’t delete the old code server). This won’t create any duplicate, it will simply add GitHub Checks to the existing configuration.
- If you are not monitoring all repos in the GitHub org: remove the current code server and re-add it to BluBracket . When re-adding the code server, the GitHub interface will allow you to select which repos you wish to monitor.
Whatever path you choose, your future PRs + commits to PRs in monitored repos will be checked by BluBracket.
GitHub Checks setup for BluBracket Enterprise Edition
BluBracket Enterprise Edition accounts are monitored by the BluBracket Checks App. .
Once your BluBracket Enterprise Edition account is configured and code servers setup, simply install the BluBracket Checks App. (this must be done by someone who has permissions in GitHub to install the app). Once installed, your future PRs + commits to PRs in monitored repos will be checked by BluBracket.
GitHub Checks setup for GitHub Enterprise Server
This version of GitHub Checks is for paid customers using the on-premise GitHub Enterprise Server
- Setup your BluBracket Enterprise Edition and configure code servers setup
- Create the GitHub Enterprise Server Checks app (follow
the instructions here
)
- One step in those instructions is to send the configuration details to the customer success team. Wait for confirmation from the team before proceeding.
- Install the app created from step 2 on the organization (this must be done by someone who has permissions in GitHub to install the app).
Once installed, your future PRs + commits to PRs in monitored repos will be checked by BluBracket.
BluBracket app for GitHub Checks workflow
Whatever version of the BluBracket app for GitHub Checks you choose, it will run for every pull request, and for every new commit to any open pull requests.
The app will alert you to any secrets found in the pull request, including both the tip of the pull request and the history of any commits. The alert includes details on where and what type of secret was found.
Example of a failing check on a pull request
By default, the BluBracket app for GitHub Checks does not block any pull requests. Usage statistics show over 80% of warnings about secrets in PRs are fixed before commit, and the non-blocking workflow is more respectful of developer needs.
Configuring repositories
To configure which repositories the BluBracket app for GitHub Checks monitors after installation, go to your GitHub organization → settings → GitHub apps (the URL pattern is github.com/organizations/{orgname}/settings/installations) to review all applications installed in the org.
Configuration is the same for all versions of the BluBracket app for GitHub Checks.
The BluBracket app for GitHub Checks for BluBracket Community and Team Edition accounts as it appears in the GitHub app configuration page
Find the BluBracket app for GitHub Checks in the list and click the “configure” button.
Configuring the BluBracket app for GitHub Checks for BluBracket Community and Team Edition accounts
Using the GitHub interface, make selections about which repos the app can access, and save the changes.
Any changes take effect with the next pull request (or commit in an open pull request), and apply to all users of the org.
Disabling GitHub Checks
Follow the steps to configure the BluBracket app for GitHub Checks app. From the configuration page, select either suspend or uninstall.
The options to uninstall the BluBracket app for GitHub Checks for BluBracket Community and Team Edition accounts
Both options take effect immediately and apply to the entire GitHub org.