Skip to main content

Monitor New Repositories

Monitor New Repositories feature provides automation capabilities for Checkmarx One projects creation.

Once a GitHub organization is selected during the import process, and the feature is enabled, Checkmarx One starts listening to the repository creation events inside GitHub.

After that the import process is done, it is possible to control the feature via Global Settings.

  1. Click on Settings > Global Settings

    Global_Settings.png
  2. Click on Code Repository.

    Organization_Settings.png

Every new repository that is created in the GitHub organization will trigger the creation of a matching project in Checkmarx One.

Additionally, new projects will be created in Checkmarx One for repositories that were transferred within GitHub from any organization to the monitored organization.

The naming convention of the new project created via Checkmarx One is <organization>/<repository>.

After the project is created, the following functionalities are automatically applied for the project:

  • Every Push event or Pull request action that is performed in the repository will trigger a scan in Checkmarx One.

    For additional information see Code Repository Integration Usage & Results.

  • It is also possible to manually scan the repository via Checkmarx One.

Limitations

  • The feature is supported for GitHub Cloud and GitHub Self-Hosted.

  • The feature is not supported for the User organization. This is because it is not possible to create a new webhook under the User organization (although it is possible to create a new repository).

  • Only users with Admin permissions for the organization can create new repositories under the organization. In case the user has a different permission level, an error message will be presented when selecting the organization.

  • The feature doesn't support the repository Update or Delete events. This means that in case the GitHub repository was deleted, the project won't be deleted in Checkmarx One, and the user will need to manually delete it.