Skip to main content

Configuring GitHub Integration (up to v8.5.0)

As a prerequisite, you should first install and configure Git (please refer to Installing and Configuring Git). You also need access to a GitHub account: https://github.com/

Notice

Refer to Adding SSH Key to GitHub and GitHub Webhooks for instructions on adding an SSH Key to GitHub and verifying that a webhook has been created.

1. Proceed according to the steps for Setting a GIT Repository and Choosing a Branch to be scanned.

2. Select the GitHub Integration checkbox.

2868773481.png

3. Enter the GitHub repository owner and collaborator credentials into the relevant User Name and Password fields.

Notice

  • The GitHub user with repository owner authorization will be used for creating and using a GitHub WebHook (see GitHub Webhooks ).

  • The GitHub user with repository collaborator authorization is used to create commit comments.

4. Configure the Event threshold. A scan in Checkmarx CxSAST will be initiated only after this number of events has occurred, since the last triggered scan.

Notice

By default, the event threshold value is set to 5, because triggering a scan after fewer events may overload the system. If the user specifies a lower number, a warning message is displayed.

5. Click <Test Connection> to confirm authentication to GitHub runs properly.

6. Click <OK> to complete the procedure.