GitHub

This integration allows Aftra to perform read-only clones of your repositories to scan for secrets, enhancing your project's security.

Step 1: Select the GitHub Provider

1. Navigate to the Repositories section within your Aftra Integrations.

2. Click on the GitHub card to begin the integration process. It will be highlighted with a blue border and a checkmark once selected.
   Click Connect in the lower right corner.
   
   

Step 2: Initiate Installation

1. You will be redirected to the Aftra.io GitHub App page.

2. Review the developer information to ensure it is the correct app
   (developed by aftra-software).

3. Click the green Install button to proceed.
   
   
   
   

Step 3: Authorize and Select Repositories

1. You will be taken to the Install & Authorize page on GitHub.

2. Select Account: Confirm you are installing it on the correct personal or organization account.

3. Choose Repositories: Select which repositories Aftra can scan:

   • All repositories: Grants access to all current and future repositories (Recommended for comprehensive coverage).

   • Only select repositories: Allows you to manually pick specific projects.

4. Review Permissions: Note that Aftra requests Read access to code, issues, metadata, and pull requests. This is required for the read-only secret scanning.

5. Click the green Install & Authorize button.
   
   

Step 4: Confirmation

1. Once authorized, you will be redirected back to the Aftra platform.

2. A popup window will appear confirming Integration complete.

3. Click Close window. Your GitHub repositories are now connected and ready to be scanned for secrets.