Threatrix Documentation
Threatrix
  • Getting Started
  • Developer Quick Start
  • SecureShip
    • Artifactory Scanning
    • ThreatAgent Scanning
  • Threat Center
    • Creating Account
      • OAuth Login
    • Entity Dashboard
    • User Profile
  • AICertify
    • Reviewing Results
  • codecertify
    • Quick Start
    • Project Summary Tab
    • Components Tab
      • Custom Components
        • Adding
        • Editing
        • Important Notes
      • Header Panel
      • Module Tree Panel
      • Results Panel
        • Card View
        • Risk Graph View
      • Audit History
    • Assets Tab
      • Custom Asset Matches
        • Adding Asset Match
  • securecore
    • Project Dashboard
    • ThreatScan
    • Scan Results
  • Threat Agent
    • Threat Agent Overview
    • Threat Agent - Installation & Scanning
    • Scan Summary Reports
    • Resolving Errors
    • Scanning Container Images
  • Integrations
    • Dependency Managers
      • RENV
    • Build Integrations
      • AWS CodeBuild
      • Azure DevOps
      • Bitbucket Pipeline
      • CircleCI
      • GitHub Action
      • GitLab Pipeline
      • Jenkins Pipeline
    • SCM Integrations
      • GitLab
      • Bitbucket
    • Issue Management
      • Jira
    • Notifications
  • Policy Management
    • Policy Overview
    • Creating Policies
    • Policy Conditions
    • Policy Actions
    • Policy Scopes
  • Administration
    • User Management
    • Organization Settings
      • Organization Knowledge Base
      • Integration
        • Slack Integration
        • Jira Integration
        • Service Keys
    • RBAC
    • Entity Management
    • Okta
      • Okta Org2Org Integration
  • GraphQL API
    • API Overview
  • Resources
    • Dependency Managers
      • PIP
    • Dictionary
    • Licenses
    • Security & Privacy
    • Binary File Support
  • Hybrid / On Premise
    • Getting Started
    • Installation
    • Upgrade
    • Setup
    • Cloud Data Disclosure
    • Troubleshooting
Powered by GitBook
On this page
  • Common Build Integration Documentation
  • Environment Variables
  • Install Environment Variables as Secrets
  • Add Threat Agent to your GitHub Action script as follows:

Was this helpful?

  1. Integrations
  2. Build Integrations

GitHub Action

PreviousCircleCINextGitLab Pipeline

Last updated 4 months ago

Was this helpful?

Common Build Integration Documentation

This documentation is specific to GitHub. documentation should be reviewed before proceeding further.

Environment Variables

Environment variable values can be found in your .

  • THREATRIX_OID - Your organization ID.

  • THREATRIX_EID - Your entityID (if you wish to override your default).

  • THREATRIX_API_KEY - Personal or organization API key.

Install Environment Variables as Secrets

This step may require administrative privileges within GitHub

  1. From within Github, navigate to Organization -> Settings -> Secrest and variables

  2. Select "Actions" from the menu

  3. Click New organization secret button

  4. Set secret name as shown above in Environment Variables

  5. From the Repository access drop down, select either "Private Repositories" or "Selected repositories"

  6. Click "Add secret"

Add Threat Agent to your GitHub Action script as follows:

on:
  pull_request:
    types:
      - 'opened'
      - 'reopened'
  workflow_dispatch:
jobs:
  execute-scan-workflow:
    uses: threatrix/threat-agent-scan/.github/workflows/scan-repo-reusable.yaml@master
    with:
      app-name: YOUR_PROJECT_NAME
      trx-host: https://app.threatrix.io
    secrets:
      TOKEN: ${{ secrets.GITHUB_TOKEN }}
      THREATRIX_EID: ${{ secrets.THREATRIX_EID }}
      THREATRIX_OID: ${{ secrets.THREATRIX_OID }}
      THREATRIX_SERVER_API_KEY: ${{ secrets.THREATRIX_API_KEY }}
Common build server
user profile