GitHub Action

Common Build Integration Documentation

This documentation is specific to GitHub. Common build server documentation should be reviewed before proceeding further.

Environment Variables

Environment variable values can be found in your user profile.

• THREATRIX_OID - Your organization ID.

• THREATRIX_EID - Your entityID (if you wish to override your default).

• THREATRIX_API_KEY - Personal or organization API key.

Install Environment Variables as Secrets

1. From within Github, navigate to Organization -> Settings -> Secrest and variables

2. Select "Actions" from the menu

3. Click New organization secret button

4. Set secret name as shown above in Environment Variables

5. From the Repository access drop down, select either "Private Repositories" or "Selected repositories"

6. Click "Add secret"

Add Threat Agent to your GitHub Action script as follows:

on:
  pull_request:
    types:
      - 'opened'
      - 'reopened'
  workflow_dispatch:
jobs:
  execute-scan-workflow:
    uses: threatrix/threat-agent-scan/.github/workflows/scan-repo-reusable.yaml@master
    with:
      app-name: YOUR_PROJECT_NAME
      trx-host: https://app.threatrix.io
    secrets:
      TOKEN: ${{ secrets.GITHUB_TOKEN }}
      THREATRIX_EID: ${{ secrets.THREATRIX_EID }}
      THREATRIX_OID: ${{ secrets.THREATRIX_OID }}
      THREATRIX_SERVER_API_KEY: ${{ secrets.THREATRIX_API_KEY }}