Learn how to install Nightfall DLP for GitHub.
You can install Nightfall for GitHub via the Nightfall console. The Nightfall app for GitHub requires the following permissions:
Read access to code, commit statuses, and metadata
Read and write access to issues and pull requests
Nightfall has an option to notify developers for violations via email. Further, the Nightfall app for GitHub also needs read and write permissions on issues and pull requests to tag developers in pull request comments. These permissions are needed by Nightfall to tag developers for violations in a commit or a Pull Request.
To install from Nightfall's console,
Go to Nightfall's dashboard here.
Click GitHub under My Integrations. The GitHub Account Information screen displays. If GitHub is not listed under My Integrations but is in Available Integrations, please reach out to your Nightfall contact.
Click + Add Org. The GitHub sign-in page displays.
Log in to the GitHub instance where you wish to install Nightfall for GitHub. If you are already logged in to your GitHub account, you only need to enter the password.
If you have enabled multi-factor authentication (MFA) on your GitHub account, you receive an authorization code. You must enter this code to continue the installation process.
Ensure that the All repositories radio button is selected on the Authorization page. This ensures that all of your GitHub repositories are monitored by Nightfall. Nightfall recommends you to select this option. To monitor only a specific set of repositories, select Only select repositories radio button and select the required repositories.
Click Install and Authorize.
If you select only some specific repositories to be monitored by Nightfall and later on wish to monitor more repositories or all the repositories, refer to this section.
Nightfall for GitHub is now successfully installed. You can check your GitHub username under the Account Information section of the GitHub integration.
This section explains how you can modify the repository settings configured while installing Nightfall for GitHub. This section helps you in the following scenarios.
While installing Nightfall for GitHub, you have allowed only a few repositories to be monitored by Nightfall, and now wish that Nightfall monitors more or all of your GitHub repositories.
While installing Nightfall for GitHub, you have allowed all your GitHub repositories to be monitored by Nightfall and now wish only a few repositories to be monitored.
To modify Repository settings:
Log in to the GitHub account on which Nightfall for GitHub is installed.
Click the name icon on the extreme right corner and select Settings.
Select Applications under the Integrations section from the left menu.
Select Configure for the Nightfall for the GitHub application.
Scroll down to the Repository access section and make the necessary changes.
Click Save.
Learn the basics of Nightfall DLP for GitHub.
GitHub is a service that allows you to store and manage your code and other assets within repositories.
Nightfall DLP for GitHub protects your data, like API keys and secrets, from leakages that could happen when using GitHub. Nightfall scans commits to Git repositories, identifies sensitive information, and prevents it from being leaked.
Nightfall for GitHub supports the following cloud editions of GitHub:
Enterprise Cloud
Enterprise Servers
For Teams and Startups
You can install and authorize Nightfall DLP app package in GitHub.
Make sure the following requirements are fulfilled before you get started with the installation of Nightfall DLP for GitHub.
Understand the process of configuring integration alerts for Nightfall for GitHub.
The Nightfall for GitHub integration supports the configuration of alerts at the policy level and at the integration level. Alerts can be sent in GitHub to the following alert destinations.
When you configure alert settings at the integration level, the alert settings apply to all the policies, created for the GitHub integration. However, when you configure alert settings specifically for a policy, which is created in the GitHub integration, the alert settings are applicable only for that specific policy.
This document explains how to configure alerts at the integration level.
To use Slack as an alert platform, you must first perform the required Slack configurations. You can refer to this document to learn more about how to configure Slack as an Alert platform.
To use Webhook as an alert platform, you must first perform the required Webhook configurations. You can refer to this document to learn more about how to configure Webhook as an Alert platform.
To use JIRA as an alert platform, you must have the DLP for the JIRA app installed from the Atlassian Marketplace. You can read more about the DLP for JIRA integration here.
You can configure alerts at the integration level once you have installed the Nightfall for GitHub DLP integration.
To configure alerts at the integration level:
Navigate to the GitHub integration.
Scroll down to the GitHub section.
You can configure one or multiple alert channels.
To configure Slack as an alert channel, click + Slack channel.
In the Slack alert channel field, enter the name of the Slack channel in which you wish to receive the alerts.
Click Save.
A confirmation pop-up box is displayed to confirm if the Slack channel (entered in the second step) must be used only for GitHub DLP integration or all the Nightfall integrations.
Select No, only integration level to use the Slack channel only for GitHub DLP, or select Yes, please to use the selected Slack channel for all the Nightfall integrations.
Click + Email.
Enter the Email ID of the recipient who should receive the notifications.
Click Save.
A confirmation pop-up box is displayed to confirm if the Email ID (entered in the second step) must be used only for GitHub DLP integration or all the Nightfall integrations.
Select No, only integration level to use the Slack channel only for GitHub DLP, or select Yes, please to use the selected Slack channel for all the Nightfall integrations.
Click + Webhook.
Enter the Webhook URL.
Click Test. If the test result is not successful, check the Webhook URL.
(Optional) Click Add Header to add headers.
Click Save.
When you configure alerts to a Webhook, Nightfall AI sends occasional posts to:
Validate that the Webhook is properly configured before the policy is saved.
Periodically thereafter to ensure that the Webhook is still valid.
The response to the test Webhooks is 200
status code if successful.
An example of Webhook request is as follows.
This is part of alert event consumption and can be ignored.
Click + Jira Ticket.
Select a JIRA project from the Jira Project drop-down menu.
Select an issue type from the Issue Type drop-down menu.
(Optional) Add comments to be added in the JIRA ticket.
Click Save changes.
A confirmation pop-up box is displayed to confirm if the JIRA settings configured for the GitHub DLP integration must be applied to all the other Nightfall integrations too.
Select No, only integration level to use the configurations only for GitHub DLP, or select Yes, please to use the selected JIRA configurations for all the Nightfall integrations.
When an Event is triggered, Nightfall sends a notification to the end-user whose actions triggered the Event. While notifying the end-user, Nightfall also sends a text message. You can draft the text message to be sent to the end-user. This message applies to all the policies. Click Save changes once done.