LogoLogo
  • Welcome to Firefly Documentation
  • Introduction
    • What is Firefly?
    • Who is Firefly for?
    • Why use Firefly?
    • Terminology (Glossary)
  • Key Features
    • Infrastructure-as-Code Automation
    • Cloud Asset Inventory
    • Drift Detection & Remediation
    • Policy-as-Code for Compliance & Governance
    • Cost Visibility & Optimization
    • AI Assistant
    • ChatOps Integration
  • Getting Started
    • Account Setup & Onboarding
    • Connecting Cloud Accounts
    • UI Walkthrough & Navigation
    • First Steps in Firefly
  • Detailed Guides
    • Dashboard Overview
    • Cloud Asset Inventory
      • Remediating Drifts
      • Deleting Assets
      • Creating IaC-Ignore Rules
      • Creating Exclude-Drift Rules
    • Policy & Governance
      • Creating Policy-as-Code Governance Rules
      • Remediating Policy Violations
    • Workflows & Guardrails
      • Creating Workflows
      • Creating Guardrail Rules
    • Codification
    • Self-Service
    • IaC Explorer
    • Event Center
    • Backup and Disaster Recovery
    • Notifications
    • User Management
    • SSO Configuration
  • Integrations
    • Integrations Overview
    • Integrating Data Sources
      • AWS
      • Azure
      • Google Cloud
      • Kubernetes
      • Akamai
      • Datadog
      • New Relic
      • Okta
      • GitHub
      • Cloudflare
      • NS1
      • PagerDuty
      • MongoDB Atlas
      • HashiCorp Vault
    • Integrating IaC Remote State
      • Terraform Cloud
      • Google Cloud Storage
      • env0
      • HashiCorp Consul
      • Firefly States Redactor
    • Integrating Version Control
      • GitHub
      • GitLab
      • Azure DevOps
      • CodeCommit
      • Bitbucket
    • Integrating Notifications
      • Slack
      • Microsoft Teams
      • PagerDuty
      • Opsgenie
      • Torq
      • Webex
      • Google Chat
      • Webhook
    • Integrating Project Management
      • Jira
      • ServiceNow
    • Integrating Workflows with CI/CD
    • Integrating Backstage
    • Integrating MCP
  • Use Cases & Best Practices
    • Cloud Governance & Visibility
    • Cost Optimization Strategies
    • Compliance and Security Best Practices
    • Infrastructure Automation & Self-Service
    • Best Practices and Implementation Tips
  • Analytics & Reporting
    • Analytics Dashboard Overview
    • Using Analytics for Improvement
    • Exporting and Sharing Reports
    • Analytics Security and Privacy
  • Code Snippets & Examples
    • Terraform Snippet for an AWS EC2 Instance (Codified via Firefly)
    • Example Rego Policy (OPA) for a Custom Rule
    • GitHub Actions Workflow YAML for Firefly Integration
    • JSON Output Example: Exporting Inventory
  • Troubleshooting & FAQs
    • Common Issues and Solutions
    • FAQs
  • General Information
    • Firefly API
      • Authentication
      • Inventory
      • Codification
      • Workflows
      • Self-Service
      • Policy & Governance
      • IaC Explorer
      • Event Center
      • Backup & Disaster Recovery
      • Notifications
      • Integrations
      • Identity & Access Management
    • Security & Compliance
    • Pricing Tiers & Add-ons
    • Contacting Support
Powered by GitBook
On this page
  • Overview
  • Prerequisites
  • Setup Procedure
  • Repository Scopes
  • Organization Scopes
  • Public Key Scopes
  • Repository Hook Scopes
  • User Scopes
  • Discussion Scopes
  • GPG Key Scopes
  • Configuration Details
  • Best Practices
  • Troubleshooting
  • Creating a Personal Access Token

Was this helpful?

  1. Integrations
  2. Integrating Data Sources

GitHub

PreviousOktaNextCloudflare

Last updated 1 month ago

Was this helpful?

Overview

Firefly integrates with GitHub to pull in information about your repositories, organizations, and related assets. This integration allows you to manage and monitor your GitHub resources as part of your Firefly Inventory, enabling you to enforce policies and maintain consistency across your GitHub assets.

Prerequisites

  • A GitHub account with appropriate permissions

  • A Personal Access Token (PAT) with the required scopes

  • Access to the GitHub organizations you want to integrate

Setup Procedure

  1. Log in to your GitHub account

  2. Generate a Personal Access Token by visiting with the following scopes:

Repository Scopes

  • repo:status

  • repo_deployment

  • repo:invite

  • public_repo

  • security_events

Organization Scopes

  • read:org

Public Key Scopes

  • read:public_key

Repository Hook Scopes

  • read:repo_hook

  • notifications

User Scopes

  • read:user

  • user:email

Discussion Scopes

  • read:enterprise

GPG Key Scopes

  • read:gpg_key

  1. In Firefly:

    • Navigate to Settings > Integrations

    • Select Add New > GitHub

    • Paste your Personal Access Token into the Access Token field

    • Select Next

    • Enter a descriptive name in the Nickname field

    • Select the desired Organization

    • Select Next > Done

Configuration Details

  • Firefly scans your GitHub assets regularly to keep your inventory up to date

  • You can enforce policies on your GitHub repositories and related assets

  • The integration supports multiple GitHub organizations

  • Your Personal Access Token is stored securely and encrypted

Best Practices

  1. Use a dedicated GitHub account or organization for Firefly integration

  2. Grant only the minimum required permissions to the Personal Access Token

  3. Regularly rotate your Personal Access Token

  4. Monitor the integration's activity in both Firefly and GitHub

  5. Keep track of which repositories are being monitored

Troubleshooting

  1. If the integration fails to connect:

    • Verify your Personal Access Token is valid and has the correct scopes

    • Check your network connectivity to GitHub

    • Ensure your GitHub account has access to the selected organization

  2. If assets are not being discovered:

    • Verify the organization selection in Firefly

    • Check if the repositories are accessible to the integration account

    • Review the integration logs in Firefly

  3. For token-related issues:

    • Generate a new Personal Access Token if the current one is compromised

    • Ensure the token hasn't expired

    • Verify all required scopes are enabled

Creating a Personal Access Token

  1. Go to GitHub.com and log in to your account

  2. Click your profile picture > Settings

  3. Scroll down to Developer settings (bottom left)

  4. Select Personal access tokens > Tokens (classic)

  5. Click Generate new token > Generate new token (classic)

  6. Give your token a descriptive name

  7. Select the required scopes as listed above

  8. Click Generate token

  9. IMPORTANT: Copy the token immediately as you won't be able to see it again

GitHub's token creation page