GitHub
Last updated
Was this helpful?
Last updated
Was this helpful?
Firefly integrates with GitHub to pull in information about your repositories, organizations, and related assets. This integration allows you to manage and monitor your GitHub resources as part of your Firefly Inventory, enabling you to enforce policies and maintain consistency across your GitHub assets.
A GitHub account with appropriate permissions
A Personal Access Token (PAT) with the required scopes
Access to the GitHub organizations you want to integrate
Log in to your GitHub account
Generate a Personal Access Token by visiting with the following scopes:
repo:status
repo_deployment
repo:invite
public_repo
security_events
read:org
read:public_key
read:repo_hook
notifications
read:user
user:email
read:enterprise
read:gpg_key
In Firefly:
Navigate to Settings > Integrations
Select Add New > GitHub
Paste your Personal Access Token into the Access Token field
Select Next
Enter a descriptive name in the Nickname field
Select the desired Organization
Select Next > Done
Firefly scans your GitHub assets regularly to keep your inventory up to date
You can enforce policies on your GitHub repositories and related assets
The integration supports multiple GitHub organizations
Your Personal Access Token is stored securely and encrypted
Use a dedicated GitHub account or organization for Firefly integration
Grant only the minimum required permissions to the Personal Access Token
Regularly rotate your Personal Access Token
Monitor the integration's activity in both Firefly and GitHub
Keep track of which repositories are being monitored
If the integration fails to connect:
Verify your Personal Access Token is valid and has the correct scopes
Check your network connectivity to GitHub
Ensure your GitHub account has access to the selected organization
If assets are not being discovered:
Verify the organization selection in Firefly
Check if the repositories are accessible to the integration account
Review the integration logs in Firefly
For token-related issues:
Generate a new Personal Access Token if the current one is compromised
Ensure the token hasn't expired
Verify all required scopes are enabled
Go to GitHub.com and log in to your account
Click your profile picture > Settings
Scroll down to Developer settings (bottom left)
Select Personal access tokens > Tokens (classic)
Click Generate new token > Generate new token (classic)
Give your token a descriptive name
Select the required scopes as listed above
Click Generate token
IMPORTANT: Copy the token immediately as you won't be able to see it again