GitHub

Integrating GitHub with Escape's ASM provides unprecedent Code-to-Cloud visibility by matching your Code Resolvers with your Cloud Resources, through API Discovery from Code.

Discovered Resources¶

The GitHub integration automatically discovers and inventories the following resources from your GitHub organization:

• GitHub Repositories: All repositories within the organization or specified scope
• API Schema Files: OpenAPI specifications, GraphQL schemas, Postman collections, and other API definition files found in repositories
• Extracted APIs: API endpoints and services defined in discovered schema files

The integration scans your repositories for API schema files, extracts API definitions, and automatically classifies them as Assets (APIs) in Escape's ASM. This enables Code-to-Cloud security monitoring by linking discovered APIs to their source repositories and enabling continuous testing as code changes.

Note: You must connect an organization GitHub account; a personal account is not supported.

Creating a GitHub Personal Access Token¶

1. Navigate to GitHub Settings:

   • Go to your profile settings and select "Developer settings"

2. Personal Access Tokens:

   • Select "Personal access tokens"
   • Select "Fine-grained tokens"
   • Click "Generate new token"

3. Token Configuration:

   • Resource Owner: Select your organization (must be public)
   • Repository Access: Grant access to all repositories
   • Repository Permissions: Set "read-only" for contents and metadata
   • Organization Permissions: Set "read-only" for members

4. Generate and Copy Your Token:

   • Click "Generate token"
   • Copy the token immediately - it cannot be viewed again after leaving the page

This token enables Escape's ASM to securely analyze your GitHub repositories while maintaining data privacy.

Internal Networks and Services¶

When integrating with internal networks and services, you may need to:

• Configure a Private Location
• Whitelist FQDNs

For more information, see Private Locations.