Connect
- GitHub.com
- GitHub Enterprise Server
Gecko connects to GitHub.com through a GitHub App installation. The App
grants Gecko scoped, auto-rotating access, with no personal access token to
manage.
Start the install from Gecko
Go to Settings > Code Settings and click Connect on GitHub.
Gecko redirects you to GitHub to install the Gecko App.
Choose repositories on GitHub
Install the App on your organization and select All repositories or a
specific subset. You can change this selection in GitHub later.
Return to Gecko
GitHub redirects back and Gecko records the installation for your team.
Selected repositories sync into the dashboard.
Scan
Open a repository and run a baseline scan. For pull
request scanning, see PR checks.
At scan time, Gecko mints a short-lived GitHub App installation token and
uses it to clone over HTTPS. Tokens are minted fresh per scan and expire
automatically, so there is no long-lived credential to rotate. Gecko listens
for
pull_request, issue_comment, and push
webhook events, verified with an
X-Hub-Signature-256 HMAC signature.Troubleshooting
Repositories aren't showing up
Repositories aren't showing up
Confirm the GitHub App is installed on the right organization and that the
repository is included in the App’s repository selection.
GHES token validation fails
GHES token validation fails
Verify the base URL is reachable, the token is active, and it has the
repo, read:org, and admin:repo_hook scopes.