GitHub Integration
Direct repository scanning
GitHub integration lets you scan repositories directly from the ByteHide cloud platform without installing the scanner in your project.
Benefits of GitHub Integration
- Automatic scanning of every commit and pull request
- No code modification required in your repositories
- Historical scan of all previous commits
- Branch-specific environment mapping
- Repository-wide detection across multiple projects
Connect a GitHub Repository
Connect GitHub First
Before scanning repositories, you need to connect your GitHub account to your ByteHide organization. This allows ByteHide to access and scan your repositories securely.
Connect a GitHub Account to ByteHide
- Navigate to your ByteHide organization dashboard
- Select the Connectors tab
- Click to the Github sub-card
- In the Github section, click Connect Github
- In Github select the account or organization to connect
- Select "All repositories" or manually select each repository that you want to link
- Click the Install button
- Now ByteHide is connected to your GitHub account 🎉
Select Repository and Branch
Now, go to Secrets section
- In your Secrets dashboard go to Settings
- Choose the branch to associate with this environment
- And Select your Repository and Branch
Perfect! Now your repository is connected to ByteHide. Every time someone makes a commit or push to your repository, it will be automatically scanned for secrets. You can view the scan results, set up alerts, and manage detected secrets in the Detections dashboard.
Let's configure your scanning preferences:
Environment Configuration
After connecting a repository:
- Each environment can be connected to a specific repository branch
- Different branches can represent different environments (e.g., main = production, develop = staging)
- Repository connections appear in the Environments dashboard
How GitHub Scanning Works
- ByteHide securely scans the connected repository
- Scans run automatically when new commits are pushed
- Detected secrets appear in your ByteHide dashboard
- No source code is stored - only metadata about detections
Viewing Scan Results
After a scan completes, you can view results in the Scanner > Detections tab:
Detection results include:
- Type of secret (API key, password, etc.)
- Location in code (file and line number)
- Confidence level
- Direct link to the exact location in GitHub
Managing Scan Results
For detailed information on managing and responding to detected secrets, including how to export them to your Secrets Manager or ignore false positives, check out our Viewing Detections guide.
Managing Connected Repositories
You can manage repository connections in the Environments section:
- Connect repositories to different environments
- Disconnect repositories when no longer needed
- Configure notification settings per environment
- Set up auto-export of detected secrets
Security and Privacy
- ByteHide scans your code but never stores the actual source
- All scanning happens in secure, isolated environments
- Only metadata about detections is stored in your account
- Repository access can be revoked at any time