/

GitHub Integration

Direct repository scanning

GitHub integration lets you scan repositories directly from the ByteHide cloud platform without installing the scanner in your project.

Benefits of GitHub Integration

  • Automatic scanning of every commit and pull request
  • No code modification required in your repositories
  • Historical scan of all previous commits
  • Branch-specific environment mapping
  • Repository-wide detection across multiple projects

Connect a GitHub Repository

Connect GitHub First

Before scanning repositories, you need to connect your GitHub account to your ByteHide organization. This allows ByteHide to access and scan your repositories securely.

Connect a GitHub Account to ByteHide

  1. Navigate to your ByteHide organization dashboard
  2. Select the Connectors tab
  3. Click to the Github sub-card Github connect bytehide
  4. In the Github section, click Connect Github
  5. In Github select the account or organization to connect Github connect github
  6. Select "All repositories" or manually select each repository that you want to link Github connect repos
  7. Click the Install button
  8. Now ByteHide is connected to your GitHub account 🎉

Select Repository and Branch

Now, go to Secrets section

  1. In your Secrets dashboard go to Settings Github connect bytehide
  2. Choose the branch to associate with this environment Github connect bytehide
  3. And Select your Repository and Branch Github connect bytehide

Perfect! Now your repository is connected to ByteHide. Every time someone makes a commit or push to your repository, it will be automatically scanned for secrets. You can view the scan results, set up alerts, and manage detected secrets in the Detections dashboard.

Let's configure your scanning preferences:

Environment Configuration

After connecting a repository:

  • Each environment can be connected to a specific repository branch
  • Different branches can represent different environments (e.g., main = production, develop = staging)
  • Repository connections appear in the Environments dashboard

Environment Configuration

How GitHub Scanning Works

  1. ByteHide securely scans the connected repository
  2. Scans run automatically when new commits are pushed
  3. Detected secrets appear in your ByteHide dashboard
  4. No source code is stored - only metadata about detections

Viewing Scan Results

Detection Results

After a scan completes, you can view results in the Scanner > Detections tab:

Detection Results

Detection results include:

  • Type of secret (API key, password, etc.)
  • Location in code (file and line number)
  • Confidence level
  • Direct link to the exact location in GitHub

Managing Scan Results

For detailed information on managing and responding to detected secrets, including how to export them to your Secrets Manager or ignore false positives, check out our Viewing Detections guide.

Managing Connected Repositories

You can manage repository connections in the Environments section:

  • Connect repositories to different environments
  • Disconnect repositories when no longer needed
  • Configure notification settings per environment
  • Set up auto-export of detected secrets

Security and Privacy

  • ByteHide scans your code but never stores the actual source
  • All scanning happens in secure, isolated environments
  • Only metadata about detections is stored in your account
  • Repository access can be revoked at any time

Next Steps

Previous
Configuration