GitHub

Visualize GitHub users, teams, repositories, pull requests, issues, code scanning alerts and more. Map GitHub users to employees and training, and monitor software development activities, installations of GitHub apps, and outside collaborators.

Installation
Data Model
Types

Installation

In order for this integration to run as expected, you will need to have an organization within the GitHub account for which you are creating the integration. Be sure to create an organization in your GitHub account to ensure having the required permissions. Learn more about GitHub organizations here.

info

GitHub Cloud & GitHub Enterprise Server Versions 3.3.3 and above have been verified as compatible with this integration. Other versions of GitHub Enterprise may work, but are not fully supported.

Configuration in JupiterOne

To install the GitHub integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select GitHub. Click New Instance to begin configuring the integration.

note

This integration limits the ingestion of pull requests and issues to the 500 most recently created or modified since the last execution.

In the new instance configuration, provide:

Account Name used to identify the GitHub account in JupiterOne. Ingested entities have this value stored in tag.AccountName when the AccountName toggle is enabled.
Description to assist in identifying the integration instance, if desired.
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as DISABLED and manually execute the integration.
For GitHub Enterprise Servers only: enable the toggle and provide the relevant Hostname, App ID, App Installation ID, and upload your API Private Key.

After creating a new GitHub integration configuration in JupiterOne, you will be re-directed to GitHub to install the JupiterOne GitHub app. The app requests read-only permissions to support ingestion of entities and relationships.

View GitHub permissions

Note

The Secrets API does not reveal the values of Secrets, only their names and creation dates.

Repository Permissions

Actions: Read-only
Administration: Read-only
Dependabot alerts: Read-only
Discussions: Read-only
Environments: Read-only
Issues: Read-only (enables both Issues and private-repo PRs)
Metadata: Read-only
Pages: Read-only
Pull requests: Read-only
Secrets: Read-only
Secret scanning alerts: Read-only

Organization Permissions

Administration: Read-only
Members: Read-only
Secrets: Read-only
Events: Read-only

User Permissioms

None

info

Refer to GitHub's documentation information on setting GitHub app permissions and secret permissions

Hierarchy of data retrieval

This integration uses many steps to retrieve data. Some of the steps depend on others. If there is a crash or error, it might be helpful to understand the hierarchy of step dependency:

The root step is fetch-account. All other steps depend on it.
There are four steps that depend only on fetch-account that could be considered primary steps. These are:
1. fetch-apps
2. fetch-repos
3. fetch-users
4. fetch-teams.
Other steps logically require multiple primary steps to complete. Examples include:
- fetch-collaborators
- fetch-team-members
- fetch-team-repos
Finally, some sophisticated steps require both primary steps and secondary steps before they can execute. For example, fetch-prs needs both fetch-repos and fetch-collaborators in order to properly label reviewers and approvers.

Next steps

Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.

Entities

The following entities are created:

Resources	Entity `_type`	Entity `_class`
Account	`github_account`	Account
Github App	`github_app`	Application
Github Branch Protection Rule	`github_branch_protection_rule`	Rule
GitHub Code Scanning Alerts	`github_code_scanning_finding`	Finding
GitHub Env Secret	`github_env_secret`	Secret
Github Environment	`github_environment`	Configuration
Github Issue	`github_issue`	Issue
Github Org Secret	`github_org_secret`	Secret
Github Pull Request	`github_pullrequest`	PR
Github Repo	`github_repo`	CodeRepo
Github Repo Secret	`github_repo_secret`	Secret
GitHub Secret Scanning Alert	`github_secret_scanning_finding`	Finding
Github Team	`github_team`	UserGroup
Github User	`github_user`	User
GitHub Vulnerability Alert	`github_finding`	Finding
Organization Role	`github_org_role`	AccessRole
Ruleset	`github_ruleset`	Ruleset

Relationships

The following relationships are created:

Source Entity `_type`	Relationship `_class`	Target Entity `_type`
`github_account`	HAS	`github_user`
`github_account`	OWNS	`github_repo`
`github_account`	HAS	`github_team`
`github_account`	INSTALLED	`github_app`
`github_account`	HAS	`github_org_secret`
`github_account`	MANAGES	`github_ruleset`
`github_account`	MANAGES	`github_org_role`
`github_app`	OVERRIDES	`github_branch_protection_rule`
`github_env_secret`	OVERRIDES	`github_org_secret`
`github_env_secret`	OVERRIDES	`github_repo_secret`
`github_environment`	HAS	`github_env_secret`
`github_pullrequest`	CONTAINS	`github_pullrequest`
`github_repo`	HAS	`github_code_scanning_finding`
`github_repo`	ALLOWS	`github_user`
`github_repo`	HAS	`github_pullrequest`
`github_repo`	HAS	`github_issue`
`github_repo`	HAS	`github_environment`
`github_repo`	USES	`github_org_secret`
`github_repo`	HAS	`github_repo_secret`
`github_repo`	USES	`github_repo_secret`
`github_repo`	USES	`github_env_secret`
`github_repo`	ALLOWS	`github_team`
`github_repo`	HAS	`github_finding`
`github_repo`	HAS	`github_branch_protection_rule`
`github_repo`	HAS	`github_secret_scanning_finding`
`github_repo_secret`	OVERRIDES	`github_org_secret`
`github_ruleset`	ENFORCES	`github_repo`
`github_team`	HAS	`github_user`
`github_team`	OVERRIDES	`github_branch_protection_rule`
`github_team`	ASSIGNED	`github_org_role`
`github_user`	MANAGES	`github_account`
`github_user`	APPROVED	`github_pullrequest`
`github_user`	OPENED	`github_pullrequest`
`github_user`	REVIEWED	`github_pullrequest`
`github_user`	CREATED	`github_issue`
`github_user`	ASSIGNED	`github_issue`
`github_user`	MANAGES	`github_team`
`github_user`	OVERRIDES	`github_branch_protection_rule`
`github_user`	ASSIGNED	`github_org_role`

Mapped Relationships

The following mapped relationships are created:

Source Entity `_type`	Relationship `_class`	Target Entity `_type`	Direction
`github_finding`	IS	`cve`	FORWARD
`github_finding`	EXPLOITS	`cwe`	FORWARD
`github_issue`	CREATED	`github_user`	REVERSE
`github_issue`	ASSIGNED	`github_user`	REVERSE
`github_pullrequest`	OPENED	`github_user`	REVERSE
`github_pullrequest`	REVIEWED	`github_user`	REVERSE
`github_pullrequest`	APPROVED	`github_user`	REVERSE

Github Account

github_account inherits from Account

Property	Type	Description	Specifications
`accountId` *	`string`
`accountType` *	`string`
`databaseId` *	`number`
`email` *	`string`
`location` *	`string`
`login` *	`string`
`node` *	`string`
`verified` *	`boolean`
`websiteUrl` *	`string`

Github App

github_app inherits from Application

Property	Type	Specifications
`appId` *	`number`
`appSlug` *	`string`
`events` *	`array` of `string`s
`hasMultipleSingleFiles` *	`boolean`
`installationId` *	`number`
`repositorySelection` *	`string`	Any of: `all` `selected`
`singleFileName` *	`string`
`singleFilePaths` *	`array` of `string`s
`suspendedOn`	`number`
`targetId` *	`number`
`targetType` *	`string`

Github Branch Protection Rule

github_branch_protection_rule inherits from Rule

Property	Type	Description	Specifications
`allowDeletions` *	`boolean`
`allowForcePushes` *	`boolean`
`blockCreations` *	`boolean`
`enforceAdmins` *	`boolean`
`requireCodeOwnerReviews` *	`boolean`
`requiredApprovingReviewCount` *	`number` \| `null`
`requiredConversationResolution` *	`boolean`
`requiredLinearHistory` *	`boolean`
`requiredSignatures` *	`boolean`
`requiredStatusChecks` *	`array` of `string`s

Github Code Scanning Finding

github_code_scanning_finding inherits from Finding

Property	Type	Specifications
`alertSeverity`	`string`
`dismissedComment`	`string` \| `null`
`dismissedOn`	`number`
`dismissedReason` *	`string` \| `null`	Any of: `false positive` `won't fix` `used in tests` `undefined`
`fixedOn`	`number`
`number` *	`number`
`path`	`string`
`ruleTags`	`array` \| `null`
`state` *	`string`
`toolName`	`string`
`toolVersion`	`string` \| `null`
`weblink` *	`string`

Github Env Secret

github_env_secret inherits from Secret

Property	Type	Description	Specifications
`visibility` *	`string`		const: selected

Github Environment

github_environment inherits from Configuration

Property	Type	Description	Specifications
`htmlUrl` *	`string`
`nodeId` *	`string`
`parentRepoDatabaseId` *	`string`
`parentRepoKey` *	`string`
`parentRepoName` *	`string`
`protectionRulesExist` *	`boolean`
`url` *	`string`

Github Finding

github_finding inherits from Finding

Property	Type	Specifications
`databaseId`	`number`
`dependencyScope`	`string`	Any of: `RUNTIME` `DEVELOPMENT`
`dismissedOn`	`number`
`dismisserLogin`	`string`
`dismissReason`	`string` \| `null`
`fixedOn`	`number`
`ghsaId`	`string`
`id` *	`string`
`number`	`number`
`origin`	`string`
`securityAdvisoryPublishedOn`	`number`
`securityAdvisoryUpdatedOn`	`number`
`securityAdvisoryWithdrawnOn`	`number`
`vulnerableManifestFilename` *	`string`
`vulnerableManifestPath` *	`string`
`vulnerablePackageEcosystem`	`string`
`vulnerablePackageName`	`string`
`vulnerableRequirements` *	`string`
`vulnerableVersionRange`	`string`
`weblink` *	`string`

Github Issue

github_issue inherits from Issue

Property	Type	Specifications
`activeLockReason`	`string` \| `null`	Any of: `OFF_TOPIC` `TOO_HEATED` `RESOLVED` `SPAM` `undefined`
`authorAssociation` *	`string`
`body`	`string`
`closed` *	`boolean`
`closedOn`	`number`
`createdViaEmail` *	`boolean`
`databaseId` *	`number`
`labels` *	`array` of `string`s
`lastEditedOn`	`number`
`locked` *	`boolean`
`number` *	`number`
`pinned` *	`boolean`
`publishedOn`	`number`
`resourcePath` *	`string`
`state` *	`string`
`title` *	`string`
`url` *	`string`

Github Org Role

github_org_role inherits from AccessRole

Property	Type	Specifications
`baseRole`	`string` \| `null`
`permissions` *	`array` of `string`s
`source`	`string` \| `null`	Any of: `Organization` `Enterprise` `Predefined` `undefined`

Github Org Secret

github_org_secret inherits from Secret

Property	Type	Description	Specifications
`selectedRepositoriesLink`	`string`
`visibility`	`string`

Github Pullrequest

github_pullrequest inherits from PR

Property	Type	Specifications
`accountLogin` *	`string`
`allCommitsApproved`	`boolean`
`approvalLastAt`	`number`
`approvalsCount` *	`number`
`approverLogins` *	`array` of `string`s
`approvers`	`array` of `string`s
`author` *	`string`
`authorLogin` *	`string`
`closedOn`	`number`
`commitMessages`	`array` of `string`s
`commits` *	`array` of `string`s
`commitsApproved`	`array` of `string`s
`commitsByUnknownAuthor`	`array` of `string`s
`commitsCount` *	`number`
`commitsNotApproved` *	`array` of `string`s
`databaseId`	`number`
`declined` *	`boolean`
`filesChangedCount` *	`number`
`id` *	`string`
`labels` *	`array` of `string`s
`mergeCommitHash`	`string`
`merged` *	`boolean`
`mergedBy`	`string`
`mergedByLogin`	`string`
`mergedOn`	`number`
`node` *	`string`
`number` *	`number`
`pullRequestId` *	`string`
`reviewDecision`	`string`	Any of: `APPROVED` `CHANGES_REQUESTED` `REVIEW_REQUIRED`
`reviewerLogins` *	`array` of `string`s
`reviewers` *	`array` of `string`s
`sourceRefOid` *	`string`
`targetRefOid` *	`string`

Github Repo

github_repo inherits from CodeRepo

Property	Type	Specifications
`archived`	`boolean`
`autoMergeAllowed`	`boolean`
`databaseId`	`number`
`deleteBranchOnMerge`	`boolean`
`disabled`	`boolean`
`empty`	`boolean`
`fork`	`boolean`
`forkCount`	`number`
`forkingAllowed`	`boolean`
`fullName` *	`string`
`homepageUrl` *	`string`
`inOrganization`	`boolean`
`locked`	`boolean`
`lockReason` *	`string`
`mergeCommitAllowed`	`boolean`
`mirror`	`boolean`
`node` *	`string`
`pushedOn`	`number`
`rebaseMergeAllowed`	`boolean`
`securityPolicyEnabled`	`boolean`
`template`	`boolean`
`userConfigurationRepository`	`boolean`
`visibility` *	`string`	Any of: `INTERNAL` `PRIVATE` `PUBLIC`

Github Repo Secret

github_repo_secret inherits from Secret

Property	Type	Description	Specifications
`visibility` *	`string`		const: selected

Github Ruleset

github_ruleset inherits from Ruleset

Property	Type	Specifications
`enforcement` *	`string`	Any of: `DISABLED` `ACTIVE` `EVALUATE`
`source` *	`string`	Any of: `Enterprise` `Repository` `Organization`
`target`	`string`	Any of: `BRANCH` `TAG` `PUSH` `REPOSITORY`

Github Secret Scanning Finding

github_secret_scanning_finding inherits from Finding

Property	Type	Specifications
`number` *	`number`
`pushProtectionBypassed`	`boolean` \| `null`
`pushProtectionBypassedBy`	`string`
`pushProtectionBypassedOn`	`number`
`resolution`	`string` \| `null`	Any of: `false_positive` `wont_fix` `revoked` `used_in_tests` `undefined`
`resolutionComment`	`string` \| `null`
`resolvedBy`	`string`
`resolvedOn`	`number`
`secretType`	`string`
`secretTypeDisplayName`	`string`
`state`	`string`	Any of: `open` `resolved`

Github Team

github_team inherits from UserGroup

Property	Type	Description	Specifications
`databaseId` *	`number`
`fullName` *	`string`
`node` *	`string`
`privacy` *	`string`

Github User

github_user inherits from User

Property	Type	Description	Specifications
`company` *	`string`
`databaseId` *	`number`
`employee` *	`boolean`
`location` *	`string`
`login` *	`string`
`node` *	`string`
`organizationId` *	`string`
`role` *	`string`
`siteAdmin` *	`boolean`
`websiteUrl` *	`string`

GitHub

Installation​

Configuration in JupiterOne​

Note

Repository Permissions

Organization Permissions

User Permissioms

Hierarchy of data retrieval​

Next steps​

Entities​

Relationships​

Mapped Relationships​

Github Account​

Github App​

Github Branch Protection Rule​

Github Code Scanning Finding​

Github Env Secret​

Github Environment​

Github Finding​

Github Issue​

Github Org Role​

Github Org Secret​

Github Pullrequest​

Github Repo​

Github Repo Secret​

Github Ruleset​

Github Secret Scanning Finding​

Github Team​

Github User​