GitHub V2

Set up GitHub for automated tests with TrustCloud

Purpose

Once you set up your compliance program, TrustCloud TrustOps works to ensure that your systems remain compliant with your adopted controls. To do so, TrustCloud runs automated tests against systems in your product and business stack, and verifies that they are properly configured.

This document outlines the steps you can take to grant TrustCloud access to only read metadata about the configuration settings for your GitHub organization and GitHub Users, so that TrustOps can validate and generate evidence for your compliance program.

Instructions to grant TrustCloud limited access to GitHub metadata

1. Provide a name for the Github connection & click “Connect to Github”.
2. You’ll be navigated to the Github Permissions page, where you’ll be asked to install the TrustCloud Github App. Make sure you select the applicable Organization while installing the Github App. Ensure that the user logged-in into Github has Administrator rights.
   
3. After selecting an organization to install the Github App, you’ll be navigated to the Permissions page wherein the user will be requested to authorize the installation. Select All Repositories & review the permissions requested. Click Install & Authorize to install the Github App for the Org.
   
4. You’ll be re-directed back to the Integrations page in TrustCloud depicting you’ve successfully integrated with Github.