OPEN FOSSA APP

GitHub

Integrating FOSSA with GitHub

Suggest Edits

FOSSA supports and integrates with GitHub tools out of the box.

You should be able to sign in with GitHub and immediately get going with importing repos and scanning Pull Requests, but some permission configurations can lead to access issues.

Integrating with GitHub Cloud

If you're in GitHub and not seeing repos or organizations listed, you may need to ensure that your account has the right permissions. Our integration functions as an OAuth App.

1. Ensure your account is added to the GitHub organization you're going to import from

Under https://github.com/orgs/{YOUR_ORG}/people the user should be listed in your organization. If not, make sure the user is added as a member with global read access.

2. Ensure your organization has granted access to FOSSA

a) First, revoke any existing FOSSA access at https://github.com/settings/applications.

b) Then, connect FOSSA back to GitHub at app.fossa.com/projects/import/github but DO NOT authorize yet; stop at this screen:

c) Ensure that your organization has access. You should see a green check mark:

If not, there should be a "Request" or "Grant" button that you need to click. You will need an administrator who is logged into that organization to grant access. They can configure third-party access settings at:

https://github.com/organizations/{YOUR_ORGANIZATION}/settings/oauth_application_policy

If you have turned on access restriction, ensure that FOSSA is approved:

If you already authorized the FOSSA app without also granting our app access to an organization with repositories that you want analyzed, you can still do so by logging in to your own GitHub account and navigating to the Authorized OAuth Apps page:

2004

After you click on the FOSSA app, you'll see your organization near the bottom:

1540

Click "Request" and have an owner of the organization approve the request. You'll then be able to import repositories owned by the organization.

Configuring GitHub Enterprise

📘

GitHub Enterprise (on-prem only)

This guide covers integrating an on-prem FOSSA appliance with GitHub Enterprise behind the firewall.

Configuring your Github Enterprise Instance

To get started, you will have to set up an Oauth App in GitHub. This can be done by navigating to `{GITHUB_URL}/organizations/{ORGANIZATION_NAME}/settings/applications:

1013

Make sure you configure your Authorization callback URL to point to {FOSSA HOST}/api/services/github/authorize/callback

Configuring FOSSA

Now that GitHub Enterprise is configured, you will have to add access details to the FOSSA config. SSH into the box hosting FOSSA and edit FOSSA's configuration file (config.env). Find or add the following lines:

github__enabled=true
github__base_url={GITHUB_HOST}
github__enterprise=true

github__credentials__oauth2__client_id={GITHUB_CLIENT_ID}
github__credentials__oauth2__client_secret={GITHUB_CLIENT_SECRET}
github__credentials__oauth2__callback={FOSSA HOST}/api/services/github/authorize/callback

Restart FOSSA

If FOSSA is currently running, run fossa restart while still inside of your SSH session and wait for FOSSA to boot up again.

Congrats! Now you should be able to connect to Github Enterprise and begin importing from the service.

Updated about 1 month ago