Integrations//
Setup Guide

GitHub Integration

About this guide

This comprehensive guide will walk you through the complete setup process. Expected completion time: 5-10 minutes.

Overview

Cremit's GitHub integration allows you to scan your repositories for exposed credentials, API keys, and other sensitive information in real-time. This integration supports both GitHub.com (Official) and GitHub Enterprise Server (Self-hosted) instances.

Step-by-Step Setup

Step 1: Navigate to Scan Sources

  1. Log in to your Cremit dashboard

  2. Navigate to Configuration>Scan Sourcesin the left sidebar

  3. Click theNeworCreatebutton

Step 2: Configure GitHub Connection

On the "Create Scan Source" page, configure the following:

1.**GitHub Instance:**Select your GitHub type -GitHub.com (Official)- For public GitHub (recommended for most users) -GitHub Enterprise Server (Self-hosted)- For self-hosted GitHub instances

2.**Label:**Enter a descriptive name for this scan source (e.g., "CremitHQ")

3.Description:(Optional) Add additional details about this scan source

4.Select GitHub Account:- Choose your connected GitHub account from the dropdown

  • You should see your account with "User" and "Installed" badges

  • If your account is not listed, clickRefresh Account List5. ClickCreateto complete the setup

Step 3: Configure Scan Settings

After creating the scan source, you'll be redirected to the configuration page:Scan Settings:-**Scan Source Enabled:**Toggle ON to enable scanning for this source -**Auto-scan New Targets:**Toggle ON to automatically scan newly discovered repositories

Step 4: Manage Target Repositories

In theTarget Managementsection:

1.**View All Repositories:**All accessible repositories will be listed automatically

2.**Repository Information:**Each repository shows:

  • Repository name (e.g., ben-cremit/awesome-cicd-attacks)

  • Visibility badge (🟢 public or 🔒 private)

  • Scan progress

  • Last scanned timestamp

  • Current status (Enabled/Disabled)

3.Bulk Actions:-**Enable All:**Enable scanning for all repositories at once -**Disable All:**Disable scanning for all repositories at once -**Refresh:**Update the repository list

4.**Individual Management:**Use checkboxes to select specific repositories for bulk operations

Verification

To verify successful integration:

  1. Check that theEnabledbadge appears in the top right corner

  2. Verify that your repositories are listed in the Target Management section

  3. Confirm that the status shows as "Enabled" for active repositories

  4. Monitor the scan progress to ensure scanning begins

TroubleshootingIssue: GitHub account not appearing in the list- Solution: Click "Refresh Account List" or ensure the Cremit GitHub App is properly installed in your GitHub accountIssue: Repositories not showing- Solution: Verify that you have proper access permissions to the repositories in GitHubIssue: Scan not starting- Solution: Ensure both "Scan Source Enabled" and repository-specific toggles are ON

Key Benefits

✅Simple Setup:Integration completes in just a few clicks✅Automatic Discovery:Automatically detects all accessible repositories✅Flexible Control:Enable/disable scanning per repository or in bulk✅Real-time Monitoring:Continuous scanning for exposed credentials✅Support for Both Public and Private Repositories

Ready to connect

Start securing your infrastructure

Connect this integration to Cremit and start protecting your machine identities in minutes

Quick Links

All IntegrationsAll Setup GuidesCremit Dashboard

Need help?

Our support team is here to assist you with the integration process.

By the numbers

5-10 min
Setup time
24/7
Monitoring
Real-time
Alerts