GitHub Webhooks Integration allows you to check whether your Pull Requests meets your WhiteSource policies. That way you will be able to identify dependencies that violating your company policies before committing them.
GitHub Webhooks Integration currently supports Node.js GitHub repositories.
Associate GitHub Social Account
In order to add your Github Social Identity you should perform the following steps:
- Go to you account profile.
- Click on 'Associate Social Account'.
- Click on 'GitHub' icon and enter your GitHub credentials which are related to your organizational GitHub repository.
- You can now see that the GitHub icon was added to your 'Social Identities' section.
Add Your GitHub Repositories
In order to add your Github repositories you should perform the following steps:
- Go to 'Admin'.
- Click on 'GitHub Webhooks Integration' under the 'Integration' section.
- Add the 'Repository Url' and click on 'Add'
Configure GitHub Webhooks
In order to add and configure WhiteSource as a webhook you should perform the following steps :
- Login to your GitHub repository.
- In order to configure your GitHub Webhooks you first need to verify you have sufficient access to your organization's repositories settings on GitHub.
- In your GitHub repository, go to the 'Settings' tab.
- On the left section of the page, choose 'Webhooks'.
- Click on 'Add webhook'.
- Under the 'Payload URL' enter the following link: https://saas.whitesourcesoftware.com/githubIntegration.
- Make sure the 'Content type' is 'application/json'.
- Under the "events" section choose 'Let me select individual events'.
- Mark the 'Pull request' checkbox, make sure this is the only checkbox that is marked.
- Click on the 'Add webhook' button.
Review Pull Request status
- In order to get the best value of the GitHub Webhooks Integration, make sure your company policies are defined. For Automated Policies documentation click here.
- Every time a Pull Request is created, a WhiteSource status response will appear under the Pull Request tab.
- In case there will be a policy violation, details regarding the policy and the relevant dependency will be presented.