Docy Child


Estimated reading: 2 minutes 525 views

Set up GitHub for automated tests with TrustCloud


Once you set up your compliance program, TrustCloud TrustOps works to ensure that your systems remain compliant with your adopted controls. To do so, TrustCloud runs automated tests against systems in your product and business stack, and verifies that they are properly configured.

This document outlines the steps you can take to grant TrustCloud access to only read metadata about the configuration settings for your GitHub organization and GitHub Users, so that TrustOps can validate and generate evidence for your compliance program.

Instructions to grant TrustCloud limited access to GitHub metadata

  1. Log into GItHub with a user who is an owner of your GitHub organization.<aside> ⚠️ If you have a user account in your GitHub Org that is used for external processes, it is recommended that you log in with this non-user account instead.</aside>
  2. In the upper-right corner of any page, click the user profile photo, then click Settings.
    userbar account settings 1
  3. In the left sidebar, click Developer settings.
    developer settings 1
  4. In the left sidebar, click Personal access tokens.
    personal access tokens tab 1
  5. Click the Generate new token button.generate new token
  6. Give your token a descriptive name (e.g. “TrustCloud TrustCloud”).pasted image 0 4
  7. Select the scopes, or permissions, to grant this token. For TrustCloud TrustOps, only select the read:org scope under admin:org. This scope only allows TrustOps to read your organization and membership settings. It does not allow access to your repositories or to your source code, nor does it allow access to change your organization or membership settings.pasted image 0 1 1
  8. Click Generate token.
    generate token
  9. Click to copy the token to your clipboard, and then paste it in when you set up your connection in TrustOps.<aside> ⚠️ For security reasons, after you navigate off the GitHub create token page, you will not be able to see the token again in GitHub. Please make sure you copy the token before you leave the page, to avoid having to repeat this process and generate a new token.</aside>Only read privileges are granted to org metadata. These credentials will be stored in an encrypted keystore, and accessed only by the TrustCloud service, and only as needed to run tests against your GitHub account.

Join the conversation

Twitter Facebook LinkedIn

❤️  Joyfully crafted by a 100% distributed team.