Skip to main content
1

Add Repository Secret

Your repo → SettingsSecretsActionsNew secretName: GARNET_API_TOKEN
2

Create Workflow File

name: Garnet CI Monitoring 

on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]

jobs:
  monitor:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Add Garnet Monitor
        uses: garnet-org/action@v1
        with:
          api_token: ${{ secrets.GARNET_API_TOKEN }}
3

Verify

Push a commit. Agent appears at dashboard.garnet.ai within seconds.

Configuration

NameDescriptionRequiredDefault
api_tokenAPI token from GarnetAIYes-
debugEnable detailed debug outputNofalse

How It Works

    Action Start


  ┌──────────────┐
  │   Download   │  Fetches CLI & Loader
  └──────────────┘


  ┌──────────────┐
  │   Register   │  Creates Agent ID
  └──────────────┘


  ┌──────────────┐
  │    Policy    │  Retrieves Network Rules
  └──────────────┘


  ┌──────────────┐
  │   Scanner    │  Starts Systemd Service
  └──────────────┘

         └───────────> [ Background Monitoring ]
The action installs the Garnet agent, retrieves your security policy, and runs in the background to monitor network and file activity during your workflow.

Pull Request Checks

If configured, Garnet automatically comments on your pull requests with security findings. See Alerts for details.

Detections

Security issues detected on PR
Blocked connections are reported with priority level and direct links to incident details. When no issues are found, a green checkmark confirms the PR is safe to merge.

Troubleshooting

Ensure it has the proper permissions.
The runner requires sudo to install the systemd service.
Review GitHub Actions output for detailed status.