GitHub Actions Integration

This method integrates the Jibril sensor directly into your GitHub Actions workflows. This allows Garnet to monitor activities during your CI/CD pipeline, such as build processes, dependency installations, and testing phases, to detect and potentially block threats like malicious network calls (e.g., to C2 servers, data exfiltration attempts) or the execution of crypto miners before code is deployed.

Follow these steps:

1. Add API Key as a Repository Secret:

   • Navigate to your GitHub repository where you want to set up the Garnet scan.

   • Go to Settings > Secrets and variables > Actions.

   • Click New repository secret.

   • For the secret name, use GARNET_API_TOKEN. (Ensure this matches the expected name in the Garnet GitHub Action; refer to the Action's documentation if it differs).

   • Paste the API key you generated in Step 1: Generate API Key into the Secret (or Value) field.

   • Click Add secret.

2. Create or Update Your GitHub Actions Workflow File:

   • In your repository, locate or create a workflow YAML file within the .github/workflows/ directory (e.g., garnet-security-scan.yml).

   • Add a job that uses the Garnet GitHub Action. The exact structure should be as follows:

   Copy

   name: Garnet Security Scan
   
   on:
     push:
       branches: [ main ]
     pull_request:
       branches: [ main ]
     # Optional: Trigger on schedule (e.g., daily)
     # schedule:
     #   - cron: '0 0 * * *'
   
   jobs:
     garnet-scan:
       name: Run Garnet Scan
       runs-on: ubuntu-latest
       steps:
         - name: Checkout code
           uses: actions/checkout@v4 # Use latest major version
   
         - name: Run Garnet Security Scanner
           uses: garnet-org/action@v1
           with:
             # Store the token as a GitHub secret
             api_token: ${{ secrets.GARNET_API_TOKEN }}

   • Key with parameters for the Garnet Action:

     • api_token: ${{ secrets.GARNET_API_TOKEN }}: This is essential and passes your secured API key to the action.

     • The garnet-org/action@v1 is the official action to use.

   • Commit this workflow file to your repository.

3. Verify Integration:

   • After committing the workflow, trigger it by pushing a commit to a monitored branch or opening/updating a pull request (depending on your on: configuration).

   • Check the Actions tab in your GitHub repository to see the workflow run.

   • Successful execution should show the Garnet Scan step completing.

   • Log in to your Garnet Platform dashboard. You should start seeing data and any potential detections from this repository and workflow.

By integrating Garnet into your GitHub Actions, you gain early visibility into security issues within your CI/CD process, helping to ensure that only secure code moves towards production. Detections can provide immediate feedback within pull requests, allowing developers to address issues quickly.