GitHub

Overview

Heeler connects at the organization level and using its Verified GitHub App. The Heeler App should only be installed from within Heeler as described below. Do not install the GitHub App directly from the GitHub Marketplace. You are able to limit Heeler's repository analysis directly within the GitHub app or from within Heeler.

The Heeler GitHub app requires these permissions:

Read access to actions, administration, custom properties for repositories, members, metadata, packages, and security events

Read access is required for code and package scanning along with additional context for enriching repository information such as contributors.

Read and write access to checks, code, issues, and pull requests

Read and Write access is required for guardrails and agentic remediation. Heeler remediations always utilize pull requests on a specified branch.

Additionally, Heeler subscribes to webhook events for “Pull Request”, “Release”, and “Push”. These allow for Heeler to have real-time processing of repository changes and manage Pull Request processes.

Requirements

  • To install the Heeler GitHub app, you must be an organization owner or have administrative permissions for the repositories you wish to connect to Heeler.

  • If your organization uses an IP Allow List, ensure that Heeler's outbound IP addresses are added. Note that the outbound IPs are added to the Heeler GitHub app and you will be prompted to accept upon setup.

    • 44.221.229.40 - Port 22 & 443

    • 52.73.231.96 - Port 22 & 443

Setup

  1. Select the icon from the top navigation

  2. Select Connections -> Code Organizations then select 'Add Code Organization'

  3. You will be redirected to GitHub to authorize the Heeler GitHub App.

  4. Select whether you want Heeler to secure all repositories or limit to a specific set of repositories.

  5. Click Save and that's it, Heeler is now connected to your GitHub repositories.

Repository Filters

You are able to limit Heeler's access to your GitHub organization directly in the GitHub App. Heeler also allows filtering repositories for analysis from within Heeler to simplify setup for organizations which may want to dynamically filer without modifying the GitHub App access. From the Code Organization listing chose Edit Settings from the action menu:

  • You can provide a prefix so only repositories matching the prefix are analyzed.

  • You can also exclude public repositories so they are not analyzed.

PreviousCode SetupNextGitHub Enterprise Server

Last updated

Was this helpful?