diff --git a/docs/SUMMARY.md b/docs/SUMMARY.md index 513f636b44e8..a608bb8a5e9e 100644 --- a/docs/SUMMARY.md +++ b/docs/SUMMARY.md @@ -272,7 +272,6 @@ * [GitHub Enterprise](scm-ide-and-ci-cd-integrations/snyk-scm-integrations/github-enterprise.md) * [GitHub](scm-ide-and-ci-cd-integrations/snyk-scm-integrations/github.md) * [GitHub Cloud App](scm-ide-and-ci-cd-integrations/snyk-scm-integrations/github-cloud-app.md) - * [GitHub Server App](scm-ide-and-ci-cd-integrations/snyk-scm-integrations/github-server-app.md) * [GitHub Read-only Projects](scm-ide-and-ci-cd-integrations/snyk-scm-integrations/github-read-only-projects.md) * [GitLab](scm-ide-and-ci-cd-integrations/snyk-scm-integrations/gitlab.md) * [Bitbucket Cloud](scm-ide-and-ci-cd-integrations/snyk-scm-integrations/bitbucket-cloud.md) diff --git a/docs/scm-ide-and-ci-cd-integrations/snyk-scm-integrations/README.md b/docs/scm-ide-and-ci-cd-integrations/snyk-scm-integrations/README.md index 857977ce8dd7..69b1c759af27 100644 --- a/docs/scm-ide-and-ci-cd-integrations/snyk-scm-integrations/README.md +++ b/docs/scm-ide-and-ci-cd-integrations/snyk-scm-integrations/README.md @@ -120,7 +120,6 @@ Snyk Source Control Manager (SCM) integrations allow you to: Snyk can integrate with the following SCMs to help you track, monitor, and fix the issues and vulnerabilities in your code: * [GitHub Cloud App](github-cloud-app.md) -* [GitHub Server App](github-server-app.md) * [GitHub Enterprise](github-enterprise.md) * [GitHub](github.md) * [GitHub Read-only Projects](github-read-only-projects.md) @@ -156,7 +155,6 @@ See the following for detailed permission requirements: * [GitHub and GitHub Enterprise](./#github-and-github-enterprise-permissions-requirements) * [GitHub Cloud App](./#github-cloud-app-permission-requirements) -* [GitHub Server App](./#github-server-app-permission-requirements) * [GitLab](./#gitlab-permission-requirements) * [Bitbucket](./#bitbucket-permission-requirements) * [Azure Repositories (TFS)](./#azure-repositories-tfs-permission-requirements) @@ -210,20 +208,6 @@ The following table states the required GitHub App permissions and scopes:
Action and scopeScopeLevelPermission
Determine if the GitHub user has admin role on the GitHub org, to restrict app installation reuse to only admin usersMembersOrganizationRead
Search repositories, and access repository metadata.MetadataRepositoryRead
Interact with the GitHub Checks tabChecksRepositoryRead and write
Create commits and branchesContentsRepositoryRead and write
Send PR check results as commit statusesCommit statusRepositoryRead and write
Get pull requests details, post related comments (next gen PR experience)Pull requestRepositoryRead and write
Manage webhooks which trigger the PR checksRepository hooksRepositoryRead and write
-### GitHub Server App permission requirements - -{% hint style="warning" %} -To utilize the Snyk GitHub Server App you must be using a self-hosted instance of GitHub. -{% endhint %} - -The [Snyk GitHub Server App](github-server-app.md) uses role-based access control, meaning access control is not dependent on individual users or their role, it is instead tied to the app entity. - -To set up the GitHub Server app integration you must be a: - -* Snyk Organization Admin. -* GitHub Organization Admin. -* GitHub Repository Admin (if installing through the GitHub UI). - ### GitLab permission requirements The [Snyk GitLab integration](gitlab.md#gitlab-access-tokens) uses either a personal access token (PAT) or group access token (GAT), depending on the GitLab account tier you are on. diff --git a/docs/scm-ide-and-ci-cd-integrations/snyk-scm-integrations/github-cloud-app.md b/docs/scm-ide-and-ci-cd-integrations/snyk-scm-integrations/github-cloud-app.md index 45fc6ce67684..722c5a5e3c05 100644 --- a/docs/scm-ide-and-ci-cd-integrations/snyk-scm-integrations/github-cloud-app.md +++ b/docs/scm-ide-and-ci-cd-integrations/snyk-scm-integrations/github-cloud-app.md @@ -3,9 +3,7 @@ {% hint style="info" %} **Release status** -The GitHub Cloud App is in Early Access. This feature is not supported for Snyk Broker. - -If you are using a self-hosted instance of GitHub, you must use the [GitHub Server App](github-server-app.md). +The GitHub Cloud App is in Early Access. This feature is not supported for Snyk Broker or self-hosted instances of GitHub. As Snyk does not have static IP addresses, this integration will not work with IP allowlisting in GitHub. {% endhint %} diff --git a/docs/scm-ide-and-ci-cd-integrations/snyk-scm-integrations/github-server-app.md b/docs/scm-ide-and-ci-cd-integrations/snyk-scm-integrations/github-server-app.md deleted file mode 100644 index 6ac52f6f5143..000000000000 --- a/docs/scm-ide-and-ci-cd-integrations/snyk-scm-integrations/github-server-app.md +++ /dev/null @@ -1,92 +0,0 @@ -# GitHub Server App - -{% hint style="info" %} -**Feature availability** - -The GitHub Server App is in [Closed Beta](../../getting-started/snyk-release-process.md) and available only for Enterprise plans. This feature must be enabled using a feature flag on the Group or Organization level. Contact your account team if you are interested in getting access. - -If you have a Legacy Business plan, contact [Snyk support](https://support.snyk.io/hc/en-us) for access. See the [Plans and pricing](https://snyk.io/plans/) page for details. - -This feature is not supported for Snyk Broker. - -As Snyk does not have static IP addresses, this integration will not work with IP Whitelisting in GitHub. -{% endhint %} - -When you want to add new integrations to your Snyk account you need to first decide the level type at which you want to install the integration. - -* [Group level ](github-server-app.md#group-level-snyk-apprisk-integrations)- Add integrations to your Snyk application that will be available for your Snyk AppRisk Essentials or Snyk AppRisk Pro. If you want to set up integrations for Snyk AppRisk, use the Integrations menu at the Group level. -* [Organization level](github-server-app.md#organization-level-snyk-integrations) - Add integrations for your Snyk application that will be available for all Snyk products, except Snyk AppRisk. - -## Organization level - Snyk integrations - -### Prerequisites for GitHub Server App - -* A self-hosted instance of GitHub. -* Snyk Organization Admin user role. -* GitHub Organization Admin user role. -* A public or private GitHub repository. - -{% hint style="info" %} -Users can install the app on GitHub Organizations they are Repository Admins on through the GitHub UI. -{% endhint %} - -### GitHub Server App benefits - -The Snyk GitHub Server App improves on many features compared to the Snyk GitHub Enterprise integration, including role-based granular access control, increased API rate limits, and the creation of an entry point for expanded and enhanced developer experiences. - -* **RBAC (Role-Based Access Control) Compliance**: With the GitHub Server App, the access control mechanism is decoupled from individual user accounts. Instead, it is associated with the app entity itself. This separation allows for better management and enforcement of RBAC policies, as access control is handled at the application level rather than being tied to individual user accounts. -* **Granular access control**: The GitHub Server App allows for fine-grained control over access permissions at the repository level. -* **Increased API rate limit**: The GitHub Server App provides higher rate limits, allowing Snyk to make a larger number of API requests. This increased limit will assist in handling large-scale use cases, such as monorepos with a large number of Projects, GitHub organizations with a large number of repositories, and more. -* **Enabler for an enhanced developer experience:** - * Pull request checks: The Checks tab experience in GitHub is exclusively accessible through the GitHub Cloud App, enabling an SCM native experience as part of potential future PR check workflow improvements. - * Fix and upgrade pull requests: Pull requests initiated by Snyk are performed directly by the GitHub App rather than a service account. - -### How to set up the GitHub Server App - -Log in to your Snyk account and navigate to the Integrations section in the Snyk Organization where you would like to set up the GitHub Server App. - -Select the **GitHub Server App** tile. - -
GitHub Server App tile on the Integrations page

GitHub Server App tile on the Integrations page

- -In the confirmation modal, select **Configure GitHub Server App.**\ - - -
Confirm configuration of the GitHub Server App

Confirm configuration of the GitHub Server App

- -You'll be redirected to your GitHub instance in order to register the app. You can choose the name of the GitHub App that will be registered on your instance. - -
Registration of the app on your GitHub instance

Registration of the app on your GitHub instance

- -You are then asked to authorize the app to act on your user’s behalf. The app uses this information to check which GitHub organizations you are authorized to install the app in. - -
User authorization for the app

User authorization for the app

- -When the install screen in GitHub opens, you can select the GitHub organization where you wish to install the app. - -
Selection of the GitHub organization to install the app into

Selection of the GitHub organization to install the app into

- -If the GitHub Server App is already installed in a GitHub organization on your GitHub instance, you can select that same GitHub organization during the integration process for a different Snyk Organization. - -
Connect another GitHub organization into a Snyk Organization

Connect another GitHub organization into a Snyk Organization

- -Specify whether you wish to install the app in all or a select number of the repositories belonging to the selected GitHub organization, then click **Install & Authorize**. - -
Install and authorize settings for the GitHub organization you are installing the GitHub Cloud App into

Install and authorize settings for the GitHub organization you are installing the GitHub Cloud App into

- -{% hint style="warning" %} -The GitHub Server App will lose access to Snyk if it is uninstalled from the GitHub organization or if the repositories to which the app instance has access are edited. -{% endhint %} - -### How to migrate to the GitHub Server App - -If you are an Enterprise plan customer, you can migrate Snyk Targets to the GitHub Server App using the [snyk-migrate-to-github-app](https://github.com/snyk-labs/snyk-migrate-to-github-app) tool in the [tool repository](https://github.com/snyk-labs/snyk-migrate-to-github-app). - -### Feedback on the GitHub Server App - -Because this feature is in [Closed Beta](../../getting-started/snyk-release-process.md), the functionality will likely evolve based on your feedback. If you would like to provide any feedback, contact your Account Manager or [Snyk support](https://support.snyk.io/hc/en-us/requests/new). - -## Group level - Snyk AppRisk integrations - -Navigate to the [GitHub setup guide for Snyk AppRisk ](github-enterprise.md#github-setup-guide-for-snyk-apprisk)for all details on how to set up the GitHub integration for Snyk AppRisk. -