search
Changelog NotificationsAPIAikido login

GitHub PR Gating

You can easily configure GitHub PR Gating via the Aikido interface. This functionality allows you to block any newly introduced issues for a certain threshold that you decide. These checks run everytime changes are committed to the feature branch. This doc focusses on managing configurations in bulk - multiple repos at the same time - without code.

hashtag
Use Cases

  • Bulk Repository Management: Easily specify and manage configurations for multiple repositories at once through the Aikido interface.

  • Zero Code Integration: Install the Aikido app on GitHub to manage checks without embedding any code, simplifying the setup process.

  • Cost Efficiency: By managing GitHub Checks through Aikido, avoid using CI minutes on GitHub, leading to significant cost savings.

hashtag
Setting up GitHub CI

Step 1. Go to the Integrations Pagearrow-up-right and select GitHub in the CI gating section.

Connect CI tools (GitHub, GitLab, Bitbucket, Azure) to block risky code merges.

Step 2 (optional). Select PR Gating Configuration Via Aikido Dashboard in the modal that pops up. This will open up a new tab with GitHub to install the PR Checks App. Note: this modal will only popup if you have already used GitHub Actions via code.

Select a PR gating method for GitHub: Aikido dashboard or GitHub Actions in code.

Step 3. Install the Aikido PR Checks app in GitHub. Make sure that you select the GitHub organisation that is currently being used in your workspace. Choose which repos that Aikido is allowed to access. We recommend giving access to all repos so these can easily be managed from within Aikido.

Aikido PR Checks installation prompt with logo and installation location query.

Step 4. Aikido redirects you to the GitHub CI pagearrow-up-right with an overview of your repos. You can start configuring your repos. We recommend starting out with 1 repo to make sure everything works well.

Step 5. Select repos in bulk and click Setup PR Scans in the floating bar on the bottom

Step 6.This will trigger the modal to choose the severity level for failure and the scans you want to execute.

Security scanning configuration settings for the "about-github" repository.
circle-info

If you've added new repositories after the initial setup, you'll need to configure those repos as well.

To apply a default configuration automatically, see Default PR/MR gating configuration for new repositories.

hashtag
Ignore issues directly from PR comments

When Aikido posts an inline PR comment for a finding, you can ignore that issue directly from GitHub by replying to the comment with:

@AikidoSec ignore: [your reason to ignore]

Example:

@AikidoSec ignore: This secret is used for tests only.

This performs the same action as manually ignoring the issue in the Aikido platform:

  • The issue is marked as ignored in Aikido.

  • The ignore reason is stored.

  • PR gating can turn green once all blocking issues are resolved or ignored.

hashtag
Make failed PR checks block merges

Aikido can fail the PR check, but GitHub decides whether that failing check blocks a merge. Configure branch protection with required status checks:

hashtag
Adding Exceptions for specific repos

You might want to have 1 specific repo where the configuration slightly differs. You can easily add exceptions by clicking the triple dots on a repo item or just select 1 or more items and go through the Configure Scans process again.

Critical vulnerability status dashboard with configuration management options for projects.

Last updated

Was this helpful?