search
Changelog NotificationsAPIAikido login

GitHub PR Gating via Aikido Dashboard

You can easily configure GitHub PR Gating via the Aikido interface. This functionality allows you to block any newly introduced issues for a certain threshold that you decide. These checks run everytime changes are committed to the feature branch. This doc focusses on managing configurations in bulk - multiple repos at the same time - without code.

hashtag
Use Cases

  • Bulk Repository Management: Easily specify and manage configurations for multiple repositories at once through the Aikido interface.

  • Zero Code Integration: Install the Aikido app on GitHub to manage checks without embedding any code, simplifying the setup process.

  • Cost Efficiency: By managing GitHub Checks through Aikido, avoid using CI minutes on GitHub, leading to significant cost savings.

hashtag
Setting up GitHub CI

Step 1. Go to the Integrations Pagearrow-up-right and select GitHub in the CI gating section.

Connect CI tools (GitHub, GitLab, Bitbucket, Azure) to block risky code merges.

Step 2 (optional). Select PR Gating Configuration Via Aikido Dashboard in the modal that pops up. This will open up a new tab with GitHub to install the PR Checks App. Note: this modal will only popup if you have already used GitHub Actions via code.

Select a PR gating method for GitHub: Aikido dashboard or GitHub Actions in code.

Step 3. Install the Aikido PR Checks app in GitHub. Make sure that you select the GitHub organisation that is currently being used in your workspace. Choose which repos that Aikido is allowed to access. We recommend giving access to all repos so these can easily be managed from within Aikido.

Aikido PR Checks installation prompt with logo and installation location query.

Step 4. Aikido redirects you to the GitHub CI pagearrow-up-right with an overview of your repos. You can start configuring your repos. We recommend starting out with 1 repo to make sure everything works well.

Step 5. Select repos in bulk and click Setup PR Scans in the floating bar on the bottom

Step 6.This will trigger the modal to choose the severity level for failure and the scans you want to execute.

Security scanning configuration settings for the "about-github" repository.

If you've added new repositories after the initial setup, you'll need to configure those repos as well.

hashtag
Adding Exceptions for specific repos

You might want to have 1 specific repo where the configuration slightly differs. You can easily add exceptions by clicking the triple dots on a repo item or just select 1 or more items and go through the Configure Scans process again.

Critical vulnerability status dashboard with configuration management options for projects.
circle-info

hashtag
PR Comment Resolution and Permissions

Aikido follows a principle of least privilege and only requests the minimum GitHub permissions required by default. As a result, when Aikido has read-only access to a repository, it can create and delete inline PR comments, but cannot resolve them. This is due to how GitHub scopes comment resolution permissions.

If you want Aikido to resolve PR comments instead, you’ll need to enable Aikido AutoFix, which grants the additional permissions required for this operation.

You can view more info here: AutoFix for GitHub, Bitbucket and GitLab Cloud

Last updated

Was this helpful?