Skip to content

How to install Zero Touch Provisioning for GitHub

To install Zero Touch Provisioning (ZTP) for GitHub on your GitHub organization, follow the steps below:

  1. Navigate to the Integrations page and select the GitHub integration from the Available section.

  2. Select "Install", and you'll be directed to GitHub to install the "BoostSecurity.io Zero Touch Prov" App.

    Note: To authorize the app manually, go to the application settings page of your GitHub organization. Navigate to the "Pending GitHub Apps installation requests" tab and you can then authorize the installation of the BoostSecurity GitHub App. If you provision it for "Only selected repositories" make sure to also include the .boost repo.

  3. Install the GitHub app on all repositories and click the "save" button.

  4. Create a repo called .boost, which has to be a non-empty repo, i.e., you can include a .README file.
  5. Proceed to the Integrations page again and select "Zero Touch Provisioning For GitHub" and go ahead to install ZTP for GitHub on at least one repo.

  6. Next, navigate to the Provisioning page and select at least one repository you'll be installing ZTP on.

    Note: Do not install ZTP on the .boost repository.

  7. Click on "Provision 1 Repository" in the top-right corner of the page.

  8. Select Zero Touch Provisioning and click the "Next" button.
  9. Select the scanners to provision for the repo. BoostSecurity Scanner and Semgrep are often good scanners to start with.
  10. Select "GitHub Actions" and click on "Complete".
  11. To authorize this action, click "Grant" in front of the chosen repository and subsequently "Authorize boostsecurityio".
  12. Navigate to your organization's .boost repo on GitHub, merge the Pull Request from YOUR-ORGANIZATION/boostsecurity-ci-provisioning, and then delete the branch.

And that's it!! You've successfully installed ZTP on the repo. You can then navigate to Scans to check you can if you can see the scan after a few minutes or if you see the Action/pipeline running immediately.

Note: Zero Touch Provisioning doesn't work on personal accounts. It only works on Organizations.