secrets.toml file or environment variables.
Prerequisites
- OpenHound installed with the GitHub collector included. Follow the OpenHound installation instructions to set up OpenHound for BloodHound Community Edition. The GitHub collector is included by default in the OpenHound container image.
- One of the following authentication setups configured:
The OpenHound setup instructions for BloodHound Community Edition also apply to BloodHound Enterprise users, for now.
Configure OpenHound
The GitHub collector needs different settings based on the authentication method you choose. You can set those values in one of two places:| Method | Set the values here |
|---|---|
secrets.toml file | [sources.source.github.credentials] section |
| Environment variables | SOURCES__SOURCE__GITHUB__CREDENTIALS |
- Enterprise GitHub App
- Organization GitHub App
- Fine-grained PAT
Use this option when you need enterprise-scoped collection.
Environment variables
| Setting | Description | Environment Variable |
|---|---|---|
client_id | The GitHub App Client ID used to authenticate to the GitHub API. | SOURCES__SOURCE__GITHUB__CREDENTIALS__CLIENT_ID |
app_id | The GitHub App ID used to authenticate to the GitHub API. | SOURCES__SOURCE__GITHUB__CREDENTIALS__APP_ID |
key_path | The path to the GitHub App private key file. | SOURCES__SOURCE__GITHUB__CREDENTIALS__KEY_PATH |
enterprise_name | The slug of the GitHub enterprise to collect data from. | SOURCES__SOURCE__GITHUB__CREDENTIALS__ENTERPRISE_NAME |
api_uri | The GitHub API base URI. For GitHub.com, use https://api.github.com. | SOURCES__SOURCE__GITHUB__CREDENTIALS__API_URI |
secrets.tomlsecrets.toml