We are thrilled to introduce the Bearer GitHub App, a powerful addition designed to streamline your workflow and elevate your security practices.
Why a GitHub App?
You might be wondering why we've introduced the Bearer GitHub App when Bearer already integrates seamlessly with GitHub through the GitHub Action workflow. The answer lies in the added value and improved experience this app brings, especially for large scale enterprise environments where you are adding new projects and releasing multiple times a day.
When developing the Bearer GitHub App, we had a clear objective in mind: to simplify your onboarding process for Bearer. Say goodbye to manual setup hassles such as configuring Action workflows and secret management challenges. With the Bearer GitHub App, you can effortlessly add Bearer to your repositories with just one click, ensuring robust security scanning of your code without the headaches as shown in the screenshot below:
Bearer Cloud simplifies the process of onboarding your GitHub projects. Using our user-friendly interface, you can easily authenticate the GitHub app, add your projects, and we'll take care of the setup for you, including initiating the first scan. We have created a unique interactive demo for you to try it out below:
Behind the scenes, a GitHub Action is automatically configured on your project, ensuring scans are triggered for PRs and merges into your main branch. You have the flexibility to customize the configuration to meet your specific needs using the "CI Configure" button as shown in the screenshot below.
Then, a Bearer Cloud API Key is generated and securely configured on your GitHub project, ensuring that scan results are seamlessly sent to your Bearer Cloud Dashboard. Most importantly, this is done without ever accessing your source code. Bearer only requires access to the .github/workflows directory of your projects, where the GitHub Action is configured.
For the users of Bearer Cloud, there is a bonus feature - now you can initiate a manual scan on-demand directly using "Trigger Scan" (as seen in the screenshot below) from the Dashboard giving you current code security posture as needed, complementing the automated scans performed on PRs and merges!
Stay tuned for the second part of this blog post, where we'll discuss how the Bearer GitHub App enhances both your developer experience and improves your security triage workflow.
Ready to try the Bearer GitHub app? Request a Demo today and our team can quickly set up a trial for you to experience the future of developer-centric security workflows with Bearer!