Connect GitHub
BreachFix Cloud uses two separate GitHub integrations:
- Sign in with GitHub — OAuth login (optional, env-gated)
- GitHub App — clones repositories and receives push webhooks for auto-deploy
Server setup (operators)
Register the app at github.com/settings/apps. Set Where can this GitHub App be installed? to Any account for multi-org use.
| Setting | Value |
|---|---|
| Callback URL | https://cloud.breachfix.com/v1/github/callback |
| Webhook URL | https://cloud.breachfix.com/webhook/github |
| Permissions | Metadata (read), Contents (read), Webhooks (read & write) |
| Events | push, pull_request, installation, installation_repositories |
Mount the private key and set GITHUB_APP_PRIVATE_KEY_PATH in .env.
Private key rotation
- GitHub App settings → Private keys → Generate a private key
- Save PEM to server secrets path
- Run import script and restart gateway
- Verify with
GET /v1/github/diagnostics
Dashboard
Integrations → Connect GitHub for deployments. Choose account, org, and repositories. Use Connect another GitHub account for multiple identities.