GitHub
LAST UPDATED: OCT 30, 2024
Overview
GitHub API.
D3 SOAR is providing REST operations to function with GitHub.
GitHub is available for use in:
Known Limitations
Unauthenticated clients | 60 requests per hour |
GitHub.com | Minimum 5,000 requests per hour. Installations that have more than 20 repositories receive another 50 requests per hour for each repository. The maximum rate limit for an installation is 12,500 requests per hour. |
GitHub Enterprise Cloud | 15,000 requests per hour |
Please refer to Rate limits for GitHub Apps for detailed information.
Connection
To connect to GitHub from D3 SOAR, please follow this part to collect the required information below:
Parameter | Description | Example |
Server URL | The server URL of the Github API. | https://api.github.com |
Username | The user name to authenticate the connection. | d*********! |
Authorization Token | The authorization token to authenticate the connection. | gho_**********-****-****Iz0kc81V |
Permission Requirements
Each endpoint in the GitHub API requires a certain permission scope. The following are required scopes for the commands in this integration:
Command | Required Permission |
Checkin File | public_repo: Access public repositories (under repo section) |
Create Branch | public_repo: Access public repositories (under repo section) |
Create Comment | public_repo: Access public repositories (under repo section) |
Create Issue | public_repo: Access public repositories (under repo section) |
Delete Branch | public_repo: Access public repositories (under repo section) |
Get Latest File | No scope needed |
List Issues | No scope needed |
Search Issues | No scope needed |
Update Issue | public_repo: Access public repositories (under repo section) |
Configuring GitHub to Work with D3 SOAR
Log in to Github (https://github.com/login).
Once logged in, locate the profile icon at the top right corner and select Settings from the dropdown menu.
In the Settings menu, navigate to the bottom of the left sidebar and select Developer settings.
On the left side menu, click Personal access tokens on the left.
At the top right corner of the Personal access tokens page, click on the Generate new token button. Ensure to select the classic option.
Enter a descriptive note for the token then select an expiration date for the token. Enable the required scopes as outlined in the Permission Requirements section. Finally, click Generate Token.
Copy and store the generated access token in a secure location. It will be used to establish a connection between Github and D3 SOAR.
Configuring D3 SOAR to Work with GitHub
Log in to D3 SOAR.
Find the GitHub integration.
a. Navigate to Configuration on the top header menu.
b. Click on the Integration icon on the left sidebar.
c. Type GitHub in the search box to find the integration, then click it to select it.
d. Click + Connection, on the right side of the Connections section. A new connection window will appear.
Configure the following fields to create a connection to GitHub.
Connection Name: The desired name for the connection.
Site: Specifies the site to use the integration connection. Use the drop-down menu to select the site. The Share to Internal Sites option enables all sites defined as internal sites to use the connection. Selecting a specific site will only enable that site to use the connection.
Recipient site for events from connections Shared to Internal Sites: This field appears if you selected Share to Internal Sites for Site to let you select the internal site to deploy the integration connection.
Agent Name (Optional): Specifies the proxy agent required to build the connection. Use the dropdown menu to select the proxy agent from a list of previously configured proxy agents.
Description (Optional): Add your desired description for the connection.
Tenant (Optional): When configuring the connection from a master tenant site, you have the option to choose the specific tenant sites you want to share the connection with. Once you enable this setting, you can filter and select the desired tenant sites from the dropdowns to share the connection.
Configure User Permissions: Defines which users have access to the connection.
Active: Check the tick box to ensure the connection is available for use.
System: This section contains the parameters defined specifically for the integration. These parameters must be configured to create the integration connection.
1. Input the Server URL. The default value is https://api.github.com.
2. Input your Username.
3. Input the Authorization Token. Refer to step 7 of Configuring GitHub to Work with D3 SOAR for more details.
Enable Password Vault: An optional feature that allows users to take the stored credentials from their own password vault. Please refer to the password vault connection guide if needed.
Test the connection.
Click Test Connection to verify the account credentials and network connection. If the Test Connection Passed alert window appears, the test connection is successful. You will see Passed with a green checkmark appear beside the Test Connection button. If the test connection fails, please check your connection parameters and try again.
Click OK to close the alert window.
Click + Add to create and add the configured connection.
Commands
GitHub includes the following executable commands for users to set up schedules or create playbook workflows. With the Test Command, you can execute these commands independently for playbook troubleshooting.
Integration API Note
For more information about the GitHub API, please refer to the GitHub API reference.
READER NOTE
Certain permissions are required for each command. Please refer to the Permission Requirements and Configuring GitHub to Work with D3 SOAR for details.
Checkin File
Creates a new file or replaces the content of an existing file in a repository.
READER NOTE
The list of repositories is accessible from the GitHub user interface in the left-side navigation menu. For this command, ensure to select a public , as choosing a private one will result in a 404 not found error.
Input
Input Parameter | Required/Optional | Description | Example |
Repository Name | Required | The name of the repository to check in a file. | ******-***-*******-***-***** |
Path | Required | The file path or directory to check in the file. If the path exists, the file content will be updated. If the path does not exist, a new path will be created and a new file will be checked in. | ******* |
Message | Required | The commit message. | ************ |
Content | Required | The new file content. | ************ |
Branch | Optional | The name of the branch to check in the file. The repository's default branch (typically main) is used by default. | **** |
Committer Name | Optional | The name of the author or committer. If this parameter is not defined, the default committer is the authenticated user. | ***** |
Committer Email | Optional | The email address of the author or committer. If this parameter is not defined, the default value is the email address of the authenticated user. | ******@**********.*** |
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Checkin File failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the GitHub portal. Refer to the HTTP Status Code Registry for details. | Status Code: 404. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Not Found. |
Error Sample Data Checkin File failed. Status Code: 404. Message: Not Found. |
Create Branch
Creates a new branch.
READER NOTE
The list of repositories is accessible from the GitHub user interface in the left-side navigation menu. For this command, ensure to select a public repository, as choosing a private one will result in a 404 not found error.
Input
Input Parameter | Required/Optional | Description | Example |
Repository | Required | The repository to create a new branch. | ******* |
Branch Name | Required | The name of the new branch. | *** |
Commit SHA | Required | The SHA of the commit to create the branch from. | **************************************** |
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Create Branch failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the GitHub portal. Refer to the HTTP Status Code Registry for details. | Status Code: 422. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Unprocessable Entity. |
Error Sample Data Create Branch failed. Status Code: 422. Message: Unprocessable Entity. |
Create Comment
Creates a new comment in a repository.
READER NOTE
Repository and Issue Number are required parameters to run this command.
The list of repositories is accessible from the GitHub user interface in the left-side navigation menu. For this command, ensure to select a public repository, as choosing a private one will result in a 404 not found error.
Run the List Issues command to obtain the Issue Number. Issue Number can be found in the returned raw data at the path $.number.
Ensure that the issue number corresponds to the repository you enter. It is recommended to first run the List Issues command. From the response data, locate the specific issue you wish to update, and use this repository-issue pair to run the command.
Input
Input Parameter | Required/Optional | Description | Example |
Repository | Required | The repository to create a new comment. | ******* |
Issue Number | Required | The number of the issue to create a comment. | 1 |
Body | Required | The contents of the comment. | ****** |
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Create Comment failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the GitHub portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Must have admin rights to repository. |
Error Sample Data Create Comment failed. Status Code: 403. Message: Must have admin rights to repository. |
Create Issue
Creates an issue in a repository.
READER NOTE
The list of repositories is accessible from the GitHub user interface in the left-side navigation menu. For this command, ensure to select a public repository, as choosing a private one will result in a 404 not found error.
Input
Input Parameter | Required/Optional | Description | Example |
Repository | Required | The name of the repository to create an issue. | ******* |
Title | Required | The title of the issue. | ********* |
Body | Optional | The contents of the issue. | 0.0 |
Labels | Optional | The labels to associate with this issue. | ["labelA"] |
Assignee | Optional | The assignee of the issue. | ["********"] |
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Create Issue failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the GitHub portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: at BuildInIntegrations.GitHubIntegration.createIssue(Object[] parameters). |
Error Sample Data Create Issue failed. Status Code: 400. Message: at BuildInIntegrations.GitHubIntegration.createIssue(Object[] parameters). |
Delete Branch
Deletes a branch from a repository.
READER NOTE
The list of repositories is accessible from the GitHub user interface in the left-side navigation menu. For this command, ensure to select a public repository, as choosing a private one will result in a 404 not found error.
Input
Input Parameter | Required/Optional | Description | Example |
Repository | Required | The repository to remove a branch. | ******* |
Branch Name | Required | The name of the branch to remove. | NNN |
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Delete Branch failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the GitHub portal. Refer to the HTTP Status Code Registry for details. | Status Code: 422. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Unprocessable Entity. |
Error Sample Data Delete Branch failed. Status Code: 422. Message: Unprocessable Entity. |
Get Latest File
Retrieves the contents of a file or directory within a repository. Use the Path parameter to specify the file path or directory. If the Path is not provided, it defaults to returning the contents of the repository's root directory.
READER NOTE
The list of repositories is accessible from the GitHub user interface in the left-side navigation menu. For this command, ensure to select a public repository, as choosing a private one will result in a 404 not found error.
Input
Input Parameter | Required/Optional | Description | Example |
Repository Name | Required | The name of the repository to retrieve file content. | ******-***-*******-***-***** |
Path | Optional | The file path or directory to retrieve file content. If this parameter is not defined, the contents of the repository's root directory will be returned. | ******* |
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Latest File failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the GitHub portal. Refer to the HTTP Status Code Registry for details. | Status Code: 404. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Not Found. |
Error Sample Data Get Latest File failed. Status Code: 404. Message: Not Found. |
List Issues
Lists issues from a repository.
READER NOTE
The list of repositories is accessible from the GitHub user interface in the left-side navigation menu. For this command, ensure to select a public repository, as choosing a private one will result in a 404 not found error. If there are no issues in the repository you select, it will return a success message but no results. You have the option to create a new repository and your own issue either through the Github user interface or by using the Create Issue command.
Input
Input Parameter | Required/Optional | Description | Example |
Repository | Required | The repository to list issues from. | ******* |
State | Optional | The state to filter listed issues. The available options are open and closed. The default value is open. | open |
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | List Issues failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the GitHub portal. Refer to the HTTP Status Code Registry for details. | Status Code: 404. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Not Found. |
Error Sample Data List Issues failed. Status Code: 404. Message: Not Found. |
Search Issues
Searches issues.
Input
Input Parameter | Required/Optional | Description | Example |
QueryString | Required | The query string to search issues. | **********+user:******** |
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Search Issues failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the GitHub portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: at BuildInIntegrations.GitHubIntegration.searchIssues(Object[] parameters). |
Error Sample Data Search Issues failed. Status Code: 400. Message: at BuildInIntegrations.GitHubIntegration.searchIssues(Object[] parameters). |
Update Issue
Updates an issue.
READER NOTE
Repository and Issue Number are required parameters to run this command.
Run the List Issues command to obtain the Issue Number. Issue Number can be found in the returned raw data at the path $.number.
Make sure the issue number is under the repository you input. It is suggested to use the repository you choose to run the list issue command, select the issue you want to update, use that pair to run this command.
Input
Input Parameter | Required/Optional | Description | Example |
Repository | Required | The repository containing the issue to update. | ******* |
Issue Number | Required | The number that identifies the issue to update. Issue Number can be obtained using the List Issues command. | 1 |
Title | Required | The updated title of the issue. | ********** |
Body | Optional | The updated contents of the issue. | ****** |
Labels | Optional | The updated labels to associate with this issue. | ["labelA"] |
Assignee | Optional | The updated assignee of the issue. | ******** |
State | Optional | The updated state of the issue. | open |
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Update Issue failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the GitHub portal. Refer to the HTTP Status Code Registry for details. | Status Code: 404. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Not Found. |
Error Sample Data Update Issue failed. Status Code: 404. Message: Not Found. |