About enabling GitHub Advanced Security
La GitHub Advanced Security ayuda a que los desarrolladores mejoren y mantengan la seguridad y la calidad del código. Para obtener más información, consulta la sección "Acerca de GitHub Advanced Security".
When you enable GitHub Advanced Security for your enterprise, repository administrators in all organizations can enable the features. For more information, see "Managing security and analysis settings for your organization" and "Managing security and analysis settings for your repository."
For guidance on a phased deployment of GitHub Advanced Security, see "Deploying GitHub Advanced Security in your enterprise."
Checking whether your license includes GitHub Advanced Security
- Desde una cuenta administrativa en GitHub Enterprise Server, da clic en la esquina superior derecha de cualquier página.
- En la barra lateral izquierda, haz clic en Consola de administración.
- If your license includes GitHub Advanced Security, there is an Advanced Security entry in the left sidebar.
Si no puedes ver la Advanced Security en la barra lateral, esto significa que tu licencia no incluye soporte para las características de Advanced Security, incluyendo el escaneo de código y el escaneo de secretos. La licencia de Advanced Security te permite acceder, a ti y a tus usuarios, a las características que te permiten añadir seguridad a tus repositorios ya tu código. For more information, see "About GitHub Advanced Security" or contact Equipo de ventas de GitHub.
Prerequisites for enabling GitHub Advanced Security
-
Upgrade your license for GitHub Enterprise Server to include GitHub Advanced Security.
-
Download the new license file. For more information, see "Downloading your license for GitHub Enterprise."
-
Upload the new license file to tu instancia de GitHub Enterprise Server. For more information, see "Uploading a new license to GitHub Enterprise Server."
-
Review the prerequisites for the features you plan to enable.
- Escaneo de código, see "Configuring escaneo de código for your appliance."
- Escaneo de secretos, see "Configuring escaneo de secretos for your appliance."
- Dependabot, see "Enabling the dependency graph and Las alertas del dependabot on your enterprise account."
Enabling and disabling GitHub Advanced Security features
Advertencia: El cambiar esta configuración ocasionará que se reinicien los servicios de cara al cliente en GitHub Enterprise Server. Debes calcular este cambio cuidadosamente para minimizar el tiempo de inactividad para los usuarios.
- Desde una cuenta administrativa en GitHub Enterprise Server, da clic en la esquina superior derecha de cualquier página.
- En la barra lateral izquierda, haz clic en Consola de administración.
- En la barra lateral izquierda, haz clic en Advanced Security.
- Under "Advanced Security," select the features that you want to enable and deselect any features you want to disable.
- Debajo de la barra lateral izquierda, da clic en Guardar configuración.
- Espera a que la configuración se ejecute por completo.
When GitHub Enterprise Server has finished restarting, you're ready to set up any additional resources required for newly enabled features. For more information, see "Configuring escaneo de código for your appliance."
Enabling or disabling GitHub Advanced Security features via the administrative shell (SSH)
You can enable or disable features programmatically on tu instancia de GitHub Enterprise Server. For more information about the administrative shell and command-line utilities for GitHub Enterprise Server, see "Accessing the administrative shell (SSH)" and "Command-line utilities."
For example, you can enable any GitHub Advanced Security feature with your infrastructure-as-code tooling when you deploy an instance for staging or disaster recovery.
-
SSH into tu instancia de GitHub Enterprise Server.
-
Enable features for GitHub Advanced Security.
- To enable Escaneo de código, enter the following commands.
ghe-config app.minio.enabled true ghe-config app.code-scanning.enabled true - To enable Escaneo de secretos, enter the following command.
ghe-config app.secret-scanning.enabled true - To enable Dependabot, enter the following commands.
ghe-config app.github.dependency-graph-enabled true ghe-config app.github.vulnerability-alerting-and-settings-enabled true
- To enable Escaneo de código, enter the following commands.
-
Optionally, disable features for GitHub Advanced Security.
- To disable escaneo de código, enter the following commands.
ghe-config app.minio.enabled false ghe-config app.code-scanning.enabled false - To disable escaneo de secretos, enter the following command.
ghe-config app.secret-scanning.enabled false - To disable Las alertas del dependabot, enter the following commands.
ghe-config app.github.dependency-graph-enabled false ghe-config app.github.vulnerability-alerting-and-settings-enabled false
- To disable escaneo de código, enter the following commands.
-
Apply the configuration.
ghe-config-apply