About enabling GitHub Advanced Security
GitHub Advanced Securityは、開発者がコードのセキュリティ及び品質を改善し、維持するための役に立ちます。 詳しい情� �については、「GitHub Advanced Security について」を参照してく� さい。
When you enable GitHub Advanced Security for your enterprise, repository administrators in all organizations can enable the features. 詳しい情� �については、「Organization のセキュリティおよび分析設定を管理する」と「リポジトリのセキュリティと分析設定を管理する」を参照してく� さい。
For guidance on a phased deployment of GitHub Advanced Security, see "Deploying GitHub Advanced Security in your enterprise."
Checking whether your license includes GitHub Advanced Security
-
From an administrative account on GitHub Enterprise Server, in the upper-right corner of any page, click .
-
If you're not already on the "Site admin" page, in the upper-left corner, click Site admin.
-
左のサイドバーでManagement Consoleをクリックしてく� さい。
-
If your license includes GitHub Advanced Security, there is an Advanced Security entry in the left sidebar.
If you can't see Advanced Security in the sidebar, it means that your license doesn't include support for Advanced Security features, including code scanning and secret scanning. The Advanced Security license gives you and your users access to features that help you make your repositories and code more secure. For more information, see "About GitHub Advanced Security" or contact GitHubの営業チー� .
Prerequisites for enabling GitHub Advanced Security
-
Upgrade your license for GitHub Enterprise Server to include GitHub Advanced Security.
-
Download the new license file. For more information, see "Downloading your license for GitHub Enterprise."
-
Upload the new license file to your GitHub Enterprise Server instance. For more information, see "Uploading a new license to GitHub Enterprise Server."
-
Review the prerequisites for the features you plan to enable.
- Code scanning, see "Configuring code scanning for your appliance."
- Secret scanning, see "Configuring secret scanning for your appliance."
- Dependabot, see "Enabling Dependabot for your enterprise."
Enabling and disabling GitHub Advanced Security features
警告: この設定を変更すると、GitHub Enterprise Serverのユーザが利用するサービスが再起動されます。 ユーザにとってのダウンタイ� を最小化するために、この変更の時間は慎重に調整しなければなりません。
-
From an administrative account on GitHub Enterprise Server, in the upper-right corner of any page, click .
-
If you're not already on the "Site admin" page, in the upper-left corner, click Site admin.
-
左のサイドバーでManagement Consoleをクリックしてく� さい。
-
In the left sidebar, click Advanced Security.
-
Under "Advanced Security," select the features that you want to enable and deselect any features you want to disable.
-
左のサイドバーの下でSave settings(設定の保存)をクリックしてく� さい。
Note: Saving settings in the Management Console restarts system services, which could result in user-visible downtime.
-
設定が完了するのを待ってく� さい。
When GitHub Enterprise Server has finished restarting, you're ready to set up any additional resources required for newly enabled features. 詳しい情� �については「アプライアンスのためのcode scanningの設定」を参照してく� さい。
Enabling or disabling GitHub Advanced Security features via the administrative shell (SSH)
You can enable or disable features programmatically on your GitHub Enterprise Server instance. GitHub Enterprise Server の管理シェルおよびコマンドラインユーティリティの詳細については、「管理シェル (SSH) へのアクセス」および「コマンドラインユーティリティ」を参照してく� さい。
For example, you can enable any GitHub Advanced Security feature with your infrastructure-as-code tooling when you deploy an instance for staging or disaster recovery.
-
your GitHub Enterprise Server instanceにSSHでアクセスしてく� さい。
-
Enable features for GitHub Advanced Security.
- To enable Code scanning, enter the following commands.
ghe-config app.minio.enabled true ghe-config app.code-scanning.enabled true
- To enable Secret scanning, enter the following command.
ghe-config app.secret-scanning.enabled true
- To enable the dependency graph, enter the following commands.
ghe-config app.github.dependency-graph-enabled true ghe-config app.github.vulnerability-alerting-and-settings-enabled true
- To enable Code scanning, enter the following commands.
-
Optionally, disable features for GitHub Advanced Security.
- To disable code scanning, enter the following commands.
ghe-config app.minio.enabled false ghe-config app.code-scanning.enabled false
- To disable secret scanning, enter the following command.
ghe-config app.secret-scanning.enabled false
- To disable the dependency graph, enter the following commands.
ghe-config app.github.dependency-graph-enabled false ghe-config app.github.vulnerability-alerting-and-settings-enabled false
- To disable code scanning, enter the following commands.
-
設定を適用します。
ghe-config-apply