Applying a custom security configuration to your enterprise

You can apply your custom security configuration to organizations and repositories in your organization to meet the specific security needs of your enterprise.

谁可以使用此功能?

Enterprise owners and members with the admin role

本文内容

About applying a custom security configuration

After you create a custom security configuration, you need to apply it to repositories in your enterprise to enable the configuration's settings on those repositories.

Note

Some features enabled in security configurations may require Actions minutes to work. GitHub will let you know if that's the case when you apply the configuration to a repository. For more information about billing for GitHub Actions, see 关于 GitHub Actions 的计费.

Applying your custom security configuration to repositories in your enterprise

  1. 在 GitHub 的右上角,单击你的个人资料照片。

  2. 根据环境,单击“你的企业”,或单击“你的企业”,然后单击要查看的企业********。

  3. 在页面左侧的企业帐户边栏中,单击 设置”。

  4. In the left sidebar, click Code security.

  5. To the right of the configuration you want to apply, select the Apply to dropdown menu, then click All repositories or All repositories without configurations.

  6. (可选)在“确认”对话框中,可以选择根据其可见性自动将 security configuration 应用到新创建的存储库。 选择 None 下拉菜单,然后单击“公共”或“专用和内部”,或两个选项都单击。

  7. 若要应用 security configuration,请单击“应用”。

security configuration 适用于活动存储库和存档存储库,因为某些安全功能在存档存储库上运行,例如 secret scanning。 此外,如果存储库稍后取消存档,则可以确信它受到所选 security configuration 的保护。

If security configurations fail to apply to some organizations in your enterprise, GitHub will display a banner on the UI to let you know. You can click the links on the banner to get more information about the organizations and repositories involved.

Next steps

To learn how to edit your custom security configuration, see Editing a custom security configuration.