3c98b66164
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com> Co-authored-by: mchammer01 <42146119+mchammer01@users.noreply.github.com>
7.6 KiB
title, shortTitle, intro, product, allowTitleToDifferFromFilename, redirect_from, versions, type, topics
| title | shortTitle | intro | product | allowTitleToDifferFromFilename | redirect_from | versions | type | topics | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Enabling {% data variables.product.prodname_GHAS %} {% ifversion ghas-products %}products {% endif %}for your enterprise | Enabling {% data variables.product.prodname_GHAS %} | You can configure {% data variables.product.prodname_ghe_server %} to include {% data variables.product.prodname_GHAS %}{% ifversion ghas-products %} products{% endif %}. This provides extra features that help users find and fix security problems in their code. | {% data reusables.gated-features.ghas %} | true |
|
|
how_to |
|
About enabling {% data variables.product.prodname_GHAS %}{% ifversion ghas-products %} products{% endif %}
{% data reusables.advanced-security.ghas-helps-developers %}
When you enable {% data variables.product.prodname_GHAS %} for your enterprise, repository administrators in all organizations can enable the features unless you set up a policy to restrict access. See AUTOTITLE.
{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}
For guidance on a phased deployment of {% data variables.product.prodname_GHAS %}, see AUTOTITLE.
Checking whether your license includes {% data variables.product.prodname_GH_advanced_security %}
{% data reusables.enterprise-accounts.access-enterprise %} {% data reusables.enterprise-accounts.settings-tab %} {% data reusables.enterprise-accounts.license-tab %}
- If your license includes {% data variables.product.prodname_GH_advanced_security %}, the license page includes a section showing details of current usage.
Prerequisites for enabling {% data variables.product.prodname_GH_advanced_security %}
-
Upgrade your {% data variables.product.prodname_enterprise %} license to include {% data variables.product.prodname_GH_advanced_security %}. For information about licensing, see AUTOTITLE.
-
Download the new license file. See AUTOTITLE.
-
Upload the new license file to {% data variables.product.prodname_ghe_server %}. See AUTOTITLE.
-
Review the prerequisites for the features you plan to enable.
Enabling and disabling {% data variables.product.prodname_GH_advanced_security %} features
{% data reusables.enterprise_management_console.enable-disable-security-features %}
{% data reusables.enterprise_site_admin_settings.access-settings %} {% data reusables.enterprise_site_admin_settings.management-console %} {% data reusables.enterprise_management_console.advanced-security-tab %}
- Under "Security," select the features that you want to enable and deselect any features you want to disable. {% data reusables.enterprise_management_console.save-settings %}
When {% data variables.product.prodname_ghe_server %} has finished restarting, you're ready to set up any additional resources required for newly enabled features. See AUTOTITLE.
Enabling or disabling {% data variables.product.prodname_GH_advanced_security %} features via the administrative shell (SSH)
You can enable or disable features programmatically on {% data variables.product.prodname_ghe_server %}. For more information about the administrative shell and command-line utilities for {% data variables.product.prodname_ghe_server %}, see AUTOTITLE and AUTOTITLE.
For example, you can enable any {% data variables.product.prodname_GH_advanced_security %} feature with your infrastructure-as-code tooling when you deploy an instance for staging or disaster recovery.
{% data reusables.enterprise_installation.ssh-into-instance %}
-
Enable features for {% data variables.product.prodname_GH_advanced_security %}.
-
To enable {% data variables.product.prodname_code_scanning %}, enter the following commands.
ghe-config app.minio.enabled true ghe-config app.code-scanning.enabled true -
To enable {% data variables.product.prodname_secret_scanning %}, enter the following command.
ghe-config app.secret-scanning.enabled true -
To enable the dependency graph, enter the following command.
ghe-config app.dependency-graph.enabled true
-
-
Optionally, disable features for {% data variables.product.prodname_GH_advanced_security %}.
-
To disable {% data variables.product.prodname_code_scanning %}, enter the following commands.
ghe-config app.code-scanning.enabled false-
Optionally, if you disable {% data variables.product.prodname_code_scanning %}, you can also disable the internal MinIO service for {% data variables.product.prodname_GH_advanced_security %}. If {% data variables.product.prodname_dependabot_updates %} are enabled for the instance and you want to disable this service, you must also disable {% data variables.product.prodname_dependabot_updates %}. Disabling the service does not affect MinIO storage for {% data variables.product.prodname_actions %} or {% data variables.product.prodname_registry %}. For more information about {% data variables.product.prodname_dependabot_updates %}, see AUTOTITLE.
-
To disable {% data variables.product.prodname_dependabot_updates %}, enter the following command.
ghe-config app.dependabot.enabled false -
To disable MinIO, enter the following command.
ghe-config app.minio.enabled false
-
-
-
To disable {% data variables.product.prodname_secret_scanning %}, enter the following command.
ghe-config app.secret-scanning.enabled false -
To disable the dependency graph, enter the following command.
ghe-config app.dependency-graph.enabled false
-
{% data reusables.enterprise.apply-configuration %}