PricingInstall StepSecurity AppLogin

GitHub Enterprise Servers

GHES support is disabled by default. Customers need to contact us to have it enabled for their tenant

The GitHub Enterprise Servers page enables administrators to connect, configure, and manage multiple GitHub Enterprise Server (GHES) instances within their organization.

GitHub Enterprise Server Deployment Instructions

Step 1: Choose a Connectivity Model

To allow StepSecurity to access your GHES instance, select one of the following connectivity options:

Option 1: Allowlisting StepSecurity Outbound IPs

  • If your GHES instance is internet-routable and does not restrict inbound traffic, no additional configuration is required.

  • If your GHES instance does have ingress IP restrictions, you can allowlist StepSecurity’s fixed outbound IP addresses:

44.238.197.212
44.233.243.208

Option 2: StepSecurity Broker

  • If your GHES instance resides in an air-gapped or internal-only environment, use the StepSecurity Broker.

  • The Broker is provided as a Kubernetes Helm chart that runs as a pod in your environment, enabling secure, outbound-only communication with the StepSecurity platform.

Your Setup
Recommended Option

GHES is internet-accessible with no restrictions

Option 1

GHES is internet-accessible with IP allowlist

Option 1 (allowlist StepSecurity IPs)

GHES is air-gapped or internal only

Option 2

Complete this section only if you selected Option 2

StepSecurity Broker Deployment (Optional)

The StepSecurity Broker enables the StepSecurity platform to make GitHub API calls on private GHES endpoints.

  1. Select a Kubernetes Cluster

  • Choose a cluster where the Broker resources will be created.

  • Ensure the cluster can:

    • Successfully make API calls to your GHES endpoint, and

    • Reach the StepSecurity platform over the internet.

  1. Deploy the Helm Chart

  • The Helm deployment instructions are available in your StepSecurity tenant dashboard.

  • Go to Resources → GitHub Servers → Broker → Add Broker.

  • Deploy the provided Helm chart on your selected Kubernetes cluster.

  1. Verify the Deployment

  • The deployment typically completes within one minute.

  • Run the following command to confirm the status:

kubectl get pods -n [namespace]

  • Once deployed, the active Broker instance will appear under Resources → GitHub Servers → Brokers.

Step 2: Onboard StepSecurity on Your GHES Instance

  • Go to Resources → GitHub Servers → Add GitHub Server in your StepSecurity tenant portal.

  • Provide the required GHES details.

  • If using the StepSecurity Broker, check Use Broker and enter the Broker label you configured earlier.

    If not, leave the option unchecked.

  • Click Add Server.

  • You’ll be redirected to your GHES instance to complete the GitHub App manifest installation.

Once the StepSecurity GitHub App is successfully created on your GHES instance, you’ll be redirected back to your StepSecurity tenant portal.

Step 3: Install the StepSecurity GitHub App on Organizations

  • After the App manifest is deployed, click Visit App in your StepSecurity portal.

  • This will take you to the GitHub App page in your GHES. Click on Install / Configure.

  • Select the GitHub organization where you want to install the StepSecurity App.

  • Repeat this process for each additional organization as needed.

Step 4: Access the StepSecurity Dashboard

Once the StepSecurity GitHub App is installed:

  • Go to Resources → GitHub Servers → Servers.

  • Click the organization link under the Organization column to open its dashboard.

  • It may take up to 5 minutes for the organization to appear in the dashboard after initial installation.

Need Help?

If you encounter any issues during setup or deployment, contact your StepSecurity representative for assistance.

PreviousResourcesNextIntegrations

Last updated

Was this helpful?