Hello there and a very warm welcome! We are thrilled that you are joining our rapidly growing user base.
GuardRails is all about providing a great Developer Experience. Please reach out and let us know if there is anything we can do to make the experience even better. Tweet at us @guardrailsio, email us at [email protected], or open a ticket in our support portal.
Still have questions? Click here to find out about more about GuardRails.
Select below for specific instructions on how to get started on a specific platform:
Missing a platform? Please drop us a line at [email protected].
We support on-premise deployments. For more information drop us a line.
It's simple, all you need is:
- a GitHub Account
ownerpermissions to install GitHub applications into organizations
Note: The GuardRails dashboard is accessible to members of the organization, but in order to enable repositories and manage subscriptions,
owner privileges are required.
You can trigger the install flow via the GuardRails.io website and either login to the dashboard first, with GitHub, or select a plan for trial - which would also redirect you to dashboard login screen. If you haven't installed the GuardRails app yet, you can do that after the first login. The steps are similar to the ones outlined below.
Alternatively, you can start by navigating to the GuardRails listing on the GitHub marketplace and click the "Set up a free trial" button.
Select the plan that you want to trial, select the organization that you want to install it in, and click on "Try free for 14 days".
Note: Every plan comes with a 2 week trial, so there are no charges at this point.
On the next screen you can review the order and click "Complete order and begin installation".
Note: You can select a plan and start a trial in the GuardRails Dashboard after the application was installed.
Next, you can choose which repositories you want to have covered by GuardRails.
You can either add all repositories or select the ones that you want to protect. Click "Install" again to complete the setup.
After a successful installation you will be re-directed to the GuardRails Dashboard.
Now, you can select the repositories that you want to have scanned by GuardRails. By default, all open-source repositories are enabled. Private repositories have to be enabled with the toggle.
Look for the repositories that you want to enable/disable and toggle the slider.
From now on, GuardRails will scan your repositories every time a Pull Request is created, and if you are on a paid team plan, also every time a commit is pushed to any branch.
The results of the security scan are shown as a comment of that PR, or in the branches tab of each repository.
An explanation of the Pull Request comment is found below:
It's simple, all you need is:
- a GitLab account
Maintainerpermissions or higher to enable private repositories
Note: The GuardRails dashboard is accessible to anyone with access to repositories and groups on GitLab. GuardRails uses the Single-Sign-On (SSO) capabilities of GitLab. However, in order to enable repositories and manage subscriptions, at least
maintainer privileges are required.
Start by navigating to the GuardRails Dashboard and click on "Continue with GitLab".
On the next screen you can authorize the GuardRails application by clicking "Authorize".
For the first time, you will have to select a free plan, or start a trial.
In this case we are selecting the Business Plan, which comes with 25 private repos.
Now, you go back to the repositories list and select the repositories that you want to have scanned by GuardRails. By default, all open-source repositories are enabled. Private repositories have to be enabled with the toggle.
From now on, GuardRails will scan your repositories every time a Merge Request (MR) is created, and also every time a commit is pushed to any branch. The results of the security scan are shown as a comment of that MR, or in the branches tab of each repository.
You can also click on the Scan button next to the enable/disable toggle to start a scan of the default branch of that repository, or go to the repository detail view, where you can start a scan against any branch.