GitHub

Configuring GitHub integration

The GitHub integration enables Tidal Control to automatically execute compliance tests on your GitHub environment via the Tidal Control GitHub app.

Requirements:

• Super User role in Tidal Control
• GitHub organisation admin rights
• Access to GitHub organisation where monitoring is desired

Configuration step-by-step plan

What we're going to do: We'll install the Tidal Control GitHub app in your GitHub organisation(s). This app gets read-only access to repository configurations for security compliance monitoring.

Configuration steps:

1. Start Tidal integration
2. GitHub authentication
3. Configure repository access
4. Complete app installation
5. Additional organisations

Required permissions

When you install the Tidal Control GitHub app, GitHub shows which permissions the app requests. All access is read-only — Tidal Control never writes, modifies, or deletes anything in your GitHub environment.

Currently active

Permission	Why we need it
Administration	Reads branch protection rules and rulesets. Used to verify: is force push to the default branch disabled, is a PR review required before merging, and is code owner approval required.
Pull requests	Verifies that recently merged pull requests were approved before merging.
Metadata	Basic repository information: name, visibility (public/private), fork status, and default branch name.

Present for future tests

The following permissions are included in the app but not yet actively used. They are reserved for additional compliance checks we plan to build:

Permission	Planned use
Code	Check whether a CODEOWNERS file is present and correctly configured, or whether a SECURITY.md (responsible disclosure policy) exists. We read only metadata files — not your business logic or intellectual property.
Dependabot alerts	Verify whether Dependabot is active and whether there are open critical vulnerabilities in dependencies.
Secret scanning alerts	Check whether secret scanning is enabled and whether there are open reports of leaked credentials.
Checks	Verify whether mandatory CI checks are configured as a condition for merging pull requests.
Security events, repository advisories, deployments, issues	Reserved for future compliance checks.

Step 1: Start Tidal integration

• Go to Settings → Integrations in Tidal Control
• Click the plus icon next to GitHub
• Click "Click here to get started"
• You'll be automatically redirected to GitHub

Step 2: GitHub authentication

• Enter your GitHub login credentials
• Click "Sign in"
• Select the organisation where you want to install the app
• If app already installed: click "Configure" for settings

Step 3: Configure repository access

• Choose access level:
  • All repositories - Complete organisation monitoring
  • Selected repositories - Selective compliance monitoring
• Select desired repositories if specific chosen

Step 4: Complete app installation

• Review the permissions that Tidal Control requests
• Click "Install" for direct installation
• Or click "Request" if organisation approval required
• Wait for approval from organisation owner (if applicable)

Step 5: Additional organisations

• Repeat steps 1-4 for each additional organisation
• Each organisation needs own app installation
• Configure per organisation which repositories are monitored

Verification

Check successful configuration:

• Settings → Integrations shows "Connected" status for GitHub
• Test refresh delivers repository data without (permission) errors

Troubleshooting

Troubleshooting issues:

• Verify GitHub app installation in organisation settings
• Check repository permissions for Tidal Control app
• Ask if organisation admin has approved the app
• Verify there are no conflicting security policies in GitHub

Still having trouble?

Send an email to support@tidalcontrol.com, and we'll get in touch as soon as possible.