Unified Language User Guides
iCR User Guide 5.0
iCR User Guide 5.0
  • Table of contents
    • Introduction
    • Overview
    • Authorizing Access to Your Source Code
      • Authenticating GitHub Cloud Access Using OAuth
      • Authenticating GitHub Cloud Access Using PAT
      • Authenticating GitHub Enterprise Access Using OAuth
      • Authenticating GitHub Enterprise Access Using PAT
      • Authenticating GitLab Cloud Access Using OAuth
      • Authenticating GitLab Cloud Access Using PAT
      • Authenticating GitLab Enterprise Access Using OAuth
      • Authenticating GitLab Enterprise Access Using PAT
      • Authenticating Bitbucket Cloud Access using OAuth
    • Using the Navigator
      • Connecting to the Navigator
      • Setting your User Password
      • Updating your User Information
      • The Navigator top banner
      • The Analysis Engine status
      • Selecting Your Source Code
        • Using a cloud-based VCS
        • Selecting your branch
        • Using a private VCS
        • Using a local project
        • Limiting the files to be analyzed
      • Integrating with your bug tracking system
        • Integrating with Jira - Define Your Project
        • Integrating with Jira - Authorizing Access for iCR
        • Integrating with Jira - Connecting with iCR
    • Using the Analysis Engine
      • Initiating an analysis
      • Monitoring the analysis
      • Interrupting the analysis
    • Reviewing your results
      • Reviewer summary and filters
        • Filter by Severity
        • Filter by Category
        • Filter by CWE
        • Filter by OWASP
        • Filter by Directory
      • Reviewing a fix
      • Accepting a fix
        • Accepting a fix when integrated with your bug system
      • Rejecting a fix
        • Rejecting a fix when integrated with your bug system
      • Undoing a fix
        • Undoing a fix when integrated with your bug system
      • Rejected fix history
      • Providing feedback
      • Applying the fixes
      • Cases needing manual attention
      • Comparing Analyses
      • Capturing results for printing or sharing
      • Ending a reviewer session
    • When you are complete
    • Integrating iCR Into Your CI/CD Workflows
      • Jenkins Workflow
        • Installing the plugin
        • Configuring the plugin
          • Creating a Personal Access Token
          • Copying Your Repository's URL
        • Viewing the Results
      • GitHub Actions Workflow
        • GitHub Actions Overview
        • Preparing the GitHub Workflow
          • Environment Variables
          • User Supplied Secrets
          • Setting the User Defined Secrets Values
        • Executing the Workflow
      • GitLab CI/CD Workflow
        • GitLab CI/CD OverView
        • Configuring the GitLab Script variables
          • Environment Variables
          • User Supplied Variables
          • Creating a Personal Access Token
          • Setting the User Defined Variable Values
        • Executing the Workflow
      • Multiple Workflows
    • Appendix – Language Specific Fixer Lists
    • Appendix - Sample Bug Listing
    • Appendix - Getting a BitBucket App Password for JENKINS
Powered by GitBook
On this page
  1. Table of contents
  2. Using the Navigator
  3. Selecting Your Source Code

Using a cloud-based VCS

PreviousSelecting Your Source CodeNextSelecting your branch

Last updated 4 months ago

From , you will have already set up the OAuth credentials or your Personal Access Token (PAT) to allow access to your preferred VCS. Assuming that you have done that, select your VCS from the pull-down menu. For our examples, we will be using GitHub cloud as the chosen VCS.

The very first time a user attempts to reach GitHub following the OAuth/PAT configuration, the Navigator will pop up a window asking you to choose whether or not you plan to use OAuth credentials or your PAT:

In this first case, we show how to configure the OAuth credentials, so we click on Proceed with OAuth. This opens a dialog box requesting you to enter the Client ID and Secret keys from the .

If you have chosen to authenticate using your private PAT, the above process is a little different. In this case, select Proceed with PAT. This brings up the popup asking for the PAT information.

Once access to your GitHub account has been authorized, you will now see all of your available GitHub projects. You can scroll down through the page to see all of your repositories:

If you have a large number of repositories, you can use the search field to find desired repositories. In the example below, typing in the characters "ba" will reveal 2 projects which contain that substring:

NOTE: Once a repository has been cloned, it will jump to the top of the list of available repositories. This makes it more convenient to access a cloned repository later.

As explained in , hopefully you copied the Client ID and Secret somewhere so that you can enter them here. Click the Submit button to accept the changes. Once done, users may login into their GitHub accounts without needing to repeat this process.

As described in , enter the PAT you created from that step. And, as with the OAuth example, click the Submit button to accept the changes.

If there is some reason to change the OAuth Client ID and Secret or change your PAT, you can get back to this window using the Settings icon , on the top banner.

Each project is presented with a “+” sign so that you can open it up to view its branches. Before you can browse the project branches, however, you need to "clone" a copy of the project from GitHub. The Clone icon is to the right of the project name box.

For our example, we will use a project called Baritone, which we show below as cloned and ready for analysis. Note that, once cloned, the Clone icon is replaced by Remove icon . This provides you with a way of removing a project if you desire. When you remove a project, however, note that ALL RESULTS WILL BE REMOVED. That is, any analyses that you have performed and not applied to your project will be lost. Clicking on the “+” will enumerate all of the available branches:

Authorizing Access to Your source code
Authenticating GitHub Access using PAT
Authorizing Access to Your Source Code
OAuth configuration