--- title: "Integrations" diataxis: how-to applies_to: product: "nirmata-control-hub" audience: ["platform-engineer","admin"] last_updated: 2026-03-25 url: https://docs.nirmata.io/docs/control-hub/settings/integrations/ --- The **Integrations** section in *Settings* allows integration of the Nirmata platform to third-party applications like **Git**, **GitHub App**, **Slack**, **Venafi**, and **Jira**. ![Integration](/images/integration-new.png) ## GitHub App Nirmata users can integrate GitHub App for secure, enterprise-ready authentication with GitHub repositories. This integration is used by Nirmata AI Agents (like the Remediator Agent) to create pull requests and manage issues. To configure GitHub App integration, see the detailed [GitHub App Integration guide](githubapp/). **Key Benefits:** - Enhanced security with short-lived tokens - Fine-grained permissions and access control - Better audit trail for compliance - Centralized credential management through Nirmata Control Hub ## Git Nirmata users can integrate Git to set up accounts for GitOps. To configure Git, click **Add Git Credentials**/**Create Git Credentials** and add the following Git details: 1. **Name** - A unique identifier for the Git Credential. 2. **Username** - Git username. 3. **Password/ Key** - Git password. >**NOTE:** You can add *Access Controls* to restrict access to Git Credentials. ## Slack Nirmata users can integrate Slack accounts to receive alarm notifications. To configure a Slack account, click **Add Slack Credentials**/**Create Slack Settings** and add the following Slack credentials: 1. **Name** - Name of the Slack account. 2. **API Token** - API access token for the account. >**Note:** Validate the API Token by clicking on the **Validate API Token** button. ## Venafi Nirmata users can integrate the Venafi security system by setting up Venafi credentials. To configure Venafi credentials: 1. Click **Add Venafi Settings**. 2. Enter the following Venafi credentials to add the Venafi security configuration, and click **Add**. * **Name** - Name of the Venafi integration. * **Auth URL** - The authentication URL for the Venafi Trust Protection Platform (TPP). * **HSM URL** - The HSM URL for the Venafi Trust Protection Platform (TPP). * **Username** - Venafi Trust Protection Platform username. * **Password** - Venafi Trust Protection Platform password. * Additional Trusted Certificate (Optional) ## Jira Nirmata users can configure Jira Change Management to automatically track application changes in Jira. To configure and integrate Jira: 1. Click **Create Jira Settings** or **Add Jira Settings**. 2. Enter the following Jira account details: **Name**, **Address**, **Username / Email**, and **Password**. 3. Select the **Accept All Certificates** checkbox if you want to add the certificates. 4. Click **Next**. 5. Enter **Project Key**, **Priority Type ID**, **Issue Type ID**, and click **Next**. 6. Add **Access Control Policy** and click **Finish**. --- ## GitHub App Integration Install and configure the Nirmata GitHub App to enable GitOps workflows and automated policy remediation. For an overview of what the integration does and why it improves security over PAT-based approaches, see [GitHub App Integration Overview](overview/). For a reference of what the app can and cannot access in your repositories, see [GitHub App Permissions](permissions/). ## Installing GitHub App Integration Follow these steps to connect your GitHub account to Nirmata: ### Step 1: Navigate to Integrations 1. Log in to **Nirmata Control Hub** 2. Click on **Settings** in the left sidebar 3. Select **Integrations** 4. Locate the **GitHub** card in the **Devops** section ![Integrations Page](/images/integrations-page-github.png) ### Step 2: Connect GitHub App 1. Click the **Connect** button on the GitHub card 2. You will be redirected to GitHub's authorization page ![GitHub Connect Button](/images/github-connect.png) ### Step 3: Install Nirmata GitHub App On the GitHub authorization page, you'll see: ![Install Nirmata GitHub App](/images/install-nirmata-github-app.png) 1. **Select Account**: Choose the GitHub account or organization where you want to install the app - You'll see your personal account and any organizations you have admin access to 2. **Select Repositories**: Choose which repositories Nirmata can access: - **All repositories**: Grant access to all current and future repositories (recommended for full GitOps workflows) - **Only select repositories**: Choose specific repositories for more granular control 3. **Review Permissions**: The Nirmata GitHub App requests the following permissions: - ✅ **Read access to metadata**: Required by GitHub (mandatory) - ✅ **Read and write access to code, issues, and pull requests**: Enables Nirmata to: - Create branches and commits - Open pull requests for policy remediations - Create and manage issues - Read repository contents 4. Click **Install** to authorize the connection ### Step 4: Complete Setup 1. After clicking **Install**, you'll be redirected back to Nirmata Control Hub 2. The GitHub integration will now show as **Connected** 3. You can now use this integration across all Nirmata features that require GitHub access ![GitHub Connected](/images/github-connected.png) ## Managing GitHub App Integration ### Viewing Connected Repositories After installation, you can view and manage the connected repositories: 1. Navigate to **Settings** → **Integrations** 2. Click **Manage** on the GitHub card 3. You'll see the list of connected repositories and installation details ### Modifying Repository Access To add or remove repository access: 1. Navigate to **Settings** → **Integrations** 2. Click **Manage** on the GitHub card 3. Click **Configure** or go directly to your GitHub settings 4. In GitHub, navigate to **Settings** → **Applications** → **Installed GitHub Apps** 5. Find **Nirmata** and click **Configure** 6. Modify repository access as needed 7. Click **Save** ### Disconnecting GitHub App To remove the GitHub App integration: 1. Navigate to **Settings** → **Integrations** 2. Click **Manage** on the GitHub card 3. Click **Disconnect** or **Remove** 4. Confirm the removal Alternatively, you can uninstall directly from GitHub: 1. Go to your GitHub organization **Settings** → **Applications** → **Installed GitHub Apps** 2. Find **Nirmata** and click **Configure** 3. Scroll down and click **Uninstall** ## Using GitHub App with Nirmata Features Once the GitHub App is connected, it can be used across various Nirmata features: ### AI Agents (Remediator Agent) The Remediator Agent uses the GitHub App to create pull requests with policy fixes: ```yaml apiVersion: serviceagents.nirmata.io/v1alpha1 kind: ToolConfig metadata: name: nirmata-github-tool namespace: nirmata spec: type: github credentials: method: nirmata-app # Uses GitHub App configured in Nirmata Control Hub defaults: git: pullRequests: branchPrefix: "remediation-" titleTemplate: "remediator: Fix policy violations in %s" commitMessageTemplate: "Auto-fix: Remediate policy violations in %s" systemLabels: - "branch" - "clusterName" - "appName" - "namespace" customLabels: - "security" - "compliance" ```text **Prerequisites:** - GitHub App installed and connected in Nirmata Control Hub - `SERVICE_ACCOUNT_TOKEN` or `API_TOKEN` environment variable configured in your cluster - No additional secrets required ### Example: Remediator with GitHub App ```yaml apiVersion: serviceagents.nirmata.io/v1alpha1 kind: Remediator metadata: name: remediator-sample namespace: nirmata spec: environment: type: argoHub target: argoHubTarget: argoAppSelector: allApps: true remediation: llmConfigRef: name: remediator-agent-llm namespace: nirmata gitCredentials: name: nirmata-github-tool # Reference to your ToolConfig namespace: nirmata triggers: - schedule: crontab: "0 */6 * * *" actions: - type: CreatePR toolRef: name: nirmata-github-tool # Reference to your ToolConfig namespace: nirmata ```text ## Troubleshooting ### Cannot Connect to GitHub **Problem**: The "Connect" button doesn't redirect to GitHub or shows an error **Solutions**: 1. Ensure you're logged into GitHub in the same browser 2. Check that pop-ups are not blocked in your browser 3. Verify you have admin access to the GitHub organization where you want to install 4. Clear browser cache and cookies, then try again ### Missing Repository Access **Problem**: Nirmata cannot access a specific repository **Solutions**: 1. Verify the repository is included in the GitHub App installation: - Go to GitHub → Settings → Applications → Installed GitHub Apps - Click **Configure** next to Nirmata - Check if the repository is listed or "All repositories" is selected 2. If missing, add the repository: - Click **Configure** next to Nirmata - Select the repository from the dropdown - Click **Save** ### Pull Requests Not Being Created **Problem**: AI agents or GitOps workflows can't create pull requests **Solutions**: 1. Verify the GitHub App is installed on the target repository (see "Missing Repository Access" above) 2. Check that the repository is not archived or read-only 3. Ensure branch protection rules don't prevent the app from pushing 4. Review the application logs for detailed error messages: ```bash kubectl logs -n nirmata -l app.kubernetes.io/name=remediator-agent --tail=100 ``` 5. Verify your `SERVICE_ACCOUNT_TOKEN` or `API_TOKEN` is correctly configured ## Related Documentation - [Remediator Agent Overview](/docs/control-hub/agent-hub/service-agents/) - Learn about AI-powered policy remediation - [GitHub Authentication Guide](/docs/control-hub/agent-hub/service-agents/github-authentication/) - Detailed guide for using GitHub with AI agents - [Integration Settings](/docs/control-hub/settings/integrations/) - All available integrations - [GitOps Workflows](/docs/control-hub/how-to/) - Using Git-based workflows in Nirmata ## Support Need help with GitHub App integration? - **Nirmata Support**: support@nirmata.com - **Documentation**: https://docs.nirmata.io - **GitHub Apps Help**: https://docs.github.com/en/apps - **Community Forum**: https://community.nirmata.io (if available) --- ## Terraform Cloud (TFC) Run Task Integration The **Terraform Cloud (TFC)** Run Task integration enables automatic scanning of Terraform plans using the **Nirmata Control Hub** and **Kyverno** for policy compliance. This ensures Terraform infrastructure changes are validated against enterprise policies before being applied. --- ## Prerequisites Before you begin, ensure that you have: - A **Terraform Cloud (TFC)** organization with permissions to create Run Tasks. - A **Nirmata Control Hub** tenant with administrative access. - Access to a **Git provider** (GitHub required for MVP; GitLab and Bitbucket optional for future integrations). --- For an explanation of how the integration works and its key components, see [Terraform Cloud Integration Overview](overview/). --- ## Step-by-Step Configuration ### Step 1: Enable Integration in Nirmata Control Hub 1. Log in to your **Nirmata Control Hub** instance. 2. Navigate to **Integrations → Terraform**. 3. Copy the generated **Webhook URL** and **Shared HMAC Key**. ### Step 2: Add a Run Task in Terraform Cloud 1. In **Terraform Cloud**, go to **Settings → Run Tasks → Create Run Task**. 2. Provide a descriptive name (e.g., `Nirmata Policy Scan`). 3. Paste the **Webhook URL** from Nirmata Control Hub. 4. Enter the **Shared HMAC Key** into the **HMAC Secret** field. 5. Assign the Run Task to one or more workspaces where you want policy scans to run. ### Step 3: Trigger a Terraform Run 1. Execute a **terraform plan** or **apply** in the configured workspace. 2. Terraform Cloud sends the plan payload to the **Nirmata Terraform Service**. 3. The service runs compliance scans using default public policy sets. 4. The pass/fail status is displayed in the Terraform Cloud run UI. ### Step 4: View Results in Nirmata Control Hub - Go to **Integrations → Terraform → Runs** in Nirmata Control Hub to view detailed scan results, violations, and policy summaries. --- ## Next Steps - Explore **custom policy sets** in Nirmata Control Hub for Terraform security and compliance. - Visit the [Nirmata Documentation Portal](https://docs.nirmata.io) for additional configuration and troubleshooting guides.