Installation
STAR ships as a prebuilt, self-contained binary, distributed from bright-agent-dist — there's nothing to install into Bright's platform.
STAR runs in your CI/CD pipeline, on pull requests, commits, or a schedule — see Running STAR in CI for ready-made templates covering GitHub Actions, GitLab CI/CD, Azure Pipelines, Bitbucket Pipelines, CircleCI, and Jenkins.
What you'll need
Before running STAR, make sure you have:
- Prerequisites installed on your CI runner — Docker, Docker Compose, and Git.
- A Bright API token from app.brightsec.com — used to drive the dynamic scan engine.
- An inference (AI) provider — an API token for OpenAI, GitHub Models, Ollama, or any OpenAI-compatible endpoint. See AI / Inference Providers.
- A token that can push branches and open pull requests — required as
REPO_ACCESS_TOKENon GitLab, Bitbucket, CircleCI, and Jenkins. On GitHub Actions and Azure Pipelines the built-in CI token is used automatically (GITHUB_TOKEN/System.AccessToken). See Secrets.
Once you have those, continue to Prerequisites, then set up Configuration & CI Integration.