Installation

STAR ships as a prebuilt, self-contained binary, distributed from bright-agent-dist — there's nothing to install into Bright's platform.

STAR runs in your CI/CD pipeline, on pull requests, commits, or a schedule — see Running STAR in CI for ready-made templates covering GitHub Actions, GitLab CI/CD, Azure Pipelines, Bitbucket Pipelines, CircleCI, and Jenkins.

What you'll need

Before running STAR, make sure you have:

  1. Prerequisites installed on your CI runner — Docker, Docker Compose, and Git.
  2. A Bright API token from app.brightsec.com — used to drive the dynamic scan engine.
  3. An inference (AI) provider — an API token for OpenAI, GitHub Models, Ollama, or any OpenAI-compatible endpoint. See AI / Inference Providers.
  4. A token that can push branches and open pull requests — required as REPO_ACCESS_TOKEN on GitLab, Bitbucket, CircleCI, and Jenkins. On GitHub Actions and Azure Pipelines the built-in CI token is used automatically (GITHUB_TOKEN / System.AccessToken). See Secrets.

Once you have those, continue to Prerequisites, then set up Configuration & CI Integration.