Quickstart with Gomboc Community Edition


Introduction
In this guide, you’ll install the Gomboc GitHub App and run your first scan. Gomboc will automatically review your Terraform code and generate PR-ready fixes developers actually love. From there, you can quickly iterate, review, and prevent misconfigurations from ever reaching production.
Before getting started
To get the most out of this guide, you’ll need:
A GitHub account, used for authentication and app installation
A repository that contains Terraform (.tf) code
If you need a repo to test with, you can fork our demo example. It includes real-world Terraform configurations ready to scan.
1. Install the Gomboc GitHub App
Select the repos you’d like us to monitor (your own or Gomboc demo example).
2. Scan & Generate Fixes
Once the GitHub App is installed:
Edit one of your Terraform files and create a pull request in your selected repo.
Gomboc will:
Automatically scan your Terraform code
Open a new PR with:
A clear summary of what was fixed
Suggested secure code fixes
3. Review Fixes & Share Feedback
Head to the PR created by Gomboc, review the description, accept the fixes, and merge.
Merge when ready or leave feedback via our GitHub discussions channel.
Discover Gomboc
Our guides will help you set up Gomboc quickly and easily. Learn Gomboc terminology, configure the necessary prerequisites, onboard your organization, and understand the complete Gomboc workflow.
Last updated