Build and sync custom integrations from a private Git repository into Tracecat.
TRACECAT__LOCAL_REPOSITORY_ENABLED
to true
TRACECAT__LOCAL_REPOSITORY_PATH
to the path of the local repositorypip
, and YAMLCreate new repo
Configure remote repo URL
Git repository
section in Organization
settings and configure the remote repo URL to point to your private repository.GitHub SSH deploy key
Private key in Tracecat
SSH keys
section in Organizations
settings and add the private key with the name github-ssh-key
.github-ssh-key
key name works for both GitHub and GitLab.Refresh repos in Tracecat
Repositories
section in the Registry
page and refresh the repos.
Your custom repo should now be visible.Sync custom repo
Repositories
section, select your custom repo and press the Sync from remote
.
Your custom integrations should now be visible in your Tracecat instance’s registry.View custom integrations
Actions
view in the Registry
page and filter by Origin
to view synced actions.🎉 That's it!
core.http_request
) with the same parameters in multiple workflows, we recommend creating a YAML action template.Check out Tracecat’s open source Action Templates on GitHub for examples.
More information on when and how to build effective templates can be found in the integrations best practices.title
, description
, and display group
namespace
(e.g. tools.falconpy
) and name
(e.g. call_command
) for the actionexpects
sectionsteps
sectionsecrets
sectioncore.http_request
, configured to call an external API.
These steps are also parameterized with the inputs defined in the expects
section.
returns
field of the template is logged in Tracecat workflows.
Outputs between steps are not logged unless specified in returns
.Example templates
core.http_request
and tools.falconpy.call_command
, can all be used in templates by specifying the steps.action
field.
inputs
: Reference inputs into the action as defined in the expects
section.steps
: Reference results from previous steps in the same template.SECRETS
: Reference secrets.FN
: Reference functions.inputs
and steps
are expressions specific to templates.
SECRETS
and FN
are used in the same way as in workflows.
This means that templates have full support for Tracecat’s powerful inline functions.
For example:
secrets
section.
You must specify the secret’s name
, key
, and (if applicable) optional_keys
.
Secrets stored in the secrets manager can be accessed using the SECRETS
context: ${{ SECRETS.<name>.<key> }}
.
For example:
from typing import Annotated
from typing_extensions import Doc
RegistrySecret
objects in the secrets
argument of the @registry.register
decorator.
They are retrieved from Tracecat’s secrets manager at runtime and garbage collected after the action is executed.