Fetches a list of security vulnerabilities for repositories belonging to a GitHub organization, using the GitHub API (v4). Designed to be used as an Icinga plugin.
This repository implements the scripts to rule them all pattern.
To use this code, start by cloning the repository:
$ git clone git@github.com:dxw/security-alert-notifier.gitThen run the relevant script to setup your environment and install dependencies:
./script/setup- Obtain a personal GitHub OAuth
token,
with the
reposcope - Run
security-alert-notifier.rb --token <access_token> --organization <organization_name>and any vulnerabilities that haven't been dismissed will be displayed in the console. If there are vulnerabilities then the check will return a "Warning" status, else "OK".
If you prefer to receive the results as a CSV file, rather than as text to STDOUT, please run:
security-alert-notifier.rb --token <access_token> --organization <organization_name> --csv <filename>To run the standard lint (standardrb) and unit tests for this code, run:
./script/testFor dxw employees, please note that this code is also used downstream in our Chef configuration, and any changes you merge in here also need to be reflected there. If this isn't clear to you, please speak to a colleague from Ops.