-
Notifications
You must be signed in to change notification settings - Fork 33
Expand file tree
/
Copy pathconfig.go
More file actions
127 lines (119 loc) · 3.75 KB
/
config.go
File metadata and controls
127 lines (119 loc) · 3.75 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
// Copyright Mondoo, Inc. 2024, 2026
// SPDX-License-Identifier: BUSL-1.1
package config
import (
"go.mondoo.com/mql/v13/providers-sdk/v1/inventory"
"go.mondoo.com/mql/v13/providers-sdk/v1/plugin"
"go.mondoo.com/mql/v13/providers/github/connection"
"go.mondoo.com/mql/v13/providers/github/provider"
)
var Config = plugin.Provider{
Name: "github",
ID: "go.mondoo.com/cnquery/v9/providers/github",
Version: "13.0.5",
ConnectionTypes: []string{provider.ConnectionType},
Connectors: []plugin.Connector{
{
Name: "github",
Use: "github",
Short: "a GitHub organization or repository",
Long: `Use the github provider to query resources within GitHub organizations and repositories.
Available commands:
org GitHub organization
repo GitHub repo
Examples:
cnspec scan github org <ORG_NAME> --discover organization
cnspec scan github org <ORG_NAME> --repos "<REPO1>,<REPO2>"
cnspec shell github org <ORG_NAME>
cnspec shell github org <YOUR-GITHUB-ORG> --app-id <YOUR-GITHUB-APP-ID> --app-installation-id <YOUR-GITHUB-APP-INSTALL-ID> --app-private-key <PATH-TO-PEM-FILE>
Notes:
Mondoo needs a personal access token to scan a GitHub organization, public repo, or private repo. The token's level of access determines how much information Mondoo can retrieve. Supply your personal access token to Mondoo by setting the GITHUB_TOKEN environment variable. To learn how, read https://mondoo.com/docs/cnspec/saas/github/.
If you have very large GitHub organizations, consider giving Mondoo access using custom GitHub app credentials. To learn how, read https://mondoo.com/docs/cnspec/saas/gh-app/.
If you have a GitHub Enterprise Server account, you must provide the URL for the account using the --enterprise-url flag.
`,
MinArgs: 2,
MaxArgs: 2,
Discovery: []string{
connection.DiscoveryRepos,
connection.DiscoveryUsers,
connection.DiscoveryOrganization,
connection.DiscoveryTerraform,
connection.DiscoveryK8sManifests,
},
Flags: []plugin.Flag{
{
Long: "token",
Type: plugin.FlagType_String,
Default: "",
Desc: "GitHub personal access token",
},
{
Long: "repos-exclude",
Type: plugin.FlagType_String,
Default: "",
Desc: "Filter out repositories matching these names",
},
{
Long: "repos",
Type: plugin.FlagType_String,
Default: "",
Desc: "Only include repositories matching these names",
},
{
Long: "app-id",
Type: plugin.FlagType_String,
Default: "",
Desc: "GitHub App ID",
},
{
Long: "app-installation-id",
Type: plugin.FlagType_String,
Default: "",
Desc: "GitHub App installation ID",
},
{
Long: "app-private-key",
Type: plugin.FlagType_String,
Default: "",
Desc: "GitHub App private key file path",
},
{
Long: "enterprise-url",
Type: plugin.FlagType_String,
Default: "",
Desc: "GitHub Enterprise Server URL",
},
},
},
},
AssetUrlTrees: []*inventory.AssetUrlBranch{
{
PathSegments: []string{"technology=saas", "provider=github"},
Key: "organization",
Title: "Organization",
Values: map[string]*inventory.AssetUrlBranch{
"organization": {
Key: "organization",
Title: "Organization",
Values: map[string]*inventory.AssetUrlBranch{
"organization": nil,
"*": {
Key: "repository",
Title: "Repository",
Values: map[string]*inventory.AssetUrlBranch{
"*": nil,
},
},
},
},
"user": {
Key: "user",
Title: "User",
Values: map[string]*inventory.AssetUrlBranch{
"*": nil,
},
},
},
},
},
}