{"id":15478732,"url":"https://github.com/gr2m/github-organization-repository-auditing-action","last_synced_at":"2025-04-22T15:23:58.164Z","repository":{"id":47672117,"uuid":"362917537","full_name":"gr2m/github-organization-repository-auditing-action","owner":"gr2m","description":"A GitHub Action to audit repository access across an organization","archived":false,"fork":false,"pushed_at":"2022-09-23T19:39:52.000Z","size":180,"stargazers_count":6,"open_issues_count":1,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-10T10:41:56.120Z","etag":null,"topics":["action","auditing"],"latest_commit_sha":null,"homepage":"https://github.com/gr2m/helpdesk/issues/1","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gr2m.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-04-29T18:55:15.000Z","updated_at":"2024-06-08T23:28:56.000Z","dependencies_parsed_at":"2023-01-04T21:31:27.366Z","dependency_job_id":null,"html_url":"https://github.com/gr2m/github-organization-repository-auditing-action","commit_stats":{"total_commits":11,"total_committers":2,"mean_commits":5.5,"dds":0.09090909090909094,"last_synced_commit":"de315b9558f384f7e5940f198f0408dba381468f"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":"gr2m/hello-world-js-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gr2m%2Fgithub-organization-repository-auditing-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gr2m%2Fgithub-organization-repository-auditing-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gr2m%2Fgithub-organization-repository-auditing-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gr2m%2Fgithub-organization-repository-auditing-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gr2m","download_url":"https://codeload.github.com/gr2m/github-organization-repository-auditing-action/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249617454,"owners_count":21300683,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["action","auditing"],"created_at":"2024-10-02T04:07:07.873Z","updated_at":"2025-04-22T15:23:58.121Z","avatar_url":"https://github.com/gr2m.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Hello World Action\n\n\u003e A simple GitHub Action written in JavaScript\n\n[![Build Status](https://github.com/gr2m/github-organization-repository-auditing-action/actions/workflows/test.yml/badge.svg)](https://github.com/gr2m/github-organization-repository-auditing-action/actions/workflows/test.yml)\n\n## Setup\n\nYou can setup this action on any repository, within or outside the organization you want to audit. For the action to work, you need to create a GitHub App with the following settings:\n\n1. Webhook: remove check from `active`\n2. Repository permissions: `Administration`: `read`\n3. Organization permissions: `Members`: `read`\n4. Where can this GitHub App be installed? ` Only on this account`\n\nYou can set the name of the app to your organizations name, and set the URL either to your organization or this repository. As description you can set something such as\n\n\u003e Internal GitHub App used for auditing repository access\n\nAfter creating the app, you need to install it on your organization. Select `All repositories`.\n\nAfter installing, add two secrets to the repository you want the action to run in\n\n1. `APP_ID`: your newly created App's ID\n2. `PRIVATE_KEY`: generate a private key for your app and paste it\n\nNow create a GitHub Action workflow file at `.github/workflows/audit.yml` with the content below.\n\n## Usage\n\nYou can run the action on a [schedule](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#schedule) and manually using the [`workflow_dispatch` event](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#workflow_dispatch)\n\n```yml\nname: Audit\non:\n  schedule:\n    # Every day at 4am pacific time\n    - cron: 0 12 * * *\n  # manual trigger\n  workflow_dispatch: {}\n\njobs:\n  sayHelloWorld:\n    runs-on: ubuntu-latest\n    steps:\n      # audit repositories\n      - uses: gr2m/github-organization-repository-auditing-action@v1.x\n        id: audit\n        env:\n          APP_ID: ${{ secrets.APP_ID }}\n          PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}\n      # use the repositories JSON output\n      - run: |\n          echo '${{ steps.audit.outputs.repositories }}'\n```\n\nUse the action to write the JSON output to a logfile, together with a timestamp\n\n```yml\nname: Audit\non:\n  schedule:\n    # Every day at 4am pacific time\n    - cron: 0 12 * * *\n  # manual trigger\n  workflow_dispatch: {}\n\njobs:\n  audit:\n    runs-on: ubuntu-latest\n    steps:\n      # checkout the current repository\n      - uses: actions/checkout@v2\n      # audit all organization repositories\n      - uses: gr2m/github-organization-repository-auditing-action@v1.x\n        id: audit\n        env:\n          APP_ID: ${{ secrets.APP_ID }}\n          PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}\n      - name: Get current timestamp\n        run: echo \"::set-output name=timestamp::`date -u +\"%Y-%m-%dT%H:%M:%SZ\"`\"\n        id: timestamp\n      - name: write to audit.ndjson.log\n        run: |\n          echo '{\"time\": \"${{ steps.timestamp.outputs.timestamp }}\", \"repositories\": ${{ steps.audit.outputs.repositories }} }' \u003e\u003e audit.ndjson.log\n      # commit the change\n      - run: |\n          git config user.name github-actions\n          git config user.email github-actions@github.com\n          git add audit.ndjson.log\n          git commit audit.ndjson.log -m \"log update\"\n          git push\n```\n\n## How it works\n\nThis action is using the GitHub App SDK from [`octokit`](https://github.com/octokit/octokit.js/#app-client). It iterates through all repositories the app is installed an, loads all teams with their permissions, and writes a resulting `repositories` array to the GitHub Action step output using [`@actions/core`](https://github.com/actions/toolkit/tree/main/packages/core).\n\nThe entire code is in [`index.js`](index.js)\n\n## License\n\n[ISC](LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgr2m%2Fgithub-organization-repository-auditing-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgr2m%2Fgithub-organization-repository-auditing-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgr2m%2Fgithub-organization-repository-auditing-action/lists"}