{"id":34091086,"url":"https://github.com/gurdulu/virga","last_synced_at":"2026-03-17T16:39:43.113Z","repository":{"id":53534592,"uuid":"104123041","full_name":"gurdulu/virga","owner":"gurdulu","description":"Virga tests your Cloud resources","archived":false,"fork":false,"pushed_at":"2021-03-25T21:58:05.000Z","size":143,"stargazers_count":0,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2026-03-14T05:05:19.229Z","etag":null,"topics":["aws","cloud","qatools","quality-assurance","testing"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gurdulu.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":"docs/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-09-19T20:07:46.000Z","updated_at":"2019-06-08T08:27:34.000Z","dependencies_parsed_at":"2022-09-10T10:38:14.882Z","dependency_job_id":null,"html_url":"https://github.com/gurdulu/virga","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/gurdulu/virga","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gurdulu%2Fvirga","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gurdulu%2Fvirga/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gurdulu%2Fvirga/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gurdulu%2Fvirga/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gurdulu","download_url":"https://codeload.github.com/gurdulu/virga/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gurdulu%2Fvirga/sbom","scorecard":{"id":449778,"data":{"date":"2025-08-11","repo":{"name":"github.com/gurdulu/virga","commit":"4d641de30ab574823d0326b9904161aaec8845ed"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/11 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: MIT License: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":7,"reason":"3 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2020-176 / GHSA-3pqx-4fqf-j49f","Warn: Project is vulnerable to: PYSEC-2020-96 / GHSA-6757-jp84-gxfx","Warn: Project is vulnerable to: PYSEC-2021-142 / GHSA-8q59-q68h-6hv4"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 29 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-19T07:54:46.253Z","repository_id":53534592,"created_at":"2025-08-19T07:54:46.254Z","updated_at":"2025-08-19T07:54:46.254Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30627258,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-17T14:16:03.965Z","status":"ssl_error","status_checked_at":"2026-03-17T14:16:03.380Z","response_time":56,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","cloud","qatools","quality-assurance","testing"],"created_at":"2025-12-14T14:32:28.438Z","updated_at":"2026-03-17T16:39:43.105Z","avatar_url":"https://github.com/gurdulu.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Virga\n\nVirga tests your Cloud resources.\n\n[![Travis CI](https://travis-ci.org/gurdulu/virga.svg?branch=master)](https://travis-ci.org/gurdulu/virga.svg?branch=master)\n[![CodeClimate maintainability](https://api.codeclimate.com/v1/badges/a8608c689cec6ff7da0f/maintainability)](https://codeclimate.com/github/gurdulu/virga/maintainability)\n[![CodeClimate code coverage](https://api.codeclimate.com/v1/badges/a8608c689cec6ff7da0f/test_coverage)](https://codeclimate.com/github/gurdulu/virga/test_coverage)\n\n\n## What is Virga\n\n\u003e In meteorology, Virga is an observable streak or shaft of precipitation falling from a cloud that evaporates or \n\u003e sublimates before reaching the ground. \u003csmall\u003e[Wikipedia](https://en.wikipedia.org/wiki/Virga)\u003c/small\u003e\n\nThis piece of software is not about a weather phenomenon. \n\nVirga is a tool for analysing your Cloud infrastructure before the rain catastrophically reaches the ground.\n\n\n\u003ca name=\"pre-alpha\"\u003e\u003c/a\u003e\n## This project is still in pre-alpha\n\nThere are many things still missing:\n\n* the documentation needs to be completed\n* the definition files are just a draft for testing purposes\n\n\n## Providers supported\n\nAt the moment only [AWS](https://aws.amazon.com/).\n\n\n## Requirements\n\n* [Python](http://www.python.org/)\n* [PyYAML](http://pyyaml.org/wiki/PyYAML)\n* [JMESPath](https://github.com/jmespath/jmespath.py)\n\n### Specific for AWS\n\n* an AWS working account\n* [boto3](https://github.com/boto/boto3)\n\n\n## Quick start\n\n1. Install Virga `pip install virga`\n2. Create and edit the file `tests.yaml`\n3. Launch the command `virga-asserts -p aws -t tests.yaml`\n\n_tests.yaml_ is a [test file](#test-files).\n\n\n## Configuration files\n\nSee [This project is still in pre-alpha](#pre-alpha)\n\nThere are two types of configuration files.\n\nThe __definitions__ (see [docs/definition_file.md](docs/definition_file.md)) are specific to the provider and define \nthe way we want to filter the resources to check. These files are unlikely to be changed.\n\nThe __tests__ are the actual tests we want to implement.\n\n\u003ca name=\"test-files\"\u003e\u003c/a\u003e\n### Test files\n\nLet's start with an use case: you want to test that the subnet with the id __subnet-0123456789__ has:\n\n* the CIDR block equals to __10.0.0.0/24__\n* the tag __environment__ has value __staging__\n* the tag __Name__ has value __my-subnet__\n\nand then you want to know if the EC2 instances with the tag name starting with the value __my-app__ are in the subnet\n__my-subnet__.\n\n```yaml\nsubnets:\n- id: subnet-0123456789\n  assertions:\n  - CidrBlock=='10.0.0.0/24'\n  - Tags[?Key=='environment' \u0026\u0026 Value=='staging']\n  - Tags[?Key=='Name' \u0026\u0026 Value=='my-subnet']\n\ninstances:\n- name: my-app-*\n  assertions:\n  - SubnetId==\"_lookup('subnets', 'name', 'my-subnet')\"\n```\n\nThe keys __id__ and __name__ are identifiers declared in the definitions file.\n\nThe __assertions__ are the actual tests: each item of the list represents a condition to verify using\n[JMESPath](https://github.com/jmespath/jmespath.py). \n\nIn the assertions above there is a spurious case\n\n```yaml\nSubnetId==\"_lookup('subnets', 'name', 'my-subnet')\"\n```\n\n**_lookup** is not a standard JMESPath construct but a Virga function (see [_lookup function](#lookup-function)).\n\n\u003ca name=\"lookup-function\"\u003e\u003c/a\u003e\n### _lookup function\n\nThe **_lookup** function filters a single resource returning the ID.\n\nIn the example above instead of declaring the equality\n\n```yaml\nSubnetId==\"subnet-0123456789\"\n```\n\nwe have filtered the subnet by the __tag:Name__.\n\nThe argument passed to the function are:\n\n* the resource type\n* the identifier (eg. _name_)\n* the value to search\n\nIf no result is found, the test fails.\n\n\n## virga-asserts options\n\nFollowing the list of options of virga-asserts\n\n```text\nusage: virga-asserts [-h] -p {aws} [-t TESTFILE [TESTFILE ...]] [-d DEFINITIONS] [-l LOGFILE] [-s] [-o OUTPUT] [--debug]\n\noptional arguments:\n  -h, --help            show this help message and exit\n  -p {aws}, --provider {aws}\n                        provider\n  -t TESTFILE [TESTFILE ...], --testfile TESTFILE [TESTFILE ...]\n                        test file\n  -d DEFINITIONS, --definitions DEFINITIONS\n                        custom definitions path\n  -l LOGFILE, --logfile LOGFILE\n                        redirect the output to a log file\n  -s, --silent          do not output results\n  -o OUTPUT, --output OUTPUT\n                        save the resource info into the specified directory\n  --debug               show debug\n```\n\nThe command requires a valid provider and at least one test file (see [Test files](#test_files)).\n\n\n## Sample generation\n\nVirga comes with a tool for generating test files out of resources.\n\n__virga-samples__ requires:\n\n* a valid provider\n* the ID of the resource to exemplify\n\n### Example\n\nThe command `virga-assert -p aws -s instances -r i-0123456789` will generate a valid test file for the resource \n__i-0123456789__.\n\n### Options\n\n```text\nusage: virga-samples [-h] -p PROVIDER -s SECTION -r RESOURCE [-d DEFINITIONS]\n\noptional arguments:\n  -h, --help            show this help message and exit\n  -p PROVIDER, --provider PROVIDER\n                        provider\n  -s SECTION, --section SECTION\n                        section\n  -r RESOURCE, --resource RESOURCE\n                        resource id\n  -d DEFINITIONS, --definitions DEFINITIONS\n                        definitions path\n```\n\n## FAQ\n\nSee [This project is still in pre-alpha](#pre-alpha)\n\n### AWS credentials settings\n\nEven if [AWS](https://aws.amazon.com/) requires appropriate credentials, Virga does not explicitly requires any \ncredentials setting.\n\nThere are several ways to set AWS credentials, if you have some doubts about it, we suggest you to spend some time \nstudying this topic before using AWS.\n\nA quick way is using [AWS CLI](http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html)\n\n```bash\npip install awscli --upgrade --user\naws configure\n```\n\nFor more information refer to [boto3 documentation](http://boto3.readthedocs.io/en/latest/guide/configuration.html).\n\n### Why my test is failing\n\nSee [This project is still in pre-alpha](#pre-alpha)\n\n## Resource mapping\n\n* [List of AWS resources](docs/resource_mapping_aws.md)\n\n## Advanced topics\n\n* [Definition file](docs/definition_file.md)\n* [How to build a custom provider](docs/custom_provider.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgurdulu%2Fvirga","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgurdulu%2Fvirga","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgurdulu%2Fvirga/lists"}