{"id":18896183,"url":"https://github.com/tenable/accurics-orb","last_synced_at":"2025-04-15T01:34:29.538Z","repository":{"id":136299407,"uuid":"285626031","full_name":"tenable/accurics-orb","owner":"tenable","description":"The Accurics CircleCI Orb scans IaC (Infrastructure as Code) to help identify vulnerabilities prior to cloud deployment.","archived":true,"fork":false,"pushed_at":"2024-07-28T01:58:13.000Z","size":39,"stargazers_count":1,"open_issues_count":12,"forks_count":4,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-30T13:37:22.555Z","etag":null,"topics":["circleci","circleci-orbs","cloud-security","iac","security","static-analysis"],"latest_commit_sha":null,"homepage":"https://www.accurics.com/","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tenable.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-08-06T17:02:34.000Z","updated_at":"2024-08-13T14:41:25.000Z","dependencies_parsed_at":"2024-06-22T15:15:11.557Z","dependency_job_id":"5b2e6268-f101-49f7-8473-b21546b2d05e","html_url":"https://github.com/tenable/accurics-orb","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tenable%2Faccurics-orb","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tenable%2Faccurics-orb/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tenable%2Faccurics-orb/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tenable%2Faccurics-orb/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tenable","download_url":"https://codeload.github.com/tenable/accurics-orb/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248989593,"owners_count":21194618,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["circleci","circleci-orbs","cloud-security","iac","security","static-analysis"],"created_at":"2024-11-08T08:32:50.018Z","updated_at":"2025-04-15T01:34:29.266Z","avatar_url":"https://github.com/tenable.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Accurics CircleCI Orb\n\n## Description\nThe Accurics CircleCI Orb runs an Accurics scan against the IaC (Infrastructure-as-Code) files found within the applied repository.\nThis Orb can be used to fail a pipeline build when violations or errors are found.\nThe scan results can be viewed in the pipeline results or in the Accurics Console itself at https://app.accurics.com\n\nSee examples below.\n\n## Setup\n\n```yaml\nversion: 2.1\norbs:\n  accurics: accurics/accurics-cli@x.y.z\nworkflows:\n  deploy:\n    jobs:\n      - accurics/accurics_scan:\n          terraform-version: latest\n          directories: ./your-root\n          plan-args: -var your-var=your-value\n          fail-on-violations: false\n          fail-on-all-errors: true\n```\n\n- Create CircleCI environmental variables to store the Environment ID and Application Token. Create two environmental variables called \"ACCURICS_API_KEY\" and \"ACCURICS_ENV_ID\" filled with the \"app\" and \"env\" values copied from the config file downloaded from the Accurics UI environment tab.\n- Add CircleCI environmental variables for your Cloud provider, e.g., AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY.\n- If not using the latest Terraform version, specify the \"terraform-version\" parameter within the build step.\n- If variables are used, add them in the \"plan-args\" parameter, along with any other command line parameters that should be passed when running \"terraform plan\" (see the example below)\n\n## Input Settings\n\n### These settings are required\n| Setting | Description |\n| -------------------- | ----------------------------------------------------------- |\n| app-id | The application token ID |\n| env-id | The environment ID |\n\n### All of the following settings are optional\n\n| Setting | Description | Default |\n| -------------------- | ----------------------------------------------------------- | --------- |\n| terraform-version | The Terraform version used to process the files in this repository | latest | \n| plan-args | The Terraform version used to process the files in this repository | | \n| directories | A list of directories to scan within this repository separated by a space | ./ | \n| fail-on-violations | Allows the Accurics CircleCI Orb to fail the build when violations are found | true |\n| fail-on-all-errors | Allows the Accurics CircleCI Orb to fail the build when any errors are encountered | true |\n\n### Notes\n- Variable values within the plan-args setting should be stripped of single-quote (') characters\n\n## Examples\n\n### Example 1:\nThis example configures an Accurics Scan with a custom Terraform version and variables. It will also fail the build on any violations or errors found.\n\n```yaml\nversion: 2.1\norbs:\n  accurics: accurics/accurics-cli@x.y.z\nworkflows:\n  deploy:\n    jobs:\n      - accurics/accurics_scan:\n          terraform-version: 0.12.24\n          plan-args: -var your-var=your-value\n          fail-on-violations: true\n```\n\n### Example 2:\nThis example configures an Accurics Scan using the latest Terraform version, custom variables, and instructs the Orb not to fail when any violations are found. This is helpful when first introducing the Orb into a new codebase and working through a large number of violations. Once the number of violations is manageable, the option can be set back to true (or removed).\n```yaml\nversion: 2.1\norbs:\n  accurics: accurics/accurics-cli@x.y.z\nworkflows:\n  deploy:\n    jobs:\n      - accurics/accurics_scan:\n          terraform-version: latest\n          directories: ./your-root\n          plan-args: '-var myvar1=val1 -var myvar2=val2'\n          fail-on-violations: false\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftenable%2Faccurics-orb","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftenable%2Faccurics-orb","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftenable%2Faccurics-orb/lists"}