{"id":18995536,"url":"https://github.com/turbot/steampipe-mod-github-compliance","last_synced_at":"2025-04-22T13:18:54.184Z","repository":{"id":50476844,"uuid":"514372070","full_name":"turbot/steampipe-mod-github-compliance","owner":"turbot","description":"Run individual controls or full compliance benchmarks for across all of your GitHub resources using Powerpipe and Steampipe.","archived":false,"fork":false,"pushed_at":"2025-04-15T12:07:41.000Z","size":2990,"stargazers_count":8,"open_issues_count":0,"forks_count":1,"subscribers_count":6,"default_branch":"main","last_synced_at":"2025-04-22T13:18:35.102Z","etag":null,"topics":["cis","cis-benchmark","compliance","github","hacktoberfest","powerpipe","powerpipe-mod","security","sql","steampipe","steampipe-mod"],"latest_commit_sha":null,"homepage":"https://hub.powerpipe.io/mods/turbot/github_compliance","language":"Pascal","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/turbot.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-07-15T18:44:01.000Z","updated_at":"2025-04-15T12:07:07.000Z","dependencies_parsed_at":"2023-01-28T19:15:47.976Z","dependency_job_id":"8927fbca-5a35-42fb-aabc-5c39cb186a77","html_url":"https://github.com/turbot/steampipe-mod-github-compliance","commit_stats":null,"previous_names":[],"tags_count":13,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/turbot%2Fsteampipe-mod-github-compliance","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/turbot%2Fsteampipe-mod-github-compliance/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/turbot%2Fsteampipe-mod-github-compliance/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/turbot%2Fsteampipe-mod-github-compliance/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/turbot","download_url":"https://codeload.github.com/turbot/steampipe-mod-github-compliance/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250246728,"owners_count":21398919,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cis","cis-benchmark","compliance","github","hacktoberfest","powerpipe","powerpipe-mod","security","sql","steampipe","steampipe-mod"],"created_at":"2024-11-08T17:31:27.459Z","updated_at":"2025-04-22T13:18:54.156Z","avatar_url":"https://github.com/turbot.png","language":"Pascal","readme":"# GitHub Compliance Mod for Powerpipe\n\n30+ checks covering industry defined security best practices for GitHub.\n\n**Includes full support for CIS Software Supply Chain Security Guide v1.0.0**.\n\nRun checks in a dashboard:\n![image](https://raw.githubusercontent.com/turbot/steampipe-mod-github-compliance/main/docs/images/github_compliance_dashboard_cis.png)\n\nOr in a terminal:\n![image](https://raw.githubusercontent.com/turbot/steampipe-mod-github-compliance/main/docs/images/github_compliance_console.png)\n\n## Documentation\n\n- **[Benchmarks and controls →](https://hub.powerpipe.io/mods/turbot/github_compliance/controls)**\n- **[Named queries →](https://hub.powerpipe.io/mods/turbot/github_compliance/queries)**\n\n## Getting Started\n\n### Installation\n\nInstall Powerpipe (https://powerpipe.io/downloads), or use Brew:\n\n```sh\nbrew install turbot/tap/powerpipe\n```\n\nThis mod also requires [Steampipe](https://steampipe.io) with the [Github plugin](https://hub.steampipe.io/plugins/turbot/github) as the data source. Install Steampipe (https://steampipe.io/downloads), or use Brew:\n\n```sh\nbrew install turbot/tap/steampipe\nsteampipe plugin install github\n```\n\nFinally, install the mod:\n\n```sh\nmkdir dashboards\ncd dashboards\npowerpipe mod init\npowerpipe mod install github.com/turbot/steampipe-mod-github-compliance\n```\n\n### Browsing Dashboards\n\nStart Steampipe as the data source:\n\n```sh\nsteampipe service start\n```\n\nStart the dashboard server:\n\n```sh\npowerpipe server\n```\n\nBrowse and view your dashboards at **http://localhost:9033**.\n\n### Running Checks in Your Terminal\n\nInstead of running benchmarks in a dashboard, you can also run them within your\nterminal with the `powerpipe benchmark` command:\n\nList available benchmarks:\n\n```sh\npowerpipe benchmark list\n```\n\nRun a benchmark:\n\n```sh\npowerpipe benchmark run github_compliance.benchmark.cis_supply_chain_v100\n```\n\nDifferent output formats are also available, for more information please see\n[Output Formats](https://powerpipe.io/docs/reference/cli/benchmark#output-formats).\n\n### Configure Variables\n\nSeveral benchmarks have [input variables](https://powerpipe.io/docs/build/mod-variables#input-variables) that can be configured to better match your environment and requirements. Each variable has a default defined in its source file, e.g., `cis_supply_chain_v100/section_1.sp`, but these can be overwritten in several ways:\n\nIt's easiest to setup your vars file, starting with the sample:\n\n```sh\ncp powerpipe.ppvars.example powerpipe.ppvars\nvi powerpipe.ppvars\n```\n\nAlternatively you can pass variables on the command line:\n\n```sh\npowerpipe benchmark run github_compliance.benchmark.cis_supply_chain_v100 --var 'trusted_repo_admins=[\"user_1\", \"user_2\"]'\n```\n\nOr through environment variables:\n\n```sh\nexport PP_VAR_trusted_repo_admins='[\"user_1\", \"user_2\"]'\npowerpipe benchmark run github_compliance.benchmark.cis_supply_chain_v100\n```\n\nThese are only some of the ways you can set variables. For a full list, please see [Passing Input Variables](https://powerpipe.io/docs/build/mod-variables#passing-input-variables).\n\n## Open Source \u0026 Contributing\n\nThis repository is published under the [Apache 2.0 license](https://www.apache.org/licenses/LICENSE-2.0). Please see our [code of conduct](https://github.com/turbot/.github/blob/main/CODE_OF_CONDUCT.md). We look forward to collaborating with you!\n\n[Steampipe](https://steampipe.io) and [Powerpipe](https://powerpipe.io) are products produced from this open source software, exclusively by [Turbot HQ, Inc](https://turbot.com). They are distributed under our commercial terms. Others are allowed to make their own distribution of the software, but cannot use any of the Turbot trademarks, cloud services, etc. You can learn more in our [Open Source FAQ](https://turbot.com/open-source).\n\n## Get Involved\n\n**[Join #powerpipe on Slack →](https://turbot.com/community/join)**\n\nWant to help but don't know where to start? Pick up one of the `help wanted` issues:\n\n- [Powerpipe](https://github.com/turbot/powerpipe/labels/help%20wanted)\n- [GitHub Compliance Mod](https://github.com/turbot/steampipe-mod-github-compliance/labels/help%20wanted)\n","funding_links":[],"categories":["Application Security"],"sub_categories":["Supply chain security"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fturbot%2Fsteampipe-mod-github-compliance","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fturbot%2Fsteampipe-mod-github-compliance","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fturbot%2Fsteampipe-mod-github-compliance/lists"}