{"id":34640519,"url":"https://github.com/we45/pr-step-function-pipeline","last_synced_at":"2026-05-29T14:31:36.434Z","repository":{"id":42301138,"uuid":"234041328","full_name":"we45/pr-step-function-pipeline","owner":"we45","description":"AWS Step Function Pipeline for Python SAST and SCA","archived":false,"fork":false,"pushed_at":"2023-01-24T01:12:28.000Z","size":3792,"stargazers_count":0,"open_issues_count":15,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-12-26T06:22:42.220Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/we45.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-01-15T09:06:46.000Z","updated_at":"2020-01-15T09:06:57.000Z","dependencies_parsed_at":"2023-02-13T07:45:49.806Z","dependency_job_id":null,"html_url":"https://github.com/we45/pr-step-function-pipeline","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/we45/pr-step-function-pipeline","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/we45%2Fpr-step-function-pipeline","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/we45%2Fpr-step-function-pipeline/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/we45%2Fpr-step-function-pipeline/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/we45%2Fpr-step-function-pipeline/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/we45","download_url":"https://codeload.github.com/we45/pr-step-function-pipeline/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/we45%2Fpr-step-function-pipeline/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33657690,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-05-29T02:00:06.066Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-12-24T17:16:39.597Z","updated_at":"2026-05-29T14:31:36.406Z","avatar_url":"https://github.com/we45.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Step Functions - Github PR Scan Pipeline\n\n**This has to be run with an environment that has `awscli` pre-installed AND configured**\n\n#### Step 1 \n\n* Sign up for a Github Account\n* Generate a Github Personal Access Token like [this](https://docs.cachethq.io/docs/github-oauth-token)\n    * In the list of `scopes`, make sure you only select `public_repo`\n* Make sure you copy the Github Token somewhere on your host machine. It is not visible once you navigate away from the page/refresh the page\n* Open the lab image and open terminal in the IDE\n\n#### Step 2\n\n```bash\ncd /root\n\ngit clone https://github.com/we45/pr-step-function-pipeline\n\ncd /root/pr-step-function-pipeline\n```\n\n#### Step 3\n```bash\naws ssm put-parameter --name \"auth_token \" --value \"\u003ccopied token value\u003e\" --type \"SecureString\"\n\n```\n\n#### Step 4 \n```bash\nsls deploy\n```\n\nWait for the Stack to be deployed\n\nCopy the URL that is returned after the deployment process\n\n#### Step 5\n\n* In Github create a new project called \"python-pr-example\" and make sure to leave it private\n\n* Use this link to setup a project webhook for the project. Make sure:\n    * you set the content-type to `application/json`\n    * Paste the URL generated from your `sls deploy` as the webhook URL\n    * You can leave the `Secret` field empty although you should not do so in production\n    * Ensure that you only select the `Pull Request` option from the webhook events\n\n![PR-Drop](img/pull-request-event.png)\n\n* Once the webhook is setup, go back to your terminal in the lab image\n\n#### Step 6\n\nIn the terminal\n\n```bash\n\ncd /root\n\ngit clone https://github.com/\u003cyour-user-name\u003e/python-pr-example\n\ncd /root/python-pr-example\n```\n* Ensure you substitute `\u003cyour-user-name\u003e` with your github username\n\n#### Step 7\n\nNow lets create an obviously insecure python code snippet. \n\n\n```python\n\nimport hashlib\n\npassword = \"hello world\"\n\nhash_value = hashlib.md5(password).hexdigest()\n```\n\n* Copy the contents of the above into a file and save it as `hello.py`\n\nNow create another file \n\n```bash\necho \"pyjwt==1.5.0\" \u003e requirements.txt\n```\n\n\n#### Step 8\n* Create a branch and push it to github\n\n```bash\ngit checkout -b test\n\ngit push -u origin test\n```\n\n#### Step 9\nNow go over to github and make a pull request. \nMake sure the `compare` branch is set to `test` and the base branch is `master`\n\n![PR](img/PR.gif)\n\nOnce you are done click on the `create pull request` button\n\n#### Step 10\n\nYou should see your step functions run and write results to the PR in a few seconds. ","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwe45%2Fpr-step-function-pipeline","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwe45%2Fpr-step-function-pipeline","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwe45%2Fpr-step-function-pipeline/lists"}