Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/dxw/security-alert-notifier

Icinga plugin to fetch security vulnerabilities for a GitHub organization.
https://github.com/dxw/security-alert-notifier

delivery-plus internal tech-ops

Last synced: 10 days ago
JSON representation

Icinga plugin to fetch security vulnerabilities for a GitHub organization.

Host: GitHub
URL: https://github.com/dxw/security-alert-notifier
Owner: dxw
Created: 2020-03-18T10:44:50.000Z (almost 5 years ago)
Default Branch: main
Last Pushed: 2024-10-29T12:03:27.000Z (about 2 months ago)
Last Synced: 2024-10-29T14:33:53.816Z (about 2 months ago)
Topics: delivery-plus, internal, tech-ops
Language: Ruby
Homepage:
Size: 94.7 KB
Stars: 3
Watchers: 15
Forks: 1
Open Issues: 2
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- Code of conduct: CODE_OF_CONDUCT.md
- Security: security-alert-notifier.rb

Awesome Lists containing this project

README

# GitHub Vulnerability Alert Check

Fetches a list of security vulnerabilities for repositories belonging to a
GitHub organization, using the GitHub API (v4). Designed to be used as an
[Icinga
plugin](https://icinga.com/docs/icinga2/latest/doc/05-service-monitoring/#plugin-api).

## Getting started

This repository implements the [scripts to rule them all](https://github.com/github/scripts-to-rule-them-all) pattern.

To use this code, start by cloning the repository:

```shell
$ git clone [email protected]:dxw/security-alert-notifier.git
```

Then run the relevant script to setup your environment and install dependencies:

```shell
./script/setup
```

## Usage

- Obtain a [personal GitHub OAuth
token](https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line#creating-a-token),
with the `repo` scope
- Run `security-alert-notifier.rb --token --organization ` and any
vulnerabilities that haven't been dismissed will be displayed in the console.
If there are vulnerabilities then the check will return a "Warning" status, else
"OK".

If you prefer to receive the results as a CSV file, rather than as text to STDOUT, please run:

```shell
security-alert-notifier.rb --token --organization --csv
```

## Contributing to this repository

To run the standard lint ([`standardrb`](https://github.com/testdouble/standardrb)) and unit tests for this code, run:

```shell
./script/test
```

For dxw employees, please note that this code is also used downstream in our
Chef configuration, and any changes you merge in here also need to be reflected there.
If this isn't clear to you, please speak to a colleague from Ops.