Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/finos/git-proxy
Deploy custom push protections and policies on top of Git
https://github.com/finos/git-proxy
gitops scans security
Last synced: about 2 months ago
JSON representation
Deploy custom push protections and policies on top of Git
- Host: GitHub
- URL: https://github.com/finos/git-proxy
- Owner: finos
- License: apache-2.0
- Created: 2020-04-17T13:38:25.000Z (over 4 years ago)
- Default Branch: main
- Last Pushed: 2024-05-22T04:50:29.000Z (4 months ago)
- Last Synced: 2024-05-22T11:31:56.012Z (4 months ago)
- Topics: gitops, scans, security
- Language: JavaScript
- Homepage: https://git-proxy.finos.org
- Size: 11.8 MB
- Stars: 78
- Watchers: 13
- Forks: 55
- Open Issues: 48
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
Awesome Lists containing this project
- awesome-ospo - (Corporate) Git Proxy - Scan outgoing attempts to push to public repository and raise compliance/info-sec friendly checks before allowing the push to complete. (GitHub Management)
README
Deploy custom push protections and policies
on top of Git
Docs
ยท
Demo
ยท
Report a bug
ยท
Suggest a new feature
[](https://community.finos.org/docs/governance/Software-Projects/stages/incubating)
[](https://www.npmjs.com/package/@finos/git-proxy)
[](https://github.com/finos/git-proxy/actions/workflows/ci.yml)
[](https://codecov.io/gh/finos/git-proxy)
[](https://git-proxy.finos.org)
[](https://github.com/finos/git-proxy/blob/main/LICENSE)
[](https://github.com/finos/git-proxy/graphs/contributors)
[](https://app.slack.com/client/T01E7QRQH97/C06LXNW0W76)
[](https://github.com/finos/git-proxy/stargazers)
[](https://github.com/finos/git-proxy/forks)
## What is GitProxy
GitProxy is an application that stands between developers and a Git remote endpoint (e.g., `github.com`). It applies rules and workflows (configurable as `plugins`) to all outgoing `git push` operations to ensure they are compliant.
The main goal of GitProxy is to marry the defacto standard Open Source developer experience (git-based workflow of branching out, submitting changes and merging back) with security and legal requirements that firms have to comply with, when operating in highly regulated industries like financial services.
That said, GitProxy can also be used on a local environment to enforce a single developer's best practices, which tends to be the easiest setup to start with and the most comfortable one to build new GitProxy plugins.
```mermaid
sequenceDiagram
actor Developer
Developer->>+Git Server: git clone
Developer->>Workstation: git remote add proxy
Developer->>+GitProxy: git push proxy
GitProxy-->>-Developer: Failed license check
Developer->>Workstation: git commit -m 'fix license issue'
Developer->>+GitProxy: git push
GitProxy-->>-Git Server: Approved
```
## Getting Started ๐
Install & run git-proxy (requires [Nodejs](https://nodejs.org/en/download/)):
```bash
$ npx -- @finos/git-proxy
```
Clone a repository, set the remote to the GitProxy URL and push your changes:
```bash
# Only HTTPS cloning is supported at the moment, see https://github.com/finos/git-proxy/issues/27.
$ git clone https://github.com/octocat/Hello-World.git && cd Hello-World
# The below command is using the GitHub official CLI to fork the repo that is cloned.
# You can also fork on the GitHub UI. For usage details on the CLI, see https://github.com/cli/cli
$ gh repo fork
โ Created fork yourGithubUser/Hello-World
...
$ git remote add proxy http://localhost:8000/yourGithubUser/Hello-World.git
# This fetches the repository's default branch and pushes it (https://stackoverflow.com/a/44750379).
$ git push proxy $(git symbolic-ref refs/remotes/origin/HEAD | sed 's@^refs/remotes/origin/@@')
```
Using the default configuration, GitProxy intercepts the push and _blocks_ it. To enable code pushing to your fork via GitProxy, add your repository URL into the GitProxy config file (`proxy.config.json`). For more information, refer to [our documentation](https://git-proxy.finos.org).
## Documentation
For detailed step-by-step instructions for how to install, deploy & configure GitProxy and
customize for your environment, see the [project's documentation](https://git-proxy.finos.org/docs/):
- [Quickstart](https://git-proxy.finos.org/docs/category/quickstart/)
- [Installation](https://git-proxy.finos.org/docs/installation)
- [Configuration](https://git-proxy.finos.org/docs/category/configuration)
## Contributing
Your contributions are at the core of making this a true open source project. Any contributions you make are **greatly appreciated**. See [`CONTRIBUTING.md`](CONTRIBUTING.md) for more information.
## Security
If you identify a security vulnerability in the codebase, please follow the steps in [`SECURITY.md`](https://github.com/finos/git-proxy/security/policy). This includes logic-based vulnerabilities and sensitive information or secrets found in code.
## Code of Conduct
We are committed to making open source an enjoyable and respectful experience for our community. See CODE_OF_CONDUCT for more information.
## License
This project is distributed under the Apache-2.0 license. See LICENSE for more information.
## Contact
Drop a note, ask a question or just say hello in our [community Slack channel](https://app.slack.com/client/T01E7QRQH97/C06LXNW0W76) ๐
If you can't access Slack, you can also [subscribe to our mailing list](mailto:[email protected]).
Join our [fortnightly Zoom meeting](https://zoom.us/j/97235277537?pwd=aDJsaE8zcDJpYW1vZHJmSTJ0RXNZUT09) on Monday, 11AM EST (odd week numbers). Send an e-mail to [[email protected]](mailto:[email protected]) to get a calendar invitation.
Otherwise, if you have a deeper query or require more support, please [raise an issue](https://github.com/finos/git-proxy/issues).