Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/jimjohnson-dev/public-mirror-template

🔒 Reusable template system for creating secure public mirrors of private repositories with automated sanitization and GitHub Actions integration
https://github.com/jimjohnson-dev/public-mirror-template

case-study github-actions repository-template sanitization security-automation

Last synced: 3 months ago
JSON representation

🔒 Reusable template system for creating secure public mirrors of private repositories with automated sanitization and GitHub Actions integration

Awesome Lists containing this project

README 

          
# Public Mirror Template System



A reusable template system for creating secure public mirrors of private repositories with automated sanitization and security validation.



## 🎯 **Proven in Practice**



This template system **successfully sanitized itself** for public release - the ultimate validation of its effectiveness.



**📈 Results**: 60 organizational references → 0 | Zero functionality loss | 100% security validation



> **💡 Key Insight**: If the template can safely process itself, it can safely process any repository.



**📋 [View Validation Summary](VALIDATION-SUMMARY.md)** | **📊 [Complete Case Study](../../wiki/Template-Self-Sanitization-Case-Study)** | **🌐 [Full Documentation](../../wiki)**



## Quick Start



```bash

# 1. Configure your repositories

cp configs/repos-config.template.json repos-config.json

# Edit repos-config.json with your repository details



# 2. Deploy to a single repository

./scripts/setup-mirror.sh owner/repo-name



# 3. Deploy to all configured repositories

./scripts/setup-mirrors.sh repos-config.json



# 4. Update existing mirror configurations

./scripts/update-mirrors.sh repos-config.json

```



## Features



- **Security-First**: Multi-layer security validation before public exposure

- **Configurable**: Repository-specific sanitization rules and patterns

- **Automated**: GitHub Actions workflows for continuous mirroring

- **Scalable**: Deploy to multiple repositories with single command

- **Auditable**: Comprehensive logging and security reporting



## Directory Structure



```

public-mirror-template/

├── .github/workflows/       # GitHub Actions workflow templates

├── scripts/                 # Automation and deployment scripts

├── configs/                 # Configuration templates and patterns

├── docs/                    # Documentation and guides

└── README.md               # This file

```



## Security Features



- Automated secret detection (gitleaks, custom patterns)

- PII sanitization and content transformation

- Internal reference removal and domain replacements

- Manual approval gates for sensitive changes

- Rollback capabilities for security incidents



## Configuration



See `configs/repos-config.template.json` for repository configuration options.

See `docs/CONFIGURATION.md` for detailed setup instructions.



## Requirements



- GitHub CLI (`gh`) for repository management

- `jq` for JSON processing

- `envsubst` for template variable substitution

- Security scanning tools (gitleaks, etc.)



## 📚 Documentation



**🏠 [Documentation Hub](docs/README.md)** - Complete navigation guide



### Getting Started

- **[🚀 Setup Guide](docs/SETUP.md)** - Install and configure (start here!)

- **[⚙️ Configuration](docs/CONFIGURATION.md)** - Customize for your organization

- **[🔧 Troubleshooting](docs/TROUBLESHOOTING.md)** - Common issues and solutions



### Validation & Research

- **[📋 Validation Summary](VALIDATION-SUMMARY.md)** - Quick proof of effectiveness

- **[📊 Case Study](../../wiki/Template-Self-Sanitization-Case-Study)** - Complete self-sanitization analysis

- **[🔬 Research Analysis](RESEARCH-ANALYSIS.md)** - Evidence-based claims



**💬 [Discussions](../../discussions)** | **🌐 [Wiki](../../wiki)** | **🐛 [Issues](../../issues)**