-
Notifications
You must be signed in to change notification settings - Fork 7
4. Play with GitHub CLI (using GH)
- GitHub CLI: version 1.3.1 (2021-09-30)
- Ruby 2.7.1
- Python 3
Some configuration details must be defined (in _configuration.rb), like:
-
GITHUB_ORGANIZATION_NAMEto store the name of the organization -
REPOSITORIES_CLONE_LOCATION_PATHlocation of the clone sif you want to make a dump of the organisation repositories -
REPOSITORIES_CLONE_URL_JSON_KEYto choose the JSON key to get the repository URL from GitHub API
brew install ghThis project uses GitHub CLI, licensed under MIT license.
Keywords: #organisation #GitHub #repositories #clones #dump
Prerequisites: bash, python3, awk and sed commands, gh tool
This feature allows to clone all repositories of the defined GitHub organization and save them in a specific folder.
Run the following command:
bash GitHubWizard.sh backup-all-repositories-from-orgThis script will trigger the gh client which may ask you to athenticate to the GitHub API. Then the Shell script will pick configuration details from the Ruby configuration file; and triggers another Shell script for the data process. A Python code will be called too. Yep, I like scripting. And both Python, Ruby and Shell. So imagine a python eating ruby gems in a shell. Gorgeous isn't it?
You need to define in the configuration.rb files the Github organisation at GITHUB_ORGANIZATION_NAME. You have to also define the location to store clones at REPOSITORIES_CLONE_LOCATION_PATH
You should also have your git environment ready, i.e. add your SSH private key if you clone by SSH for example.
If you want to create ZIP folders for each repository, run the following Shell command in the folder containing the downloads. It will also delete all folders and keep ZIP files.
# Zip all folders
for i in */; do zip -r "${i%/}.zip" "$i"; done
# Delete all folders
for dir in `ls -l | grep ^d | awk '{print $9}'`
do
echo "Deletion of $dir..." `rm -rf $dir`
doneKeywords: #organisation #GitHub #repositories #Dependabot #vulnerabilities
Prerequisites: bash, python3, awk and sed commands, gh tool, CURL command
This feature allows to check in all repositories of the GitHub organisation if there are projects witch vulnerabilities alerts.
Run the following command:
bash GitHubWizard.sh vulnerabilities-alerts-for-all-repositoriesThis script will trigger the gh client which may ask you to authenticate to the GitHub API. Then the Shell script will pick configuration details from the Ruby configuration file; and triggers another Shell script for the data process. A Python code will be called too to process JSON sent by GitHub API.
The Python code will process JSON data, the Shell script will previously make a CURL request to to GraphQL API.
You need to define in the configuration.rb files the Github organisation at GITHUB_ORGANIZATION_NAME and also your GitHub personal token at GITHUB_PERSONAL_ACCESS_TOKEN.
You should also have your git environment ready i.e. add your SSH private key if you clone by SSH for example. gh must be installed, and python3 be ready.
You can set the EXCLUDE_GITHUB_ARCHIVED_PROJECTS_FOR_SCANS configuration variable to true to exclude from scanning the archived projects. If set to false all repositories will be scanned.
Keywords: #organisation #GitHub #repositories #leaks #gileaks
Prerequisites: bash, python3, awk and sed commands, gh tool, CURL command, gitleaks
This feature allows to check in all repositories of the GitHub organisation if there are projects witch leaks found by gitleaks command.
To install gitleaks on macOS:
brew install gitleaksRun the following command:
bash GitHubWizard.sh look-for-leaksThis script will trigger the gh client which may ask you to authenticate to the GitHub API so as to load all repositories URL. Then the Shell script will pick configuration details from the Ruby configuration file (organisation name, JSON field for repo URL, ...), and triggers gitleaks. A Python code will be called too to process JSON results and count leaks.
You need to define in the configuration.rb files the Github organisation at GITHUB_ORGANIZATION_NAME and also the REPOSITORIES_CLONE_URL_JSON_KEY (JSON key to use tog et repo URL for cloning) and the OUTPUT_DIRECTORY_NAME (name of folder with clones).
You should also have your git environment ready i.e. add your SSH private key if you clone by SSH for example. gh must be installed, and python3 be ready.
You can set the EXCLUDE_GITHUB_ARCHIVED_PROJECTS_FOR_SCANS configuration variable to true to exclude from scanning the archived projects. If set to false all repositories will be scanned.