reposaur v0.7.1 releases: Audit your GitHub data using custom policies
Reposaur
Reposaur allows users and organizations to execute policies against GitHub data to generate reports, perform auditing, and more. The end-goal is to make it easy to perform such tasks in an automated way, enabling people to focus their time in solving any issues instead of looking for them (see the examples).
Features
- Write custom policies using Rego policy language (see more)
- Simple, composable, and easy-to-use CLI (see more)
- Extendable using the Go SDK
- Output reports in JSON and SARIF formats
- Use in GitHub Actions (see more)
- Policies unit testing (possible with opa test if not using built-in functions) (see #1)
- Deploy as a GitHub App (possible but no official guide yet) (see #2)
Built-in Functions
github.request
Does an HTTP request against the GitHub REST API. Usage is similar to the Octokit.js library, for example:
The response will include the following properties:
- body – The HTTP Response body
- statusCode – The HTTP Response status code
Forbidden errors are treated in a special manner and will cause policy execution to halt. Usually, these errors happen when authentication is required, a token is invalid or doesn’t have sufficient permissions, or the rate limit has been exceeded.
github.graphql
Does an HTTP request against the GitHub GraphQL API. For example:
The response will include the following properties:
- body – The HTTP Response body
- statusCode – The HTTP Response status code
Forbidden errors are treated in a special manner and will cause policy execution to halt. Usually, these errors happen when authentication is required, a token is invalid or doesn’t have sufficient permissions, or the rate limit has been exceeded.
Changelog v0.7.1
- 34a2762: fix(github/builtin): method to upper not lower (@crqra)
- 7fe2ba5: fix(github/builtin): number of func args (@crqra)
Install & Use
Copyright (c) 2022 João Cerqueira and Reposaur contributors
