No project description provided

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for wosc from gravatar.com wosc Avatar for zon-backend from gravatar.com zon-backend

Unverified details

These details have not been verified by PyPI
Project links
Meta
Report project as malware

Project description

This package exports the Security Vulnerability Alerts from GitHub for all repositories of an organization as Prometheus metrics.

Usage

Configure API token

You’ll need to provide an access token with scope repo to access the GitHub API. See the GitHub documentation for details.

Start HTTP service

Start the HTTP server like this:

$ GITHUB_AUTHTOKEN=MYTOKEN GITHUB_OWNER=MyGitHubOrgOrUser github_vulnerability_exporter --host=127.0.0.1 --port=9597

Pass --forked if you want to include forked repositories.

Configure Prometheus

scrape_configs:
  - job_name: 'vulnerabilities'
    scrape_interval: 1800s
    static_configs:
      - targets: ['localhost:9597']

We export one metric, a gauge called github_vulnerability_alerts, with labels {repository="MyGitHubOrgOrUser/my-repository-name, status="active|dismissed"}.

Additionally, a ghvuln_scrape_duration_seconds gauge is exported.

CHANGES

1.4.0 (2019-06-07)

  • Support collecting data for repositories of either an organization or a user

1.3.0 (2019-06-07)

  • Make listen host configurable

1.2.0 (2019-06-07)

  • Add status label to differentiate between active and dismissed alerts

1.1.0 (2019-06-07)

  • Allow configuring via environment variables as well as command line parameters

1.0.1 (2019-06-07)

  • Increase repository query batch size.

1.0.0 (2019-06-06)

  • First release.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for wosc from gravatar.com wosc Avatar for zon-backend from gravatar.com zon-backend

Unverified details

These details have not been verified by PyPI
Project links
Meta

Release history Release notifications | RSS feed

1.5.2

1.5.1

1.5.0

This version

1.4.0

1.3.0

1.2.0

1.1.0

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

github_vulnerability_exporter-1.4.0.tar.gz (5.3 kB view details)

Uploaded Source

File details

Details for the file github_vulnerability_exporter-1.4.0.tar.gz.

File metadata

  • Download URL: github_vulnerability_exporter-1.4.0.tar.gz
  • Upload date:
  • Size: 5.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/41.0.1 requests-toolbelt/0.9.1 tqdm/4.32.1 CPython/3.6.7

File hashes

Hashes for github_vulnerability_exporter-1.4.0.tar.gz
Algorithm Hash digest
SHA256 49d0bad9185927572b2591586dfa68ba844d0bd6a844533e8f2e8f422c447ed8
MD5 95143c158eceb7a151728f490b393ee3
BLAKE2b-256 9eb40c5bc7ba3e374f336ed5bac628eab9a30704e15537bc100773eeb01cdd5d

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page