CLI tool designed to manage tags and attributes at scale
Project description
Snyk Tags Tool
Snyk Tags is a CLI tool which can:
- Help filter Snyk projects by product type by adding product tags across a Snyk Group or Organization - using
snyk-tags tag - Help filter Snyk projects by applying tags to all projects containing a specific name
snyk-tags tag alltargets --contains-name= - Help filter Snyk projects by applying tags to a target import (for example a git repo like snyk-labs/nodejs-goof) - using
snyk-tags target tagor from a csv/json file withsnyk-tags fromfile target-tag - Help filter Snyk projects by applying attributes to a target import (for example a git repo like snyk-labs/nodejs-goof) - using
snyk-tags target attributesor from a csv/json file withsnyk-tags fromfile target-attributes - Help filter Snyk projects by adding the GitHub CODEOWNERS (only GitHub handles) as tags to the target import (must be a GitHub repo in the form snyk-labs/nodejs-goof) - using
snyk-tags target github owners - Help with tag management by removing tags from a Group or a target import (for example a git repo like snyk-labs/nodejs-goof) - using
snyk-tags target removeor listing all tags usingsnyk-tags list tags(also in bulk or from a csv/json file withsnyk-tags fromfile) - Associate Snyk Open Source, Code and Container projects with software component tags, using
snyk-tags component tag.
snyk-tags tag
snyk-tags tag is a CLI tool that uses the Snyk Project Tag API to assign tags in bulk to Snyk projects based on the product.
snyk-tags tag will update all projects of the specified product within a Snyk Group or Organization with the product's tag.
You can also specify a custom tag for the specific project types.
snyk-tags target
snyk-tags target goes through a target (repo, container, CLI import) to assign tags, attributes and assign GitHub metadata. Targets in snyk can be varied like:
- snyk-labs/nodejs-goof is the target from a git import
- library/httpd is the target from a container import
- /snyk-labs/nodejs-goof is the target from a CLI import
You can use:
snyk-tags target tagto add tags to a targetsnyk-tags target attributesto add attributes to a targetsnyk-tags target githubfor specific GitHub metadata. The GitHub repo must include the GitHub Organization e.g. snyk-labs/nodejs-goof
snyk-tags target github
To import GitHub metadata such as CODEOWNERS or Topics, you can use this command.
Requirements:
- GitHub PAT with
read:orgpermissions
Usage:
snyk-tags target github ownersto add the CODEOWNERS file information as tags (limited to GitHub handles for now)snyk-tags target github topicsto add the GitHub Topics as tags
Viewing results
Once you run snyk-tags, go into the UI, naviagate to the projects page and find the tags filter or attribute filter options on the left-hand menu. Select the tag/attribute you have applied and you will see all projects associated.
snyk-tags component tag
snyk-tags component tag automates tagging software components at scale for Snyk, based on powerful regular-expression based rules. Read more about this feature in components.
Installation and requirements
Requirements
Requires Python version above 3.8
Installation
To install the simplest way is to use pip:
pip install snyk-tags
Alternatively you can clone the repo and then run the following commands:
poetry install # To install dependencies
python -m snyk-tags # To run snyk-tags
Examples
For the following examples you will need a Snyk API token, this can either be a personal Snyk Group/Org admin or a service account, here is more information on how to generate a Snyk API token. You can then pass this token as part of the command through --snyktkn=abc or as an environment variable SNYK_TOKEN
Applying tags by Snyk product
I want to filter all my Snyk Code projects to the whole Snyk Group:
snyk-tags tag sast --group-id=abc --snyktkn=abc
I want to filter all my npm Snyk Open Source projects within a specific Snyk Organization:
snyk-tags tag sca --scatype=npm --org-id=abc --snyktkn=abc
Applying tags based on project name
I want to filter all my Snyk projects sharing a common project name substring
snyk-tags tag alltargets --contains-name=microservice --group-id=abc --org-id=abc --snyktkn=abc --tagkey=app --tagvalue=microservice
Managing tags based on target SCM repository
I want to filter all projects within my snyk-labs/nodejs-goof repo by project:snyk
snyk-tags target tag --target=snyk-labs/nodejs-goof --org-id=abc --snyktkn=abc --tagkey=project --tagvalue=snyk
I want to add attributes to all projects within my snyk-labs/python-goof repo. The attributes are critical, production, backend
snyk-tags target attributes --target=snyk-labs/python-goof --org-id=abc --snytkn=abc --criticality=critical --environment=backend --lifecycle=production
I want mark with the repo owners all projects of the repo snyk-labs/nodejs-goof so I can filter by owner e.g.Owner:EricFernandezSnyk
(to use a private GitHub instance, use --gh-base-url=<your instance's API baseurl>. Example: --gh-base-url=https://gh.local/api/v3)
snyk-tags target github owners --target=snyk-labs/nodejs-goof --org-id=abc --snyktkn=abc --githubtkn=abc
I want add my GitHub Topics to all projects of the repo snyk-labs/nodejs-goof so I can filter by topics e.g.GitHubTopic:python3
(to use a private GitHub instance, use --gh-base-url=<your instance's API baseurl>. Example: --gh-base-url=https://gh.local/api/v3)
snyk-tags target github topics --target=snyk-labs/nodejs-goof --org-id=abc --snyktkn=abc --githubtkn=abc
I want to remove the tag project:snyk from the repo snyk-labs/nodejs-goof
snyk-tags remove tag-from-target --target=snyk-labs/nodejs-goof --group-id=abc --snyktkn=abc --tagkey=project --tagkey=snyk
I want to remove the tag app:microservice from all targets within a specific Snyk Organization
snyk-tags remove tag-from-alltargets --contains-name=apps-demo --org-id=abc --tagkey=app --tagvalue=microservice
I want to filter all projects within snyk-labs/nodejs-goof and snyk-labs/goof repo by project:snyk so I use a csv in the format org-id,target,key,value
snyk-tags fromfile target-tag --file=path/to/file.csv --snyktkn
Types of projects and attributes
List of all project types
| Snyk IaC | Snyk Open Source | Snyk Container | Snyk Code |
|---|---|---|---|
| terraformconfig | maven | dockerfile | sast |
| terraformplan | npm | apk | |
| k8sconfig | nuget | deb | |
| helmconfig | gradle | rpm | |
| cloudformationconfig | pip | linux | |
| armconfig | yarn | ||
| gomodules | |||
| rubygems | |||
| composer | |||
| sbt | |||
| golangdep | |||
| cocoapods | |||
| poetry | |||
| govendor | |||
| cpp | |||
| yarn-workspace | |||
| hex | |||
| paket | |||
| golang |
List of all attributes
| Criticality | Environment | Lifecycle |
|---|---|---|
| critical | frontend | production |
| high | backend | development |
| medium | internal | sandbox |
| low | external | |
| mobile | ||
| saas | ||
| onprem | ||
| hosted | ||
| distributed |
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
