git-multi-exec
is a tool to run a command in a local clone of a git repository.
By default it will run spectral scan --include-tags base,audit,iac
against each repo.
The repositories are collected recursively from the top, based on available permissions.
pip install git+https://github.com/Cloud-Security-Architects/git-multi-exec
-
Configure credentials for your Git SaaS platforms as environment variables.
BITBUCKET_USER= BITBUCKET_PAT= GITLAB_PAT= GITHUB_PAT=
-
Run
git-multi-exec <platform>
with platform being one ofgithub
,gitlab
orbitbucket
.By default it will run
spectral scan --include-tags base,audit,iac
- repo
- read:org
- read:user
TODO
- read_api
- read_user
- read_repository
- Account
- Read
- Workspace membership
- Read
- Projects
- Read
- Repositories
- Read
How git-multi-exec
handles each platform
Collects all organizations and descends into their repositories.
Collects all groups and descends into repositories. Subgroups are listed by the API as part of all groups.
Collects all workspaces and descends into projects and repositories.