Giters

forward3d / garrison-agent-bundler-audit

Garrison Agent that runs bundle-audit against Github repositories and reports results

Home Page:https://github.com/forward3d/garrison

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

garrisongarrison-agent

Garrison Agent - Bundler Audit

This is a part of the Garrison security project. This agent provides bundler audit CVE checks against Ruby applications.

Checks Provided

Function Name Description
check_bundle_audit Alerts for any CVEs found within an Github organizations Ruby projects.

Installation & Example

Docker Hub - https://hub.docker.com/r/forward3d/garrison-agent-bundler-audit/

docker pull forward3d/garrison-agent-bundler-audit
docker run --rm -e "GARRISON_URL=https://garrison.internal.acme.com" -e "GARRISON_GITHUB_PRIVATE_KEY_BASE64=<base64 encoded private key>" -e "GARRISON_GITHUB_APP_ID=123456" forward3d/garrison-agent-bundler-audit check_bundle_audit

Agent Specific Configuration

These are additional specific configuration options for this agent. Global agent configurations still apply.

Environmental Variable Expects
GARRISON_GITHUB_PRIVATE_KEY_BASE64 Github App Private Key Base64 Encoded
GARRISON_GITHUB_APP_ID Github App ID
GARRISON_GITHUB_EXCLUDE_REPOS Comma separated list of repositories you want to exclude eg. forward3d/repo,forward/another-repo

About

Garrison Agent that runs bundle-audit against Github repositories and reports results

https://github.com/forward3d/garrison

garrisongarrison-agent

Languages

Language:Ruby 89.2%Language:Dockerfile 10.8%