github-issue-opener

command module
v0.0.0-...-a53bbd7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 5, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

README

GitHub Issue Opener

This demo application shows how users can write a very simple application that authenticates Chainguard webhook requests for continuous verification policy violations, and turns them into GitHub issues.

Usage

You can use this terraform module to deploy this integration by instantiating it like this:

# TODO: pre-reqs like ko/google providers.

module "issue-opener" {
  source = "github.com/chainguard-dev/platform-examples//github-issue-opener/iac"

  # name is used to prefix resources created by this demo application
  # where possible.
  name = "chainguard-dev"

  # This is the GCP project ID in which certain resource will live including:
  #  - The container image for this application,
  #  - The Cloud Run service hosting this application,
  #  - The Secret Manager secret holding the github access token
  #    for opening issues.
  project_id = var.gcp_project_id

  # The Chainguard IAM group from which we expect to receive events.
  # This is used to authenticate that the Chainguard events are intended
  # for you, and not another user.
  group = var.chainguard_iam_group

  # These describe the github organization and repository in which github issues
  # will be opened.
  github_org  = "chainguard-dev"
  github_repo = "mono"

  # These are the labels that get applied to opened issues.
  labels = "label1,label2,label3"
}

Once things have been provisioned, this module outputs a secret-command containing the command to run to upload your GitHub "personal access token" to the Google Secret Manager secret the application will use, looking something like this:

echo -n YOUR GITHUB PAT | \
  gcloud --project ... secrets versions add ... --data-file=-

The personal access token needs permission to open issues on the target repository.

That's it! Now policy failures during continuous verification will open github issues outlining the policy violation.

Documentation

The Go Gopher

There is no documentation for this package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL