octovy

command module

v0.2.0 Latest Latest Go to latest Published: Sep 18, 2023 License: Apache-2.0 Imports: 2 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/m-mizutani/octovy

Links

Open Source Insights

README ¶

Octovy

Octovy is a GitHub application designed to identify and alert you to any dependencies in your repository that could be potentially vulnerable. It uses trivy for detection and then stores the results in a database for your reference.

architecture

Setup

1. Creating a GitHub App

Start by creating a GitHub App here. You can use any name and description you like. However, ensure you set the following configurations:

General
- Webhook URL: https://<your domain>/webhook/github
- Webhook secret: A string of your choosing (e.g. mysecret_XOIJPOIFEA)
Permissions & events
- Repository Permissions
  - Contents: Set to Read-only
  - Metadata: Set to Read-only
  - Pull Requests: Set to Read & Write
- Subscribe to events
  - Pull request
  - Push

Once complete, note down the following information from the General section for later:

App ID (e.g. 123456)
Private Key: Click Generate a private key and download the key file (e.g. your-app-name.2023-08-14.private-key.pem)

2. Setting Up the Database

Octovy requires a PostgreSQL database. You can use any PostgreSQL instance you like, but we recommend cloud-based database services such as Google Cloud SQL or Amazon RDS.

For database migration, sqldef is recommended. After installing sqldef, you can migrate your database schema using the command below. Be sure to replace the placeholders with your actual database information.

# NOTICE: Be careful not to save the password to shell history
$ export PGPASSWORD=[db_password]
$ psqldef -U [db_user] -p [db_port] -h [db_host] -f database/schema.sql [db_name]

3. Deploying Octovy

The recommended method of deploying Octovy is via a container image, available at ghcr.io/m-mizutani/octovy. This image is built using GitHub Actions and published to the GitHub Container Registry.

To run Octovy, set the following environment variables:

GitHub App
- OCTOVY_GITHUB_APP_ID: App ID of your GitHub App
- OCTOVY_GITHUB_APP_PRIVATE_KEY: Private key of your GitHub App
- OCTOVY_GITHUB_SECRET: Webhook secret of your GitHub App
Network
- OCTOVY_ADDR: Listening address (e.g. 0.0.0.0:8080)
Database
- OCTOVY_DB_HOST: Hostname of your PostgreSQL database
- OCTOVY_DB_PORT: Port number of your PostgreSQL database
- OCTOVY_DB_USER: Username of your PostgreSQL database
- OCTOVY_DB_PASSWORD: Password of your PostgreSQL database
- OCTOVY_DB_NAME: Database name of your PostgreSQL database
Logging
- OCTOVY_LOG_LEVEL: Log level (e.g. debug, info, warn, error)
- OCTOVY_LOG_FORMAT: Log format, recommend to use json

License

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
database
pkg
controller/cli
controller/cli/config
controller/cli/migrate
controller/cli/scan
controller/cli/serve
controller/server
domain/model
domain/types
infra
infra/db
infra/gh
infra/githubapp
infra/trivy
usecase
utils

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL