From 88089eba119da7ff95a029793772f3e93efc557c Mon Sep 17 00:00:00 2001 From: noamd Date: Sun, 14 Apr 2024 18:38:42 +0300 Subject: [PATCH 1/3] filter our archived repositories --- internal/collectors/github/repository_collector.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/collectors/github/repository_collector.go b/internal/collectors/github/repository_collector.go index 0d63c242..227c914f 100644 --- a/internal/collectors/github/repository_collector.go +++ b/internal/collectors/github/repository_collector.go @@ -44,7 +44,7 @@ type totalCountRepoQuery struct { Organization struct { Repositories struct { TotalCount githubv4.Int - } `graphql:"repositories(first: 1)"` + } `graphql:"repositories(first: 1, isArchived: false)"` } `graphql:"organization(login: $login)"` } @@ -180,7 +180,7 @@ type repoQuery struct { Repositories struct { PageInfo ghcollected.GitHubQLPageInfo Nodes []ghcollected.GitHubQLRepository - } `graphql:"repositories(first: 50, after: $repositoryCursor)"` + } `graphql:"repositories(first: 50, after: $repositoryCursor, isArchived: false)"` } `graphql:"organization(login: $login)"` } From 67b72df815b1a70961cf2566c1630c27e5a3deed Mon Sep 17 00:00:00 2001 From: noamd Date: Mon, 15 Apr 2024 07:58:56 +0300 Subject: [PATCH 2/3] update readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index d9717238..53486b8d 100644 --- a/README.md +++ b/README.md @@ -197,7 +197,7 @@ Currently, the following namespaces are supported: 1. `organization` - GitHub organization (or GitLab group) level policies (e.g., "Two-Factor Authentication Is Not Enforced for the Organization") 2. `actions` - organization GitHub Actions policies (e.g., "GitHub Actions Runs Are Not Limited To Verified Actions") 3. `member` - contributor level policies (e.g., "Stale Admin Found") -4. `repository` - GitHub repository (or GitLab Project) level policies (e.g., "Code Review By At Least Two Reviewers Is Not Enforced") +4. `repository` - GitHub repository (or GitLab Project) level policies (e.g., "Code Review By At Least Two Reviewers Is Not Enforced"). Note: Archived repositories are ignored unless specified directly via the `--repo` argument. 5. `runner_group` - runner group policies (e.g, "runner can be used by public repositories") By default, legitify will analyze all namespaces. You can limit only to selected ones with the `--namespace` flag, and then a comma separated list of the selected namespaces. From 4bf09858a39d9b5c66d4236574b09a0c67391559 Mon Sep 17 00:00:00 2001 From: noamd Date: Tue, 16 Apr 2024 08:52:46 +0300 Subject: [PATCH 3/3] readme updates --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 53486b8d..d6a48bd4 100644 --- a/README.md +++ b/README.md @@ -102,12 +102,12 @@ ARCH=darwin_arm64 SCM_TOKEN= legitify analyze ``` -By default, legitify will check the policies against all your resources (organizations, repositories, members, actions). +By default, legitify will check the policies against all your resources (organizations, repositories, members, actions). Archived repositories are skipped. You can control which resources will be analyzed with command-line flags namespace and org: - `--namespace (-n)`: will analyze policies that relate to the specified resources -- `--org`: will limit the analysis to the specified GitHub organizations or GitLab group +- `--org`: will limit the analysis to the specified GitHub organizations or GitLab group, excluding archived repositories - `--repo`: will limit the analysis to the specified GitHub repositories or GitLab projects - `--scm`: specify the source code management platform. Possible values are: `github` or `gitlab`. Defaults to `github`. Please note: when running on GitLab, `--scm gitlab` is required. - `--enterprise`: will specify which enterprises should be analyzed. Please note: in order to analyze an enterprise, an enterprise slug must be provided.