Skip to content

Latest commit

 

History

History
58 lines (40 loc) · 2.74 KB

README.md

File metadata and controls

58 lines (40 loc) · 2.74 KB

LFX Security Snyk SCM Refresh Lambda

License: MIT Build PR Build PR Build PR Build PR

This is a wrapper lambda for the Snyk SCM refresh python tool which cleans up the Snyk projects after a successful scan.

The Snyk SCM tool keeps Snyk projects in sync with their associated Github repos.

For repos with at least 1 project already in Snyk:

  • Detect and import new manifests
  • Remove projects for manifests that no longer exist
  • Update projects when a repo has been renamed
  • Detect and update default branch change (not renaming)
  • Enable Snyk Code analysis for repos
  • Detect deleted repos and log for review

Prerequisites

  • Python 3.9 (the Snyk SCM tool does not work with Python 3.10)

Deployment

yarn deploy:dev

Command Line Testing

# First: Log into your AWS account for the appropriate environment
# Second: invoke using the desired payload, ensure github_enterprise_token, one can add extra params like repo_name, org_id for 
aws --region us-east-2 lambda invoke \
  --function-name lfx-security-snyk-scm-refresh \
  --cli-binary-format raw-in-base64-out \
  --payload '{"github_enterprise_token":"XXXX","repo_name":"easycla...","org_id":"org"}' \

References

License

Copyright The Linux Foundation and each contributor to LFX.

This project’s source code is licensed under the MIT License. A copy of the license is available in LICENSE.

This project’s documentation is licensed under the Creative Commons Attribution 4.0 International License (CC-BY-4.0). A copy of the license is available in LICENSE-docs.