secret_scanning.go

Documentation: github.com/google/go-github/v45/github

     1  // Copyright 2022 The go-github AUTHORS. All rights reserved.
     2  //
     3  // Use of this source code is governed by a BSD-style
     4  // license that can be found in the LICENSE file.
     5  
     6  package github
     7  
     8  import (
     9  	"context"
    10  	"fmt"
    11  )
    12  
    13  // SecretScanningService handles communication with the secret scanning related
    14  // methods of the GitHub API.
    15  type SecretScanningService service
    16  
    17  // SecretScanningAlert represents a GitHub secret scanning alert.
    18  type SecretScanningAlert struct {
    19  	Number       *int       `json:"number,omitempty"`
    20  	CreatedAt    *Timestamp `json:"created_at,omitempty"`
    21  	URL          *string    `json:"url,omitempty"`
    22  	HTMLURL      *string    `json:"html_url,omitempty"`
    23  	LocationsURL *string    `json:"locations_url,omitempty"`
    24  	State        *string    `json:"state,omitempty"`
    25  	Resolution   *string    `json:"resolution,omitempty"`
    26  	ResolvedAt   *Timestamp `json:"resolved_at,omitempty"`
    27  	ResolvedBy   *User      `json:"resolved_by,omitempty"`
    28  	SecretType   *string    `json:"secret_type,omitempty"`
    29  	Secret       *string    `json:"secret,omitempty"`
    30  }
    31  
    32  // SecretScanningAlertLocation represents the location for a secret scanning alert.
    33  type SecretScanningAlertLocation struct {
    34  	Type    *string                             `json:"type,omitempty"`
    35  	Details *SecretScanningAlertLocationDetails `json:"details,omitempty"`
    36  }
    37  
    38  // SecretScanningAlertLocationDetails represents the location details for a secret scanning alert.
    39  type SecretScanningAlertLocationDetails struct {
    40  	Path        *string `json:"path,omitempty"`
    41  	Startline   *int    `json:"start_line,omitempty"`
    42  	EndLine     *int    `json:"end_line,omitempty"`
    43  	StartColumn *int    `json:"start_column,omitempty"`
    44  	EndColumn   *int    `json:"end_column,omitempty"`
    45  	BlobSHA     *string `json:"blob_sha,omitempty"`
    46  	BlobURL     *string `json:"blob_url,omitempty"`
    47  	CommitSHA   *string `json:"commit_sha,omitempty"`
    48  	CommitURL   *string `json:"commit_url,omitempty"`
    49  }
    50  
    51  // SecretScanningAlertListOptions specifies optional parameters to the SecretScanningService.ListAlertsForEnterprise method.
    52  type SecretScanningAlertListOptions struct {
    53  	// State of the secret scanning alerts to list. Set to open or resolved to only list secret scanning alerts in a specific state.
    54  	State string `url:"state,omitempty"`
    55  
    56  	// A comma-separated list of secret types to return. By default all secret types are returned.
    57  	SecretType string `url:"secret_type,omitempty"`
    58  
    59  	// A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed.
    60  	// Valid resolutions are false_positive, wont_fix, revoked, pattern_edited, pattern_deleted or used_in_tests.
    61  	Resolution string `url:"resolution,omitempty"`
    62  
    63  	ListCursorOptions
    64  }
    65  
    66  // SecretScanningAlertUpdateOptions specifies optional parameters to the SecretScanningService.UpdateAlert method.
    67  type SecretScanningAlertUpdateOptions struct {
    68  	// Required. Sets the state of the secret scanning alert. Can be either open or resolved.
    69  	// You must provide resolution when you set the state to resolved.
    70  	State *string `url:"state,omitempty"`
    71  
    72  	// A comma-separated list of secret types to return. By default all secret types are returned.
    73  	SecretType *string `url:"secret_type,omitempty"`
    74  
    75  	// Required when the state is resolved. The reason for resolving the alert. Can be one of false_positive,
    76  	// wont_fix, revoked, or used_in_tests.
    77  	Resolution *string `url:"resolution,omitempty"`
    78  }
    79  
    80  // Lists secret scanning alerts for eligible repositories in an enterprise, from newest to oldest.
    81  //
    82  // To use this endpoint, you must be a member of the enterprise, and you must use an access token with the repo scope or
    83  // security_events scope. Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager.
    84  //
    85  // GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#list-secret-scanning-alerts-for-an-enterprise
    86  func (s *SecretScanningService) ListAlertsForEnterprise(ctx context.Context, enterprise string, opts *SecretScanningAlertListOptions) ([]*SecretScanningAlert, *Response, error) {
    87  	u := fmt.Sprintf("enterprises/%v/secret-scanning/alerts", enterprise)
    88  	u, err := addOptions(u, opts)
    89  	if err != nil {
    90  		return nil, nil, err
    91  	}
    92  
    93  	req, err := s.client.NewRequest("GET", u, nil)
    94  	if err != nil {
    95  		return nil, nil, err
    96  	}
    97  
    98  	var alerts []*SecretScanningAlert
    99  	resp, err := s.client.Do(ctx, req, &alerts)
   100  	if err != nil {
   101  		return nil, resp, err
   102  	}
   103  
   104  	return alerts, resp, nil
   105  }
   106  
   107  // Lists secret scanning alerts for eligible repositories in an organization, from newest to oldest.
   108  //
   109  // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
   110  // the repo scope or security_events scope.
   111  //
   112  // GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#list-secret-scanning-alerts-for-an-organization
   113  func (s *SecretScanningService) ListAlertsForOrg(ctx context.Context, org string, opts *SecretScanningAlertListOptions) ([]*SecretScanningAlert, *Response, error) {
   114  	u := fmt.Sprintf("orgs/%v/secret-scanning/alerts", org)
   115  	u, err := addOptions(u, opts)
   116  	if err != nil {
   117  		return nil, nil, err
   118  	}
   119  
   120  	req, err := s.client.NewRequest("GET", u, nil)
   121  	if err != nil {
   122  		return nil, nil, err
   123  	}
   124  
   125  	var alerts []*SecretScanningAlert
   126  	resp, err := s.client.Do(ctx, req, &alerts)
   127  	if err != nil {
   128  		return nil, resp, err
   129  	}
   130  
   131  	return alerts, resp, nil
   132  }
   133  
   134  // Lists secret scanning alerts for a private repository, from newest to oldest.
   135  //
   136  // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
   137  // the repo scope or security_events scope.
   138  //
   139  // GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#list-secret-scanning-alerts-for-a-repository
   140  func (s *SecretScanningService) ListAlertsForRepo(ctx context.Context, owner, repo string, opts *SecretScanningAlertListOptions) ([]*SecretScanningAlert, *Response, error) {
   141  	u := fmt.Sprintf("repos/%v/%v/secret-scanning/alerts", owner, repo)
   142  	u, err := addOptions(u, opts)
   143  	if err != nil {
   144  		return nil, nil, err
   145  	}
   146  
   147  	req, err := s.client.NewRequest("GET", u, nil)
   148  	if err != nil {
   149  		return nil, nil, err
   150  	}
   151  
   152  	var alerts []*SecretScanningAlert
   153  	resp, err := s.client.Do(ctx, req, &alerts)
   154  	if err != nil {
   155  		return nil, resp, err
   156  	}
   157  
   158  	return alerts, resp, nil
   159  }
   160  
   161  // Gets a single secret scanning alert detected in a private repository.
   162  //
   163  // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
   164  // the repo scope or security_events scope.
   165  //
   166  // GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#get-a-secret-scanning-alert
   167  func (s *SecretScanningService) GetAlert(ctx context.Context, owner, repo string, number int64) (*SecretScanningAlert, *Response, error) {
   168  	u := fmt.Sprintf("repos/%v/%v/secret-scanning/alerts/%v", owner, repo, number)
   169  
   170  	req, err := s.client.NewRequest("GET", u, nil)
   171  	if err != nil {
   172  		return nil, nil, err
   173  	}
   174  
   175  	var alert *SecretScanningAlert
   176  	resp, err := s.client.Do(ctx, req, &alert)
   177  	if err != nil {
   178  		return nil, resp, err
   179  	}
   180  
   181  	return alert, resp, nil
   182  }
   183  
   184  // Updates the status of a secret scanning alert in a private repository.
   185  //
   186  // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
   187  // the repo scope or security_events scope.
   188  //
   189  // GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#update-a-secret-scanning-alert
   190  func (s *SecretScanningService) UpdateAlert(ctx context.Context, owner, repo string, number int64, opts *SecretScanningAlertUpdateOptions) (*SecretScanningAlert, *Response, error) {
   191  	u := fmt.Sprintf("repos/%v/%v/secret-scanning/alerts/%v", owner, repo, number)
   192  
   193  	req, err := s.client.NewRequest("PATCH", u, opts)
   194  	if err != nil {
   195  		return nil, nil, err
   196  	}
   197  
   198  	var alert *SecretScanningAlert
   199  	resp, err := s.client.Do(ctx, req, &alert)
   200  	if err != nil {
   201  		return nil, resp, err
   202  	}
   203  
   204  	return alert, resp, nil
   205  }
   206  
   207  // Lists all locations for a given secret scanning alert for a private repository.
   208  //
   209  // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
   210  // the repo scope or security_events scope.
   211  //
   212  // GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#list-locations-for-a-secret-scanning-alert
   213  func (s *SecretScanningService) ListLocationsForAlert(ctx context.Context, owner, repo string, number int64, opts *ListOptions) ([]*SecretScanningAlertLocation, *Response, error) {
   214  	u := fmt.Sprintf("repos/%v/%v/secret-scanning/alerts/%v/locations", owner, repo, number)
   215  	u, err := addOptions(u, opts)
   216  	if err != nil {
   217  		return nil, nil, err
   218  	}
   219  
   220  	req, err := s.client.NewRequest("GET", u, nil)
   221  	if err != nil {
   222  		return nil, nil, err
   223  	}
   224  
   225  	var locations []*SecretScanningAlertLocation
   226  	resp, err := s.client.Do(ctx, req, &locations)
   227  	if err != nil {
   228  		return nil, resp, err
   229  	}
   230  
   231  	return locations, resp, nil
   232  }
   233
View as plain text