secret_scanning.go

Documentation: github.com/google/go-github/v55/github

     1  // Copyright 2022 The go-github AUTHORS. All rights reserved.
     2  //
     3  // Use of this source code is governed by a BSD-style
     4  // license that can be found in the LICENSE file.
     5  
     6  package github
     7  
     8  import (
     9  	"context"
    10  	"fmt"
    11  )
    12  
    13  // SecretScanningService handles communication with the secret scanning related
    14  // methods of the GitHub API.
    15  type SecretScanningService service
    16  
    17  // SecretScanningAlert represents a GitHub secret scanning alert.
    18  type SecretScanningAlert struct {
    19  	Number                *int        `json:"number,omitempty"`
    20  	CreatedAt             *Timestamp  `json:"created_at,omitempty"`
    21  	URL                   *string     `json:"url,omitempty"`
    22  	HTMLURL               *string     `json:"html_url,omitempty"`
    23  	LocationsURL          *string     `json:"locations_url,omitempty"`
    24  	State                 *string     `json:"state,omitempty"`
    25  	Resolution            *string     `json:"resolution,omitempty"`
    26  	ResolvedAt            *Timestamp  `json:"resolved_at,omitempty"`
    27  	ResolvedBy            *User       `json:"resolved_by,omitempty"`
    28  	SecretType            *string     `json:"secret_type,omitempty"`
    29  	SecretTypeDisplayName *string     `json:"secret_type_display_name,omitempty"`
    30  	Secret                *string     `json:"secret,omitempty"`
    31  	Repository            *Repository `json:"repository,omitempty"`
    32  }
    33  
    34  // SecretScanningAlertLocation represents the location for a secret scanning alert.
    35  type SecretScanningAlertLocation struct {
    36  	Type    *string                             `json:"type,omitempty"`
    37  	Details *SecretScanningAlertLocationDetails `json:"details,omitempty"`
    38  }
    39  
    40  // SecretScanningAlertLocationDetails represents the location details for a secret scanning alert.
    41  type SecretScanningAlertLocationDetails struct {
    42  	Path        *string `json:"path,omitempty"`
    43  	Startline   *int    `json:"start_line,omitempty"`
    44  	EndLine     *int    `json:"end_line,omitempty"`
    45  	StartColumn *int    `json:"start_column,omitempty"`
    46  	EndColumn   *int    `json:"end_column,omitempty"`
    47  	BlobSHA     *string `json:"blob_sha,omitempty"`
    48  	BlobURL     *string `json:"blob_url,omitempty"`
    49  	CommitSHA   *string `json:"commit_sha,omitempty"`
    50  	CommitURL   *string `json:"commit_url,omitempty"`
    51  }
    52  
    53  // SecretScanningAlertListOptions specifies optional parameters to the SecretScanningService.ListAlertsForEnterprise method.
    54  type SecretScanningAlertListOptions struct {
    55  	// State of the secret scanning alerts to list. Set to open or resolved to only list secret scanning alerts in a specific state.
    56  	State string `url:"state,omitempty"`
    57  
    58  	// A comma-separated list of secret types to return. By default all secret types are returned.
    59  	SecretType string `url:"secret_type,omitempty"`
    60  
    61  	// A comma-separated list of resolutions. Only secret scanning alerts with one of these resolutions are listed.
    62  	// Valid resolutions are false_positive, wont_fix, revoked, pattern_edited, pattern_deleted or used_in_tests.
    63  	Resolution string `url:"resolution,omitempty"`
    64  
    65  	ListCursorOptions
    66  
    67  	// List options can vary on the Enterprise type.
    68  	// On Enterprise Cloud, Secret Scan alerts support requesting by page number
    69  	// along with providing a cursor for an "after" param.
    70  	// See: https://docs.github.com/en/enterprise-cloud@latest/rest/secret-scanning#list-secret-scanning-alerts-for-an-organization
    71  	// Whereas on Enterprise Server, pagination is by index.
    72  	// See: https://docs.github.com/en/enterprise-server@3.6/rest/secret-scanning#list-secret-scanning-alerts-for-an-organization
    73  	ListOptions
    74  }
    75  
    76  // SecretScanningAlertUpdateOptions specifies optional parameters to the SecretScanningService.UpdateAlert method.
    77  type SecretScanningAlertUpdateOptions struct {
    78  	// Required. Sets the state of the secret scanning alert. Can be either open or resolved.
    79  	// You must provide resolution when you set the state to resolved.
    80  	State *string `url:"state,omitempty"`
    81  
    82  	// A comma-separated list of secret types to return. By default all secret types are returned.
    83  	SecretType *string `url:"secret_type,omitempty"`
    84  
    85  	// Required when the state is resolved. The reason for resolving the alert. Can be one of false_positive,
    86  	// wont_fix, revoked, or used_in_tests.
    87  	Resolution *string `url:"resolution,omitempty"`
    88  }
    89  
    90  // Lists secret scanning alerts for eligible repositories in an enterprise, from newest to oldest.
    91  //
    92  // To use this endpoint, you must be a member of the enterprise, and you must use an access token with the repo scope or
    93  // security_events scope. Alerts are only returned for organizations in the enterprise for which you are an organization owner or a security manager.
    94  //
    95  // GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#list-secret-scanning-alerts-for-an-enterprise
    96  func (s *SecretScanningService) ListAlertsForEnterprise(ctx context.Context, enterprise string, opts *SecretScanningAlertListOptions) ([]*SecretScanningAlert, *Response, error) {
    97  	u := fmt.Sprintf("enterprises/%v/secret-scanning/alerts", enterprise)
    98  	u, err := addOptions(u, opts)
    99  	if err != nil {
   100  		return nil, nil, err
   101  	}
   102  
   103  	req, err := s.client.NewRequest("GET", u, nil)
   104  	if err != nil {
   105  		return nil, nil, err
   106  	}
   107  
   108  	var alerts []*SecretScanningAlert
   109  	resp, err := s.client.Do(ctx, req, &alerts)
   110  	if err != nil {
   111  		return nil, resp, err
   112  	}
   113  
   114  	return alerts, resp, nil
   115  }
   116  
   117  // Lists secret scanning alerts for eligible repositories in an organization, from newest to oldest.
   118  //
   119  // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
   120  // the repo scope or security_events scope.
   121  //
   122  // GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#list-secret-scanning-alerts-for-an-organization
   123  func (s *SecretScanningService) ListAlertsForOrg(ctx context.Context, org string, opts *SecretScanningAlertListOptions) ([]*SecretScanningAlert, *Response, error) {
   124  	u := fmt.Sprintf("orgs/%v/secret-scanning/alerts", org)
   125  	u, err := addOptions(u, opts)
   126  	if err != nil {
   127  		return nil, nil, err
   128  	}
   129  
   130  	req, err := s.client.NewRequest("GET", u, nil)
   131  	if err != nil {
   132  		return nil, nil, err
   133  	}
   134  
   135  	var alerts []*SecretScanningAlert
   136  	resp, err := s.client.Do(ctx, req, &alerts)
   137  	if err != nil {
   138  		return nil, resp, err
   139  	}
   140  
   141  	return alerts, resp, nil
   142  }
   143  
   144  // Lists secret scanning alerts for a private repository, from newest to oldest.
   145  //
   146  // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
   147  // the repo scope or security_events scope.
   148  //
   149  // GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#list-secret-scanning-alerts-for-a-repository
   150  func (s *SecretScanningService) ListAlertsForRepo(ctx context.Context, owner, repo string, opts *SecretScanningAlertListOptions) ([]*SecretScanningAlert, *Response, error) {
   151  	u := fmt.Sprintf("repos/%v/%v/secret-scanning/alerts", owner, repo)
   152  	u, err := addOptions(u, opts)
   153  	if err != nil {
   154  		return nil, nil, err
   155  	}
   156  
   157  	req, err := s.client.NewRequest("GET", u, nil)
   158  	if err != nil {
   159  		return nil, nil, err
   160  	}
   161  
   162  	var alerts []*SecretScanningAlert
   163  	resp, err := s.client.Do(ctx, req, &alerts)
   164  	if err != nil {
   165  		return nil, resp, err
   166  	}
   167  
   168  	return alerts, resp, nil
   169  }
   170  
   171  // Gets a single secret scanning alert detected in a private repository.
   172  //
   173  // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
   174  // the repo scope or security_events scope.
   175  //
   176  // GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#get-a-secret-scanning-alert
   177  func (s *SecretScanningService) GetAlert(ctx context.Context, owner, repo string, number int64) (*SecretScanningAlert, *Response, error) {
   178  	u := fmt.Sprintf("repos/%v/%v/secret-scanning/alerts/%v", owner, repo, number)
   179  
   180  	req, err := s.client.NewRequest("GET", u, nil)
   181  	if err != nil {
   182  		return nil, nil, err
   183  	}
   184  
   185  	var alert *SecretScanningAlert
   186  	resp, err := s.client.Do(ctx, req, &alert)
   187  	if err != nil {
   188  		return nil, resp, err
   189  	}
   190  
   191  	return alert, resp, nil
   192  }
   193  
   194  // Updates the status of a secret scanning alert in a private repository.
   195  //
   196  // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
   197  // the repo scope or security_events scope.
   198  //
   199  // GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#update-a-secret-scanning-alert
   200  func (s *SecretScanningService) UpdateAlert(ctx context.Context, owner, repo string, number int64, opts *SecretScanningAlertUpdateOptions) (*SecretScanningAlert, *Response, error) {
   201  	u := fmt.Sprintf("repos/%v/%v/secret-scanning/alerts/%v", owner, repo, number)
   202  
   203  	req, err := s.client.NewRequest("PATCH", u, opts)
   204  	if err != nil {
   205  		return nil, nil, err
   206  	}
   207  
   208  	var alert *SecretScanningAlert
   209  	resp, err := s.client.Do(ctx, req, &alert)
   210  	if err != nil {
   211  		return nil, resp, err
   212  	}
   213  
   214  	return alert, resp, nil
   215  }
   216  
   217  // Lists all locations for a given secret scanning alert for a private repository.
   218  //
   219  // To use this endpoint, you must be an administrator for the repository or organization, and you must use an access token with
   220  // the repo scope or security_events scope.
   221  //
   222  // GitHub API docs: https://docs.github.com/en/enterprise-server@3.5/rest/secret-scanning#list-locations-for-a-secret-scanning-alert
   223  func (s *SecretScanningService) ListLocationsForAlert(ctx context.Context, owner, repo string, number int64, opts *ListOptions) ([]*SecretScanningAlertLocation, *Response, error) {
   224  	u := fmt.Sprintf("repos/%v/%v/secret-scanning/alerts/%v/locations", owner, repo, number)
   225  	u, err := addOptions(u, opts)
   226  	if err != nil {
   227  		return nil, nil, err
   228  	}
   229  
   230  	req, err := s.client.NewRequest("GET", u, nil)
   231  	if err != nil {
   232  		return nil, nil, err
   233  	}
   234  
   235  	var locations []*SecretScanningAlertLocation
   236  	resp, err := s.client.Do(ctx, req, &locations)
   237  	if err != nil {
   238  		return nil, resp, err
   239  	}
   240  
   241  	return locations, resp, nil
   242  }
   243
View as plain text