Metadata-Version: 1.0
Name: github_vulnerability_exporter
Version: 1.4.0
Summary: UNKNOWN
Home-page: https://github.com/ZeitOnline/github_vulnerability_exporter
Author: Wolfgang Schnerring
Author-email: wolfgang.schnerring@zeit.de
License: BSD
Description: ==============================================
        Prometheus GitHub vulnerability alert exporter
        ==============================================
        
        This package exports the `Security Vulnerability Alerts`_ from GitHub for all repositories of an organization as `Prometheus`_ metrics.
        
        .. _`Security Vulnerability Alerts`: https://help.github.com/en/categories/managing-security-vulnerabilities
        .. _`Prometheus`: https://prometheus.io
        
        
        Usage
        =====
        
        Configure API token
        -------------------
        
        You'll need to provide an access token with scope ``repo`` to access the GitHub API.
        See the `GitHub documentation` for details.
        
        .. `GitHub documentation`: https://developer.github.com/v4/guides/forming-calls/#authenticating-with-graphql
        
        
        Start HTTP service
        ------------------
        
        Start the HTTP server like this::
        
            $ GITHUB_AUTHTOKEN=MYTOKEN GITHUB_OWNER=MyGitHubOrgOrUser github_vulnerability_exporter --host=127.0.0.1 --port=9597
        
        Pass ``--forked`` if you want to include forked repositories.
        
        Configure Prometheus
        --------------------
        
        ::
        
            scrape_configs:
              - job_name: 'vulnerabilities'
                scrape_interval: 1800s
                static_configs:
                  - targets: ['localhost:9597']
        
        We export one metric, a gauge called ``github_vulnerability_alerts``,
        with labels ``{repository="MyGitHubOrgOrUser/my-repository-name, status="active|dismissed"}``.
        
        Additionally, a ``ghvuln_scrape_duration_seconds`` gauge is exported.
        
        
        CHANGES
        =======
        
        
        1.4.0 (2019-06-07)
        ------------------
        
        - Support collecting data for repositories of either an organization or a user
        
        
        1.3.0 (2019-06-07)
        ------------------
        
        - Make listen host configurable
        
        
        1.2.0 (2019-06-07)
        ------------------
        
        - Add `status` label to differentiate between active and dismissed alerts
        
        
        1.1.0 (2019-06-07)
        ------------------
        
        - Allow configuring via environment variables as well as command line parameters
        
        
        1.0.1 (2019-06-07)
        ------------------
        
        - Increase repository query batch size.
        
        
        1.0.0 (2019-06-06)
        ------------------
        
        - First release.
        
Platform: UNKNOWN
