This Docker image will discover APIs in your GitHub organization/account by scanning for OpenAPI/Swagger specifications in your repositories, as well as generating them via static code analysis. It will create an API per repository, and potentially multiple collections for that API, in the FireTail SaaS Platform.
- A 'classic' GitHub access token with
read:packagesscope- Fine-grained tokens do not currently support any
packagesscopes (link)
- Fine-grained tokens do not currently support any
- Any type of GitHub access token with
read: contentsscope for the repos you wish to scan (link)- If you use a fine-grained GitHub access token scoped to specific repos, you will have to list them individually
- A FireTail app token (link)
Create a file named config.yml (not .yaml) from the following:
# List organisations to scan their repositories
organisations: # default []
example-organisation:
# Under each org, you can skip public, private, internal, archived or fork repositories
skip_public_repositories: False # default False
skip_private_repositories: False # default False
skip_internal_repositories: False # default False
skip_archived_repositories: False # default False
skip_forks: False # default False
# List users to scan their repositories
users: # default []
example-user:
# Under each user, you can skip public, private, archived or fork repositories
skip_public_repositories: False # default False
skip_private_repositories: False # default False
skip_archived_repositories: False # default False
skip_forks: False # default False
# List individual repositories to include or exclude explicitly - has higher
# precedence than scanning via users or orgs
repositories: # default []
example-user/example-repository: exclude
example-organisation/example-repository: includeUse the repositories block when using a fine-grained access token without access to all repos.
Authenticate your docker CLI (link)
docker login \
--username ${YOUR_GITHUB_USERNAME} \
--password ${YOUR_GITHUB_CLASSIC_TOKEN} \
ghcr.ioStart the scan
docker run --rm \
--env GITHUB_TOKEN=${YOUR_GITHUB_TOKEN} \
--env FIRETAIL_APP_TOKEN=${YOUR_FIRETAIL_APP_TOKEN} \
--mount type=bind,source="${PWD}/config.yml",target=/config.yml,readonly \
ghcr.io/firetail-io/firetail-code-repository-scanner:latestSet via the --env flag when executing docker run
| Variable Name | Description | Required? | Default |
|---|---|---|---|
GITHUB_TOKEN |
A GitHub access token | Yes ✅ | None |
FIRETAIL_APP_TOKEN |
A FireTail app token | Yes ✅ | None |
FIRETAIL_API_URL |
The API URL for your FireTail SaaS instance | No ❌ | https://api.saas.eu-west-1.prod.firetail.app |
LOGGING_LEVEL |
The scanner's verbosity (link) | No ❌ | INFO |