Skip to content

Commit

Permalink
feat: become a gh extension
Browse files Browse the repository at this point in the history
  • Loading branch information
jef committed Sep 30, 2022
1 parent 82a370f commit 9fbedb8
Show file tree
Hide file tree
Showing 9 changed files with 273 additions and 246 deletions.
6 changes: 0 additions & 6 deletions .github/dependabot.yaml
Original file line number Diff line number Diff line change
@@ -1,11 +1,5 @@
version: 2
updates:
- package-ecosystem: "docker"
directory: "/"
schedule:
interval: "daily"
labels:
- "dependencies"
- package-ecosystem: "github-actions"
directory: "/"
schedule:
Expand Down
29 changes: 8 additions & 21 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,37 +9,24 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
uses: actions/checkout@v3
- name: Setup Go
uses: actions/setup-go@v2
uses: actions/setup-go@v3
with:
go-version: '1.16'
- name: Setup build cache
uses: actions/cache@v2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: ${{ runner.os }}-go-
go-version: "1.19"
- name: Build service
run: make build
run: go build
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
uses: actions/checkout@v3
- name: Setup Go
uses: actions/setup-go@v2
with:
go-version: '1.16'
- name: Setup build cache
uses: actions/cache@v2
uses: actions/setup-go@v3
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: ${{ runner.os }}-go-
go-version: "1.19"
- name: Lint
uses: golangci/golangci-lint-action@v2
uses: golangci/golangci-lint-action@v3
with:
args: --enable dupl,gofmt,revive
skip-go-installation: true
63 changes: 14 additions & 49 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,66 +4,31 @@ on:
branches:
- main
jobs:
release-please:
name: Run Release Please
release:
name: Create release
runs-on: ubuntu-latest
outputs:
release-created: ${{ steps.release.outputs.release_created }}
upload-url: ${{ steps.release.outputs.upload_url }}
release_created: ${{ steps.release.outputs.release_created }}
steps:
- name: Checkout repository
uses: actions/checkout@v2
uses: actions/checkout@v3
- name: Setup release please
uses: google-github-actions/release-please-action@v2
id: release
uses: google-github-actions/release-please-action@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
release-type: simple
package-name: audit-org-keys
build-publish:
name: Build and publish assets
package-name: gh-vanity
upload_assets:
name: Upload assets
runs-on: ubuntu-latest
needs: release-please
if: needs.release-please.outputs.release-created
needs: release
if: needs.release.outputs.release_created == 'true'
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Setup Go
uses: actions/setup-go@v2
uses: actions/checkout@v3
with:
go-version: '1.16'
- name: Setup build cache
uses: actions/cache@v2
fetch-depth: 0
- uses: cli/gh-extension-precompile@v1
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: ${{ runner.os }}-go-
- name: Build release assets
run: make dist
- name: Upload Windows asset
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ needs.release-please.outputs.upload-url }}
asset_path: ./audit-org-keys-windows-amd64.exe
asset_name: audit-org-keys-windows-amd64.exe
asset_content_type: application/octet-stream
- name: Upload Linux asset
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ needs.release-please.outputs.upload-url }}
asset_path: ./audit-org-keys-linux-amd64
asset_name: audit-org-keys-linux-amd64
asset_content_type: application/octet-stream
- name: Upload macOS asset
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ needs.release-please.outputs.upload-url }}
asset_path: ./audit-org-keys-darwin-amd64
asset_name: audit-org-keys-darwin-amd64
asset_content_type: application/octet-stream
go_version: "1.19"
3 changes: 2 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
.idea/
bin/

audit-org-keys
41 changes: 0 additions & 41 deletions Makefile

This file was deleted.

67 changes: 52 additions & 15 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,36 +1,73 @@
# audit-org-keys [![Release](https://img.shields.io/github/workflow/status/jef/audit-org-keys/Release?color=24292e&label=Release&logo=github&logoColor=white&style=flat-square)](https://github.com/jef/audit-org-keys/actions/workflows/release.yaml)
# gh-audit-org-keys [![Release](https://github.com/jef/gh-audit-org-keys/actions/workflows/release.yaml/badge.svg)](https://github.com/jef/gh-vanity/actions/workflows/release.yaml)

The point of this project is to help demonstrate that users of GitHub could potentially fall victim to getting their private SSH key cracked. This based on the size and complexity of the key the user generates.

Programs like `ssh2john` from **John the Ripper** can best demonstrate how fast an SSH private key can be solved from a _not so_ complex algorithm with low key lengths (think RSA < 1024 bits).

## Installation

`go get -u github.com/jef/audit-org-keys/cmd/audit_org_keys`
1. Install the `gh` cli - see the [installation](https://github.com/cli/cli#installation)

Also available under [GitHub Releases](https://github.com/jef/audit-org-keys/releases) as an executable.
_Installation requires a minimum version (2.0.0) of the GitHub CLI that supports extensions._

2. Install this extension:

```shell
gh extension install jef/gh-audit-org-keys
```

<details>
<summary><strong>Manual Installation</strong></summary>

Requirements: `cli/cli` and `go`.

1. Clone the repository

```shell
# git
git clone git@github.com:jef/gh-audit-org-keys.git

# GitHub CLI
gh repo clone jef/gh-audit-org-keys
```

2. `cd` into it

```shell
cd gh-audit-org-keys
```

3. Build it

```shell
make build
```

4. Install it locally

```shell
gh extension install .
```
</details>

## Usage

It is required that you use a GitHub Personal Access Token (PAT). You can generate one [here](https://github.com/settings/tokens/new). The required scopes are `['read:org']`. Set your PAT to environment variable `GITHUB_TOKEN`. If `GITHUB_TOKEN` isn't set, then you may not get the results you expect.
To run:

```shell
Usage of audit_org_keys:
-o, --organization string [required] GitHub organization provided to inspect
-s, --show-users all display users with filter (all, `with`, `without`, `multiple`)
gh audit-org-keys
```

### Examples
To upgrade:

- `audit-org-keys --organization="actions"`
- `audit-org-keys --organization="actions" --show-users="all"`
```sh
gh extension upgrade audit-org-keys
```

## Releases
### Examples

| Tag | Description |
|:---:|---|
| `latest` | Built against tagged releases; stable
| `nightly` | Built against HEAD; generally considered stable, but could have problems |
- `gh audit-org-keys --organization="actions"`
- `gh audit-org-keys --organization="actions" --show-users="all"`

### Acknowledgments

Expand Down
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ module github.com/jef/audit-org-keys
go 1.16

require (
github.com/cli/go-gh v0.1.1
github.com/olekukonko/tablewriter v0.0.5
github.com/rs/zerolog v1.23.0
github.com/spf13/pflag v1.0.5
github.com/spf13/cobra v1.5.0
)
Loading

0 comments on commit 9fbedb8

Please sign in to comment.