Overview
Twigs can discover all repositories in your enterprise Github account as assets. This can be used for self-hosted Github instances as well. The discovery of repositories works exactly like a regular git repository (“repo” mode in twigs). All options associated with the “repo” mode such as SAST checks, IaC checks, secrets scans etc. will for Github discovery as well. Please refer to the documentation for repo mode for more details.
Authentication with Github
Supported authentication mode is using Github access tokens. These can be set up in your Github enterprise account for a given user or a Github “Organization”. Refer to this link for creating and managing Github access tokens.
The following CLI switches are important for authentication with Github Enterprise:
--gh_identityRefers to a Github user or Organization name whose repositories will be discovered
--gh_access_tokenRefers to the access token for the given identity
--gh_api_urlRefers to the URL of your Github Enterprise server if it is self hosted. Otherwise it will default to https://api.github.com/
Prerequisites
Requirements for this mode are the same as “repo” mode in twigs. Please refer to the documentation for repo mode for more details.
Steps
- You can run the command as below:
twigs github (--gh_identity {org or user name} --gh_access_token {access token})[--gh_api_url {api_url}] [other twigs options for repo mode]
After discovery is complete, you can login into ThreatWorx Console to view the newly discovered assets from your Github Enterprise account.
Example
$ twigs github --gh_identity 'threatworx_org' --gh_access_token 'ersGrxS...StrfxE'
Discover repositories for specified organization in public “github.com” as assets in ThreatWorx.