Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Explain what a 2FA null for GH means + remove useless data #119

Merged
merged 2 commits into from
Dec 20, 2023
Merged

Explain what a 2FA null for GH means + remove useless data #119

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
eb2ac63
Explain what a 2FA null for GH means + remove useless data
tas50 Dec 19, 2023
86c4b86
Update core/mondoo-github-incident-response.mql.yaml
tas50 Dec 19, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
63 changes: 33 additions & 30 deletions core/mondoo-github-incident-response.mql.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ packs:
title: GitHub Organization MFA status
docs:
desc: |
This query retrieves whether MFA is required for users of the organization.
This query retrieves whether MFA is required for users of the organization. If this value is null the API token used to query the information did not have owner permissions on the organization.
tas50 marked this conversation as resolved.
Show resolved Hide resolved
mql: |
github.organization.twoFactorRequirementEnabled
- uid: mondoo-incident-response-github-org-owners
Expand All @@ -59,21 +59,25 @@ packs:
This query retrieves all GitHub organization owners.
mql: |
github.organization.owners.length
github.organization { owners { name email login } }
github.organization {
owners {
name
email
login
}
}
- uid: mondoo-incident-response-github-org-members
title: GitHub Organization Members
docs:
desc: |
This query retrieves all of the members of the GitHub organization.
mql: |
github.organization.members.length
github.organization {
members {
name
company
login
email
id
github.organization {
members {
name
login
email
}
}
- uid: mondoo-incident-response-github-org-teams
Expand All @@ -82,16 +86,15 @@ packs:
desc: |
This query retrieves all GitHub organization teams.
mql: |
github.organization {
teams {
slug
privacy
defaultPermission
members {
login
email
company
name
github.organization {
teams {
slug
privacy
defaultPermission
members {
login
email
name
}
}
}
Expand All @@ -102,11 +105,11 @@ packs:
This query retrieves all of the public repositories within the GitHub organization. The query returns the repo's name and whether the default branch is [protected](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/about-protected-branches) using protection rules.
mql: |
github.organization.repositories.
where( private == false ) {
name
where( private == false ) {
name
branches.
where( isDefault ) {
protected
where( isDefault ) {
protected
}
}
- uid: mondoo-incident-response-github-packages
Expand All @@ -115,13 +118,13 @@ packs:
desc: |
This query retrieves the packages published to GHCR.io.
mql: |
github.organization {
packages {
name
visibility
packageType
owner {
name
github.organization {
packages {
name
visibility
packageType
owner {
name
}
}
}