Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mondoo_integration_github only works with GitHub Organizations #192

Open
jeff-d opened this issue Dec 27, 2024 · 0 comments
Open

mondoo_integration_github only works with GitHub Organizations #192

jeff-d opened this issue Dec 27, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@jeff-d
Copy link
Contributor

jeff-d commented Dec 27, 2024

Describe the bug
Creating the Mondoo GitHub Integration via the UI offers the choice to designate whether the target is an Organization or a single Repository.

The mondoo_integration_github resource to create this integration does not have a schema property to designate whether the integration is for a GitHub Organization vs a single Repository. The created terraform resource shows up as type "Organization" in Mondoo.

When using a personal GitHub account, terraform creates the integration, but it is in an error state:

Error
Rpc error: code = Unknown desc = GET https://api.github.com/orgs/my-github-username: 404 Not Found []

(see screenshot below)

To Reproduce
Use a personal github.com account, not an organization. Generate a PAT (I used a classic one, but would expect the same issue with a fine-grained token).

Use the following terraform configuration:

variable "github_owner" {
  description = "a GitHub Organization or Account"
  type        = string
  default     = ""
}

variable "github_token" {
  description = "the classic or fine-grained PAT for a GitHub Organization"
  type        = string
  sensitive   = true
  default     = ""
}

variable "github_repositories" {
  type        = list(string)
  description = "A list of specific repositories to scan. If blank, Mondoo will scan all repositories in the Organization or Account. Each will become a Mondoo Asset registered to the Space created by mondoo_space.demo."
  default     = []
}

resource "mondoo_integration_github" "demo" {
  count                 = var.github_owner != "" && var.github_token != "" ? 1 : 0
  name                  = var.github_owner
  owner                 = var.github_owner
  space_id              = mondoo_space.demo.id
  repository_allow_list = length(toset(var.github_repositories)) == 0 ? null : toset(var.github_repositories)
  credentials = {
    token = var.github_token
  }
}

Expected behavior
A non-erroring Mondoo GitHub integration that scans all repos in the personal github.com account at URL https://www.github.com/owner (where owner is provided using var.github_owner).

If repository_allow_list is used, the integration scans only those repository names fed to the list via var.github_repositories.

Screenshots or CLI Output
Image

Desktop (please complete the following information):

  • OS: macOS
  • OS Version: 15.2 (Sequoia)
  • terraform version:
Terraform v1.5.7
on darwin_arm64
+ provider registry.terraform.io/mondoohq/mondoo v0.19.2
@jeff-d jeff-d added the bug Something isn't working label Dec 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jeff-d