The FireTail GitHub API Discovery Docker image automates the discovery of APIs in your GitHub organization or account. It scans for OpenAPI/Swagger specifications in your repositories and generates them via static code analysis. Each repository will have an API created in the FireTail SaaS Platform, potentially with multiple collections for that API.
Requirements
To use the FireTail API Discovery tool, you need:
- A classic GitHub access token with
read:packages
scope. - Any GitHub access token with
read:contents
scope for the repositories you wiant to scan.- If using a fine-grained token with specific repository access, you must list these repos individually.
- A FireTail app token.
Configure the scanner
1. Create a file named config.yml
(not .yaml
) with the following structure to configure which organizations, users, or individual repositories to scan:
# List organisations to scan their repositories
organisations: # default []
example-organisation:
# Under each org, you can skip public, private, internal, archived or fork repositories
skip_public_repositories: False # default False
skip_private_repositories: False # default False
skip_internal_repositories: False # default False
skip_archived_repositories: False # default False
skip_forks: False # default False
# List users to scan their repositories
users: # default []
example-user:
# Under each user, you can skip public, private, archived or fork repositories
skip_public_repositories: False # default False
skip_private_repositories: False # default False
skip_archived_repositories: False # default False
skip_forks: False # default False
# List individual repositories to include or exclude explicitly - has higher
# precedence than scanning via users or orgs
repositories: # default []
example-user/example-repository: exclude
example-organisation/example-repository: include
2. Copy the configuration example above and modify it as needed, replacing example-organisation
and example-user
with your actual GitHub organization and user names.
3. Adjust the skip_*
options and repositories
list to fit your specific requirements.
Run the scanner
Authenticate your docker CLI. Log in to Docker using your GitHub credentials:
docker login \
--username ${YOUR_GITHUB_USERNAME} \
--password ${YOUR_GITHUB_CLASSIC_TOKEN} \
ghcr.io
Start the scan. Run the scanner with the following command:
docker run --rm \
--env GITHUB_TOKEN=${YOUR_GITHUB_TOKEN} \
--env FIRETAIL_APP_TOKEN=${YOUR_FIRETAIL_APP_TOKEN} \
--mount type=bind,source="${PWD}/config.yml",target=/config.yml,readonly \
ghcr.io/firetail-io/firetail-code-repository-scanner:latest
Container environment variables
When running the Docker image, set the following environment variables using the --env
flag:
Variable Name |
Description |
Required |
Default |
GITHUB_TOKEN |
A GitHub access token |
Yes |
None |
FIRETAIL_APP_TOKEN |
A FireTail app token |
Yes |
None |
FIRETAIL_API_URL |
The API URL for your FireTail SaaS instance |
No |
https://api.saas.eu-west-1.prod.firetail.app |
LOGGING_LEVEL |
The scanner's verbosity |
No |
INFO |