Documentation
Integrations

Discover APIs in a GitHub repository (Docker)

Created:
August 31, 2023
Updated:
September 18, 2024

The GitHub Repository API Discovery integration using Docker enables FireTail to scan your GitHub repositories for OpenAPI or Swagger specifications, or generate them through static code analysis. By running a Docker-based image, you can automate API discovery across multiple repositories, with each repository generating an API, and potentially multiple specifications for that API, in the FireTail SaaS platform. The integration uses GITHUB_TOKEN and FIRETAIL_APP_TOKEN for authentication and a config.yml file to specify the organizations, users, or repositories to scan. Once the Docker image completes the scan, discovered APIs and specifications are automatically populated into FireTail under the appropriate application for centralized management. To set up the integration:

Build a docker image

The docker image can be built by cloning the repository and using this docker command:


git clone git@github.com:FireTail-io/github-api-discovery.git
cd github-api-discovery
docker build --rm -t firetail-io/github-api-discovery:latest 
	// -f build_setup/Dockerfile . --target runtime

Run a test

Run a test using the Dockerfile:


  docker build --rm -t firetail-io/github-api-discovery:test-python 
  	// -f build_setup/Dockerfile . --target test-python

Run tests for the Golang analyzer separately using the Dockerfile to yield a html coverage report:


    docker build --rm -t firetail-io/github-api-discovery:test-golang -f 
    	//build_setup/Dockerfile . --target test-golang

Running the image requires two environment variables, `GITHUB_TOKEN` and `FIRETAIL_APP_TOKEN`. You can find a full list of environment variables used by the scanner below.

The scanner also requires a config file to determine the organizations, users and repositories to scan. You can find an example at config-example.yml.

Copy config-example.yml to config.yml and adjust it to your use case, then run the image using the following docker command:


      export GITHUB_TOKEN=YOUR_GITHUB_TOKEN
      export FIRETAIL_APP_TOKEN=YOUR_FIRETAIL_APP_TOKEN
      docker run --rm -e GITHUB_TOKEN=${GITHUB_TOKEN} -e 
      	// FIRETAIL_APP_TOKEN=${FIRETAIL_APP_TOKEN} --mount 
        // type=bind,source="$(pwd)"/config.yml,target=/config.yml,readonly 
        // firetail-io/github-api-discovery:latest

Environment Variables

Variable Name Description Required? Default
GITHUB_TOKEN A classic GitHub personal access token. Yes None
FIRETAIL_APP_TOKEN An app token from the Firetail SaaS platform. Yes None
FIRETAIL_API_URL The URL of the Firetail SaaS' API. No "https://api.saas.eu-west-1.prod.firetail.app"
LOGGING_LEVEL The logging level provided to python's logging library. No "INFO"
Getting Started
Organizations
Dashboard
APIs
Applications
Integrations
Actions
Specifications
Posture Management
Alerting
Code Libraries
Reporting
Python Documentation
FAQs
Related Docs
AppSync Lambda logging
View doc
Discover APIs in a GitLab repository
View doc
AWS WAFv2 IP Set
View doc
Set up a Splunk integration
View doc
Recently Updated
Glossary
View doc
Dashboard overview
View doc
API Risk Dashboard
View doc
API Risk Scoring
View doc
Set up AWS API Gateway Logging with AWS Lambda
View doc