This Python application lists the GitHub Container Registries (GHCR) for a specified GitHub organization. It utilizes the GitHub API to fetch registry details and supports limiting the number of registries returned. It also onboard these registries to Prisma Cloud for periodic vulnerability scans.
- Fetch GHCR details for a specific GitHub organization.
- Limit the number of registries returned.
- Onboard GHCR registries to Prisma Cloud
- Debug logging for troubleshooting and development purposes.
Before running this application, ensure you have the following:
- Python 3.9 or higher installed.
- A GitHub Personal Access Token with permissions to access the organization's packages.
- Prisma Cloud Access Key and Secret Key for vulnerability scanning integration.
-
Generate a GitHub Personal Access Token:
Ensure the token has read:packages permission to interact with GitHub Package Registry. -
Create Prisma Cloud Access Keys:
Obtain your access key and secret from your Prisma Cloud console to enable API interactions. -
Fork and Configure the Repository:
Fork this repository and configure the necessary secrets for automation:MY_GITHUB_PAT #Your GitHub Personal Access Token. PRISMA_API_URL #Your Prisma Cloud API URL. PRISMA_ACCESS_KEY #Your Prisma Cloud Access Key. PRISMA_SECRET_KEY #Your Prisma Cloud Secret Key.
Run the script from the command line, providing the necessary arguments:
python main.py -o <OrganizationName> -t <GHCRTokenName> -l <Limit> --debug