steampipe plugin install github

Table: github_actions_repository_secret - Query GitHub Actions Repository Secrets using SQL

GitHub Actions is a service provided by GitHub that allows you to automate, customize, and execute your software development workflows right in your repository. GitHub Actions makes it easy to automate all your software workflows, now with world-class CI/CD. It enables you to build, test, and deploy your code right from GitHub.

Table Usage Guide

The github_actions_repository_secret table provides insights into secrets stored within a GitHub repository. As a security engineer, explore secret-specific details through this table, including the names of secrets and the dates they were created or updated. Utilize it to uncover information about secrets, such as those that may be outdated or unused, providing a comprehensive view of the repository's security measures.

Important Notes

  • You must specify the repository_full_name column in where or join clause to query the table.

Examples

List secrets

Explore the hidden aspects of a specific repository within the GitHub Actions environment. This is useful in assessing the security and integrity of the repository.

select
*
from
github_actions_repository_secret
where
repository_full_name = 'turbot/steampipe';
select
*
from
github_actions_repository_secret
where
repository_full_name = 'turbot/steampipe';

Schema for github_actions_repository_secret

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
created_attimestamp with time zoneTime when the secret was created.
login_idtext=, !=, ~~, ~~*, !~~, !~~*Unique identifier for the user login.
nametext=The name of the secret.
repository_full_nametext=Full name of the repository that contains the secrets.
selected_repositories_urltextThe GitHub URL of the repository.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
updated_attimestamp with time zoneTime when the secret was updated.
visibilitytextThe visibility of the secret.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- github

You can pass the configuration to the command with the --config argument:

steampipe_export_github --config '<your_config>' github_actions_repository_secret