Mods

turbot/github_sherlock

GitHub
Overview
4Dashboards
34Controls
0Queries
0Variables
GitHub
Loading controls...
On This Page
Description
Usage
Plugins & Tables
SQL
Get Involved
Edit on GitHub
Discuss on Slack

Control: No outside collaborators should have access in each private repository

Description

Outside collaborators should not have access to private repository content.

Usage

Run the control in your terminal:

steampipe check github_sherlock.control.private_repo_no_outside_collaborators

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share github_sherlock.control.private_repo_no_outside_collaborators

Plugins & Tables

github_my_repository
github_repository_collaborator
GitHub plugin

SQL

select
  r.url as resource,
  case
    when count(c.user_login) = 0 then 'ok'
    else 'alarm'
  end as status,
  r.name_with_owner || ' has ' || count(c.user_login) :: text || ' outside collaborator(s).' as reason,
  r.name_with_owner
from
  github_my_repository r
  left outer join github_repository_collaborator c on r.name_with_owner = c.repository_full_name
  and c.affiliation = 'OUTSIDE'
where
  r.visibility = 'PRIVATE'
  and r.is_fork = false
group by
  name_with_owner,
  url