Table: github_workflow - Query GitHub Workflows using SQL
GitHub Workflows is a feature within GitHub Actions that allows you to automate, customize, and execute your software development workflows right in your repository. It provides a flexible way to build an automated software development lifecycle workflow. With GitHub Workflows, you can build, test, and deploy your code right from GitHub.
Table Usage Guide
The github_workflow table provides insights into Workflows within GitHub Actions. As a DevOps engineer, explore workflow-specific details through this table, including workflow configurations, status, and associated branches. Utilize it to monitor and manage workflows, such as those with specific event triggers, the branches associated with a workflow, and the verification of workflow configurations.
Important Notes
- You must specify the
repository_full_namecolumn inwhereorjoinclause to query the table.
Examples
List workflows
Explore the characteristics and details of workflows within a specific GitHub repository. This can help in understanding the workflow structure and any specific patterns or anomalies, thereby aiding in effective repository management.
select repository_full_name, name, path, node_id, state, urlfrom github_workflowwhere repository_full_name = 'turbot/steampipe';select repository_full_name, name, path, node_id, state, urlfrom github_workflowwhere repository_full_name = 'turbot/steampipe';Control examples
- 2.3.1 Ensure all build steps are defined as code
- 2.3.7 Ensure pipelines are automatically scanned for vulnerabilities
- 2.3.8 Ensure scanners are in place to identify and prevent sensitive data in pipeline files
- 2.4.2 Ensure all external dependencies used in the build process are locked
- 2.4.6 Ensure pipeline steps sign the SBOM produced
- 3.1.7 Ensure dependencies are pinned to a specific, verified version
- 3.2.2 Ensure packages are automatically scanned for known vulnerabilities
- 3.2.3 Ensure packages are automatically scanned for license implications
Schema for github_workflow
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
| badge_url | text | Badge URL for the workflow. | |
| created_at | timestamp with time zone | Time when the workflow was created. | |
| html_url | text | HTML URL for the workflow. | |
| id | bigint | = | Unique ID of the workflow. |
| name | text | The name of the workflow. | |
| node_id | text | Node where GitHub stores this data internally. | |
| path | text | Path of the workflow. | |
| pipeline | jsonb | Github workflow in the generic pipeline entity format to be used across CI/CD platforms. | |
| repository_full_name | text | = | Full name of the repository that contains the workflow. |
| state | text | State of the workflow. | |
| updated_at | timestamp with time zone | Time when the workflow was updated. | |
| url | text | URL of the workflow. | |
| workflow_file_content | text | Content of github workflow file in text format. | |
| workflow_file_content_json | jsonb | Content of github workflow file in the JSON format. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- githubYou can pass the configuration to the command with the --config argument:
steampipe_export_github --config '<your_config>' github_workflow