- Notifications
You must be signed in to change notification settings - Fork1
Microsoft Teams notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
License
advanced-security/teams-secret-scanning-notifier-azure-function
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Warning
This is anunofficial tool created by Field Security Specialists, and is not officially supported by GitHub.
This project sends notifications to aMicrosoft Teams channel when a secret scanning event happens inGitHub Advanced Security.
It is implemented as anAzure Function, and installed as aGitHub App. It uses a Teams incoming webhook.
It needs you to deploy the function on Azure, and to create a GitHub App and install it on an org or repo.
Warning
This is anunofficial tool created by Field Security Specialists, and is not officially supported by GitHub.
The Azure Function is triggered by a GitHub webhook event, via the GitHub App.
The Function notifies a Teams channel via a Teams incoming webhook.
sequenceDiagram participant GR as GitHub repo participant GA as GitHub App participant AF as Azure Function participant TC as Teams channel GR->>GA: GitHub event GA->>AF: Triggers Azure Function AF->>TC: Sends message to Teams channel- an Azure account on an Azure subscription
- a GitHub account
- a Teams subscription
- an incoming webhook on a Teams channel
You will need to set the Teams webhook URL in the Azure Function's application settings. This is covered in theINSTALL.md file.
Before you deploy, you can choose to set a declarative filter to apply to GitHub events you receive in the Azure Functions App. This is in addition to selecting the secret scanning events in the GitHub App.
This is done in thefilter.yml file, with the format shown infilter.yml.example and below:
# Path: filter.yml# filter webhook events by type and payload, declarativelyinclude:secret_scanning_alert:action:[created, dismissed, resolved, reopened]exclude:secret_scanning_alert:action:reopenedsecret_scanning_alert_location:
The corresponding exclude filter for an event name is applied after the include filter.
This example will include any event namedsecret_scanning_alert with an action ofcreated,dismissed, orresolved,reopened and will exclude any event namedsecret_scanning_alert with an action ofreopened. It will also exclude any event namedsecret_scanning_alert_location.
The presence of an include filter here means that excludingsecret_scanning_alert_location is redundant, as it will never be included in the first place, but it is included to show the syntax.
If you do not want to use a filter, you can delete thefilter.yml file, or leave it empty.
You do not need to provide both aninclude andexclude key.
SeeINSTALL.md for details.
This project is licensed under the terms of the MIT open source license. Please refer to theLICENSE for the full terms.
SeeCODEOWNERS for the list of maintainers.
Warning
This is anunofficial tool created by Field Security Specialists, and is not officially supported by GitHub.
See theSUPPORT file.
Secret scanning events contain sensitive data that is usually only available to users with privileged access on a repository.
If you use this notifier, then anyone with access to the Azure Function's subscription may be able to get access to this data.
Anyone with access to the Teams channel may be able to get access to this data.
See theCHANGELOG,CONTRIBUTING,SECURITY,SUPPORT,CODE OF CONDUCT andPRIVACY files for more information.
About
Microsoft Teams notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
Topics
Resources
License
Code of conduct
Security policy
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Uh oh!
There was an error while loading.Please reload this page.
Contributors2
Uh oh!
There was an error while loading.Please reload this page.