-
Install (one-time setup)
- Download or clone this repository
cd github-reports
go build .
-
Create credentials (one-time setup)
-
Run! e.g.:
./github-dependabot-report --privateKeyFile=dependabot-report.2024-01-24.private-key.pem \ --appID=807018 \ --appInstallID=46514769 \ --excludeNonProd \ --excludeArchived \ --outputFile=report.html
I will provide a compiled version when I figure out how to get around the MacOS notarization issue.
Github recommends the use of Github Apps to authenticate with their REST APIs, and in fact, the ones we are using here require it, so the first thing you need to do is create a Github App. Just follow these instructions, with the following additions:
- You are creating a GitHub App owned by a personal account (step 2)
- For the Homepage URL you can really use anything you want (e.g.
https://gihub.com
) - Uncheck Active under Webhook
- In permissions, set the Repository permissions for Dependabot alerts to Read-only
- Set Where can this GitHub App be installed? to Any account
You do not need to provide any other information.
Now click on "Create Github App".
Next we need to obtain a Private Key from this Github App which we will use
later during authentication. To do this, click on Edit next to the Github App
you just created, Private keys section and click on
Generate a private key. This will download the private key to your machine
(as a .pem
file); remember where it is stored as you will need this later.
While you are on this page, also take note of your App ID which is visible at the top of this page, you will need this later as well.
Follow these instructions, with the following additions:
- in step 7, make sure you select "glcp" to install the app in the GLCP Organization.
- In step 8, select All repositories
Now click on install.
You will need a final bit of information from the installed GitHub App, namely
the Github App installation ID. The only way I have been able to retrieve this
is by going to the Settings page of the installed Github App (click on the gear
icon next to "Installed"). If you now look at the URL in the browser, you
should see https://github.com/apps/dependabot-report/installations/12345678
:
12345678
is the Github App installation ID (obviously your number will
be different).