docker pull ottoopensource/gitactionboard:<docker tag>docker run \
-p <host machine port>:8080 \
-e REPO_OWNER_NAME=<organization/username> \
-e REPO_NAMES=<repo names as comma separated value> \
-it ottoopensource/gitactionboard:<docker tag>
# example:
#docker run \
#--env REPO_OWNER_NAME=webpack \
#--env REPO_NAMES=webpack-cli,webpack-dev-server \
#-p 8080:8080 \
#-it ottoopensource/gitactionboard:latest| Environment variable name | Descriptions | Required | Default value | Example value |
|---|---|---|---|---|
| REPO_OWNER_NAME | Repository owner name. Generally, its either organization name or username | yes | webpack | |
| REPO_NAMES | List of name of repositories you want to monitor | yes | webpack-dev-server, webpack-cli | |
| GITHUB_ACCESS_TOKEN | Access token to fetch data from github. This is required to fetch data from a private repository when github oauth2 is disabled | no | ||
| DOMAIN_NAME | Hostname of github | no | https://api.github.com | |
| CACHE_EXPIRES_AFTER | Duration (in seconds) to cache the fetched data | no | 60 | |
| GITHUB_OAUTH2_CLIENT_ID | GitHub oauth2 client ID | no | ||
| GITHUB_OAUTH2_CLIENT_SECRET | Github oauth2 client secret | no | ||
| BASIC_AUTH_USER_DETAILS_FILE_PATH | File location for basic auth user details | no | /src/.htpasswd | |
| MS_TEAMS_NOTIFICATIONS_WEB_HOOK_URL | Web hook url to send build failure notifications on Microsoft Teams (available from v2.1.0) | no | ||
| ENABLE_GITHUB_SECRETS_SCAN_ALERTS_MONITORING | Display GitHub secret scan alerts on dashboard (available from v3.0.0) | no | false | true |
| ENABLE_GITHUB_CODE_SCAN_ALERTS_MONITORING | Display code standard violations on dashboard (available from v3.0.0) | no | false | true |
| PERIODIC_SCAN_CRON_SCHEDULE | Enable periodic scan using cron schedule (<second> <minute> <hour> <day of month> <month> <day of week>) for enabled feature. (available from v3.1.0) |
no | 0 */30 3-14 * 1-5 |
[!NOTE]\
From v2.0.0, gitactionboard has out of the box solution for authentication. Currently, there are following authentication mechanism available
Basic authentication is the simplest form of authentication. In this mechanism we make use of username and password to login.
In gitactionboard, Basic Authentication can be easily setup using BASIC_AUTH_USER_DETAILS_FILE_PATH environment variable. This file contains
username and password in <username>:<encrypted password using bcrypt> format. We can make use of Apache htpasswd to easily create this file.
You can run the following command to create the file using CLI,
htpasswd -bnBC 10 <username> <password> >> <file location>In gitactionboard, GitHub OAuth2 login can be easily setup using GITHUB_OAUTH2_CLIENT_ID and GITHUB_OAUTH2_CLIENT_SECRET environment variable.
To be able to have a valid client id and client secret from GitHub, we need to create a GitHub OAuth app first. To create a GitHub oauth app, please
follow this link.
Note
you need to add Authorization callback URL as <homepage url>/login/oauth2/code/github.
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_GITHUB_REDIRECT-URI environment variable.
GITHUB_ACCESS_TOKEN to fetch data from GitHub for private repositories.
Gitaction Board has in-built UI dashboard to visualize the build status. You can access the following endpoint for the same
http://localhost:<host machine port>
| Dark Theme | Light Theme |
|---|---|
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
From v2.0.0 onwards, preference page can be used to manage UI dashboard configuration.
Prior to v2.0.0, query params can be used to configure UI dashboard. Please find possible query params below,
| Query param name | Descriptions | Required | Default value | Example value |
|---|---|---|---|---|
| hide-healthy | Hide all the healthy builds from the dashboard | no | false | true |
| max-idle-time | Configure the max idle time (in minutes), after the given time background polling for dashboard will stop | no | 5 | 2 |
| disable-max-idle-time | Disable background polling optimisation configured using max-idle-time | no | false | true |
Once server is up, you can access the following endpoints
Access http://localhost:<host machine port>/v1/cctray.xml to get data in XML format
<Projects>
<Project name="hello-world :: hello-world-build-and-deployment :: talisman-checks" activity="Sleeping" lastBuildStatus="Success" lastBuildLabel="206" lastBuildTime="2020-09-18T06:11:41Z" webUrl="https://github.com/johndoe/hello-world/runs/1132386046" triggeredEvent="push"/>
<Project name="hello-world :: hello-world-build-and-deployment :: dependency-checks" activity="Sleeping" lastBuildStatus="Success" lastBuildLabel="206" lastBuildTime="2020-09-18T06:14:54Z" webUrl="https://github.com/johndoe/hello-world/runs/1132386127" triggeredEvent="schedule"/>
<Project name="hello-world :: hello-world-checks :: format" activity="Sleeping" lastBuildStatus="Success" lastBuildLabel="206" lastBuildTime="2020-09-18T06:11:41Z" webUrl="https://github.com/johndoe/hello-world/runs/1132386046" triggeredEvent="pull_request"/>
<Project name="hello-world :: hello-world-checks :: test" activity="Sleeping" lastBuildStatus="Success" lastBuildLabel="206" lastBuildTime="2020-09-18T06:14:54Z" webUrl="https://github.com/johndoe/hello-world/runs/1132386127" triggeredEvent="push"/>
</Projects>Access http://localhost:<host machine port>/v1/cctray to get data in JSON format
[
{
"name": "hello-world :: hello-world-build-and-deployment :: talisman-checks",
"activity": "Sleeping",
"lastBuildStatus": "Success",
"lastBuildLabel": "206",
"lastBuildTime": "2020-09-18T06:11:41.000Z",
"webUrl": "https://github.com/johndoe/hello-world/runs/1132386046",
"triggeredEvent": "push"
},
{
"name": "hello-world :: hello-world-build-and-deployment :: dependency-checks",
"activity": "Sleeping",
"lastBuildStatus": "Success",
"lastBuildLabel": "206",
"lastBuildTime": "2020-09-18T06:14:54.000Z",
"webUrl": "https://github.com/johndoe/hello-world/runs/1132386127",
"triggeredEvent": "schedule"
},
{
"name": "hello-world :: hello-world-checks :: format",
"activity": "Sleeping",
"lastBuildStatus": "Success",
"lastBuildLabel": "206",
"lastBuildTime": "2020-09-18T06:11:41.000Z",
"webUrl": "https://github.com/johndoe/hello-world/runs/1132386046",
"triggeredEvent": "pull_request"
},
{
"name": "hello-world :: hello-world-checks :: test",
"activity": "Sleeping",
"lastBuildStatus": "Success",
"lastBuildLabel": "206",
"lastBuildTime": "2020-09-18T06:14:54.000Z",
"webUrl": "https://github.com/johndoe/hello-world/runs/1132386127",
"triggeredEvent": "push"
}
]Access http://localhost:<host machine port>/v1/alerts/secrets to get security scan alerts data in JSON format
[
{
"id": "hello-world::Amazon AWS Secret Access Key::3",
"name": "hello-world :: Amazon AWS Secret Access Key",
"url": "https://github.com/johndoe/hello-world/security/secret-scanning/3",
"createdAt": "2022-07-26T11:12:02.000Z"
},
{
"id": "hello-world::Amazon AWS Access Key ID::2",
"name": "hello-world :: Amazon AWS Access Key ID",
"url": "https://github.com/johndoe/hello-world/security/secret-scanning/2",
"createdAt": "2022-07-26T09:39:07.000Z"
},
{
"id": "hello-world::Amazon AWS Secret Access Key::1",
"name": "hello-world :: Amazon AWS Secret Access Key",
"url": "https://github.com/johndoe/hello-world/security/secret-scanning/1",
"createdAt": "2022-07-26T09:39:07.000Z"
}
]Access http://localhost:<host machine port>/v1/alerts/code-standard-violations to get code standard violation alerts data in JSON format
[
{
"id": "hello-world::Arbitrary file write during zip extraction::4",
"name": "hello-world :: api-session-spec.ts:917-917 :: Arbitrary file write during zip extraction",
"url": "https://github.com/johndoe/hello-world/code-scanning/4",
"createdAt": "2020-02-13T12:29:18.000Z"
},
{
"id": "hello-world::Redundant else condition::3",
"name": "hello-world :: api-session-spec.ts:918-918 :: Redundant else condition",
"url": "https://github.com/johndoe/hello-world/code-scanning/3",
"createdAt": "2020-02-12T12:29:18.000Z"
}
]