Skip to content
/ test-ssh-action Public

SSH server vulnerability and security scanner with Operous

operous.dev/
8 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

operous/test-ssh-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Repository files navigation

Operous SSH Test Action 🦥

This GitHub Action will trigger an SSH test at Operous and return its results.

Getting Started

To configure the action, you will need to get your server IDs at Operous and write the workflow YAML accordingly.

How get your registered servers IDs

There are two ways you can get your servers IDs:

  • Acessing the server details page as follows:

  • Using the public API to get multiple IDs at once:

    • Create a public API token following this guide;
    • Mount a simple request using the servers query: 
      1. curl -X POST \
  -H 'Authorization: Token <Your created token>' \
  -H 'Content-Type: application/json' \
  -d '{"query":"{ servers { name identifier }}"}' \
'https://app.operous.dev/graphql'
      2. {
  "data": {
    "servers": [
      { "name": "ancient-rock-700", "identifier": "gMAjMO8mkmhsFRxW" },
      {
        "name": "snobbish-friend-3818",
        "identifier": "SnmjBjasb5TgadQk"
      },
      { "name": "tan-cakes-6272", "identifier": "hCkhyiR5eT7kXjs5" },
      { "name": "naive-blow-9270", "identifier": "wDK3idtzjWlsezC9" }
    ]
  }
}

Mounting the workflow YAML

You can include the action in your workflow to trigger on any event that GitHub actions supports. You'll need to provide the action with your API Token from you Operous account.

In the example below, a push on the main branch will start the SSH test on the registered servers with the provided identifier. The pipeline will only succeed if the tests in all servers are successful.

name: Test action
on:
  push:
    branches:
      - main
jobs:
  test:
    name: "Operous ssh test action"
    runs-on: ubuntu-latest
    steps:
      - name: Run Operous ssh test
        uses: operous/test-ssh-action@0.1.0-rc.3
        with:
          accountToken: ${{ secrets.OPEROUS_ACCOUNT_TOKEN }}
          serverIds: "SnmjBjasb5TgadQk,gMAjMO8mkmhsFRxW,hCkhyiR5eT7kXjs5"

Configuration

The with portion of the workflow must be configured before the action will work. You can add these in the with section found in the examples above. Any secrets must be referenced using the bracket syntax and stored in the GitHub repositories Settings/Secrets menu. You can learn more about setting environment variables with GitHub actions here.

Setup

The following configuration options should be set.

Key Value Information
accountToken Your Operous account API token. Follow this guide if you need to create one.
serverIds A list of server identifiers you can get on the server detailed information page at Operous.

Development

  • First install the dependencies with yarn
  • Build and generate the code with yarn build
  • Run the tests with yarn jest

About

SSH server vulnerability and security scanner with Operous

operous.dev/

Topics

ssh security continuous-integration continuous-delivery ci cd ssh-server sshd ssh-config ssh-client hardening security-vulnerability ssh-agent vulnerability-detection vulnerability-scanners security-tools compliance-testing vunerability security-scan

Resources

Readme
Activity
Custom properties

Stars

8 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases 1

Operous ssh test Latest
Aug 18, 2021

Packages

No packages published

Languages