jurjen.ladenius/Cloud-20Engineering
1
0
Fork 0
mirror of https://dev.azure.com/effectory/Survey%20Software/_git/Cloud%20Engineering synced 2026-02-27 18:52:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

New Snyk overview

Browse Source
This commit is contained in:
Jurjen Ladenius
2023-09-01 15:11:49 +02:00
parent 1d2a40ba50
commit bc24e238d6
4 changed files with 106 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
Powershell/Lists/DevOps/Repositories.ps1
View File

@@ -10,7 +10,8 @@ class Repository {
[string] $LastPRUrl = "" [string] $LastPRUrl = ""
} }
$fileName = "c:\temp\2023-05-03 repositories.csv" [string] $date = Get-Date -Format "yyyy-MM-dd HHmm"
$fileName = ".\$date repositories.csv"
Write-Host "========================================================================================================================================================================" Write-Host "========================================================================================================================================================================"
Write-Host "Creating repository overview." Write-Host "Creating repository overview."
@@ -29,13 +30,17 @@ foreach ($repo in $repos)
$repository.IsDisabled = $repo.isDisabled $repository.IsDisabled = $repo.isDisabled
$repository.WebUrl = $repo.webUrl $repository.WebUrl = $repo.webUrl
if ($true -ne $repo.isDisabled)
{
$lastPr = az repos pr list --project "survey software" --repository $repo.name --organization "https://dev.azure.com/effectory/" --status all --top 1 | ConvertFrom-Json | Select-Object $lastPr = az repos pr list --project "survey software" --repository $repo.name --organization "https://dev.azure.com/effectory/" --status all --top 1 | ConvertFrom-Json | Select-Object
if ($lastPr) { if ($lastPr)
{
$repository.LastPRDate = $lastPr.creationDate $repository.LastPRDate = $lastPr.creationDate
$repository.LastPRName = $lastPr.title $repository.LastPRName = $lastPr.title
$repository.LastPRUrl = $lastPr.url $repository.LastPRUrl = $lastPr.url
} }
}
$Result += $repository $Result += $repository
} }

59
Powershell/Lists/Snyk/SnykOverview.ps1 Normal file
View File

@@ -0,0 +1,59 @@
$access_token = Get-AzKeyVaultSecret -VaultName "consoleapp" -Name "SnykKey" -AsPlainText
$head = @{ Authorization ="$access_token" }
$version = "2023-08-29%7Ebeta"
$ofs = ', '
[string] $date = Get-Date -Format "yyyy-MM-dd HHmm"
$fileName = ".\$date snyk projects.csv"
class SnykOverview {
[string] $OrganisationId = ""
[string] $OrganisationName = ""
[string] $GroupId = ""
[string] $OrganisationSlug = ""
[string] $ProjectId = ""
[string] $ProjectRepo = ""
[string] $ProjectName = ""
[string] $ProjectType = ""
[string] $ProjectCreateDate = ""
[string] $ProjectTargetFile = ""
[string] $ProjectTargetRunTime = ""
}
[SnykOverview[]]$Result = @()
$organisationUrl = "https://api.snyk.io/rest/orgs?version=$version"
$organisationResponse = Invoke-RestMethod -Uri $organisationUrl -Method GET -Headers $head
foreach ($organisation in $organisationResponse.data)
{
$organisationId = $organisation.id
$projectUrl = "https://api.snyk.io/rest/orgs/$organisationId/projects?version=$version&limit=100"
$projectResponse = Invoke-RestMethod -Uri $projectUrl -Method GET -Headers $head
foreach ($project in $projectResponse.data)
{
$projectName = $project.attributes.name
[SnykOverview] $SnykOverview = [SnykOverview]::new()
$SnykOverview.OrganisationId = $organisationId
$SnykOverview.OrganisationName = $organisation.attributes.name
$SnykOverview.GroupId = $organisation.attributes.group_id
$SnykOverview.OrganisationSlug = $organisation.attributes.slug
$SnykOverview.ProjectId = $project.id
$SnykOverview.ProjectRepo = $projectName.Split(":")[0]
$SnykOverview.ProjectName = $projectName.Split(":")[1]
$SnykOverview.ProjectType = $project.attributes.type
$SnykOverview.ProjectCreateDate = $project.attributes.created
$SnykOverview.ProjectTargetFile = $project.attributes.target_file
$SnykOverview.ProjectTargetRunTime = $project.attributes.target_runtime
$Result += $SnykOverview
}
}
$Result | Export-Csv -Path $fileName -NoTypeInformation -Force
$Result | Format-Table

35
Powershell/Tools/Azure Custom Roles.ps1
View File

@@ -9,3 +9,38 @@ Get-AzSubscription | Export-Csv -Path $fileName -NoTypeInformation
Set-AzRoleDefinition -InputFile 'C:\Repository\Cloud Engineering\Custom roles\Storage Data Contributor.json' Set-AzRoleDefinition -InputFile 'C:\Repository\Cloud Engineering\Custom roles\Storage Data Contributor.json'
Set-AzRoleDefinition -InputFile 'C:\Repository\Cloud Engineering\Custom roles\Storage Data Reader.json' Set-AzRoleDefinition -InputFile 'C:\Repository\Cloud Engineering\Custom roles\Storage Data Reader.json'
New-AzRoleDefinition -InputFile 'C:\Repository\Cloud Engineering\Custom roles\Resource Lock Administrator.json' New-AzRoleDefinition -InputFile 'C:\Repository\Cloud Engineering\Custom roles\Resource Lock Administrator.json'
#https://learn.microsoft.com/en-us/azure/cosmos-db/how-to-setup-rbac#built-in-role-definitions
set-azcontext -SubscriptionId 2161debe-6042-4633-b10e-de77c06cabc6
$resourceGroupName = "phasedrelease"
$accountName = "phasedrelease"
New-AzCosmosDBSqlRoleDefinition -AccountName $accountName -ResourceGroupName $resourceGroupName -Type CustomRole -RoleName "Cosmos Data Reader" `
-DataAction @( `
'Microsoft.DocumentDB/databaseAccounts/readMetadata',
'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/read', `
'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/executeQuery', `
'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/readChangeFeed') `
-AssignableScope "/"
New-AzCosmosDBSqlRoleDefinition -AccountName $accountName -ResourceGroupName $resourceGroupName -Type CustomRole -RoleName "Cosmos Data Contributor" `
-DataAction @( `
'Microsoft.DocumentDB/databaseAccounts/readMetadata',
'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/*', `
'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/*') `
-AssignableScope "/"
Get-AzCosmosDBSqlRoleDefinition -AccountName $accountName -ResourceGroupName $resourceGroupName
$principalId = "99dbd99f-9165-46a3-94d7-d8467121f0d1" # jimmy.van.den.berg@effectory.com
New-AzCosmosDBSqlRoleAssignment -AccountName $accountName -PrincipalId $principalId -ResourceGroupName $resourceGroupName -RoleDefinitionName "Cosmos Data Contributor" -Scope "/subscriptions/2161debe-6042-4633-b10e-de77c06cabc6/resourceGroups/phasedrelease/providers/Microsoft.DocumentDB/databaseAccounts/phasedrelease"
Get-AzCosmosDBSqlRoleAssignment -AccountName $accountName -ResourceGroupName $resourceGroupName
Remove-AzCosmosDBSqlRoleAssignment -AccountName $accountName -Id "/subscriptions/2161debe-6042-4633-b10e-de77c06cabc6/resourceGroups/phasedrelease/providers/Microsoft.DocumentDB/databaseAccounts/phasedrelease/sqlRoleAssignments/cbc3170d-f815-4164-9044-eb9913eb909a" -ResourceGroupName $resourceGroupName

1
format.json
View File

@@ -1 +0,0 @@