A Python package to clone a repo and automatically prepare it for Cyfrin audit report generation.
- Clone one or more source repositories into a target repository
- Add issue templates for audit findings
- Configure labels for severity and status
- Add source repositories as git subtrees
- Create tags for each source repository
- Create branches for auditors and final report
- Add report-generator-template
- Set up GitHub project board
- Remove GitHub Actions from source repositories for security
- Install requirements:
git clone https://github.com/Cyfrin/audit-repo-cloner
cd audit-repo-cloner
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt- Get a GitHub personal access token and add it to the
.envfile:
cp .env.example .env- Create a
config.jsonfile:
cp config.json.example config.json- Edit
config.jsonwith your repository details:
{
"targetRepoName": "audit-2024-05-myproject",
"projectTitle": "[Audit] My Project (2024-05)",
"auditors": "auditor1 auditor2 auditor3",
"repositories": [
{
"sourceUrl": "https://github.com/username/protocol-repo",
"commitHash": "abcdef1234567890abcdef1234567890abcdef12",
"subFolder": "protocol"
}
]
}- Run the tool:
# specifying github token and organization in the cmd
python -m audit_repo_cloner.create_audit_repo --config-file config.json --github-token YOUR_TOKEN --organization YOUR_ORG
# using .env file for github token and org
python -m audit_repo_cloner.create_audit_repo --config-file config.json
# if config file is not specified, config.json is used by default
python -m audit_repo_cloner.create_audit_repo- Set up development environment:
git clone https://github.com/Cyfrin/audit-repo-cloner
cd audit-repo-cloner
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt- Install pre-commit hooks:
pre-commit install
pre-commit run --all-files