From 324bf6124d23f56c3b2fbec0ccb92b98928dde1b Mon Sep 17 00:00:00 2001 From: Akash S Date: Thu, 23 Apr 2026 01:05:36 +0530 Subject: [PATCH 1/3] docs: add git-scan, bulk import, and interactive mode sections to README --- README.md | 90 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 89 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 6781366..95d035d 100644 --- a/README.md +++ b/README.md @@ -338,4 +338,92 @@ payload.json will look like the following: ], "WfType": "CUSTOM", } -``` \ No newline at end of file +``` + +--- + +### Git VCS Scan + Bulk Import + +Scan a GitHub or GitLab organization for Terraform repositories and generate a bulk workflow payload for sg-cli. + +**Step 1: Install the scanner** + +```bash +git clone https://github.com/StackGuardian/stackguardian-migrator.git +cd stackguardian-migrator/transformer/git-vcs +pip install . +``` + +**Step 2: Scan your VCS org** + +```bash +# GitHub +sg-git-scan --provider github --token ghp_xxx --org my-org + +# GitLab +sg-git-scan --provider gitlab --token glpat-xxx --org my-group + +# With options +sg-git-scan --provider github --token ghp_xxx --org my-org \ + --max-repos 50 \ + --wfgrp imported-workflows \ + --vcs-auth /integrations/github_com \ + --output sg-payload.json +``` + +**CLI options:** + +| Flag | Description | +|---|---| +| `--provider`, `-p` | VCS provider: `github` or `gitlab` (required) | +| `--token`, `-t` | VCS access token (required) | +| `--org`, `-o` | GitHub organization or GitLab group | +| `--user`, `-u` | User whose repos to scan | +| `--max-repos`, `-m` | Maximum repositories to scan | +| `--include-archived` | Include archived repositories | +| `--include-forks` | Include forked repositories | +| `--wfgrp` | Workflow group name (default: `imported-workflows`) | +| `--vcs-auth` | SG VCS integration path (e.g., `/integrations/github_com`) | +| `--managed-state` | Enable SG-managed Terraform state | +| `--output`, `-O` | Output file (default: `sg-payload.json`) | +| `--quiet`, `-q` | Minimal output | +| `--verbose`, `-v` | Debug output | + +The scanner detects Terraform directories, infers cloud provider from HCL provider blocks, parses Terraform version from `required_version`, and handles monorepos (each subdirectory becomes a separate workflow). + +**Step 3: Review and edit sg-payload.json** + +Before importing, fill in the fields the scanner cannot infer automatically: + +- `DeploymentPlatformConfig` — Cloud connector integration ID (AWS/Azure/GCP) +- `VCSConfig.customSource.config.auth` — VCS integration path for private repos +- `RunnerConstraints` — `shared` or private runner group + +**Step 4: Bulk import to StackGuardian** + +```bash +export SG_API_TOKEN= +./sg-cli workflow create --bulk --org "" -- sg-payload.json +``` + +--- + +### Interactive Mode + +sg-cli includes a terminal UI for browsing and managing resources without remembering command syntax. + +```bash +./sg-cli interactive +# or +./sg-cli i +``` + +On launch you will be prompted for your **org** and **workflow group**, which are remembered for the session. From the main menu you can: + +- **Workflows** — list, inspect, and create workflows (single or bulk) +- **Stacks** — list and inspect stacks +- **Artifacts** — browse workflow and stack artifacts +- **Git Scan** — run the VCS scanner interactively +- **Switch Context** — change org / workflow group mid-session + +Navigation: arrow keys to move, Enter to select, Ctrl+C or `q` to go back / exit. \ No newline at end of file From fb29e8893cfb842a0b1cb42c302ecc365ef3fa35 Mon Sep 17 00:00:00 2001 From: Akash S <96624761+AkashS0510@users.noreply.github.com> Date: Thu, 23 Apr 2026 01:07:24 +0530 Subject: [PATCH 2/3] Update README with image and navigation instructions Added an image to the README and ensured proper navigation instructions. --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 95d035d..1e54e7a 100644 --- a/README.md +++ b/README.md @@ -426,4 +426,6 @@ On launch you will be prompted for your **org** and **workflow group**, which ar - **Git Scan** — run the VCS scanner interactively - **Switch Context** — change org / workflow group mid-session -Navigation: arrow keys to move, Enter to select, Ctrl+C or `q` to go back / exit. \ No newline at end of file +Navigation: arrow keys to move, Enter to select, Ctrl+C or `q` to go back / exit. + +image From 17acec901c5e468fd044662d6c98592ef46850ba Mon Sep 17 00:00:00 2001 From: Akash S Date: Fri, 24 Apr 2026 11:51:08 +0530 Subject: [PATCH 3/3] docs: fix git-scan section to use sg-cli binary command --- README.md | 28 ++++++++++------------------ 1 file changed, 10 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 1e54e7a..dd6c8a4 100644 --- a/README.md +++ b/README.md @@ -344,27 +344,19 @@ payload.json will look like the following: ### Git VCS Scan + Bulk Import -Scan a GitHub or GitLab organization for Terraform repositories and generate a bulk workflow payload for sg-cli. +Scan a GitHub or GitLab organization for Terraform repositories and generate a bulk workflow payload ready for import. -**Step 1: Install the scanner** - -```bash -git clone https://github.com/StackGuardian/stackguardian-migrator.git -cd stackguardian-migrator/transformer/git-vcs -pip install . -``` - -**Step 2: Scan your VCS org** +**Step 1: Scan your VCS org** ```bash # GitHub -sg-git-scan --provider github --token ghp_xxx --org my-org +./sg-cli git-scan scan --provider github --token ghp_xxx --org my-org # GitLab -sg-git-scan --provider gitlab --token glpat-xxx --org my-group +./sg-cli git-scan scan --provider gitlab --token glpat-xxx --org my-group # With options -sg-git-scan --provider github --token ghp_xxx --org my-org \ +./sg-cli git-scan scan --provider github --token ghp_xxx --org my-org \ --max-repos 50 \ --wfgrp imported-workflows \ --vcs-auth /integrations/github_com \ @@ -378,11 +370,11 @@ sg-git-scan --provider github --token ghp_xxx --org my-org \ | `--provider`, `-p` | VCS provider: `github` or `gitlab` (required) | | `--token`, `-t` | VCS access token (required) | | `--org`, `-o` | GitHub organization or GitLab group | -| `--user`, `-u` | User whose repos to scan | -| `--max-repos`, `-m` | Maximum repositories to scan | +| `--user`, `-u` | Scan repos for a specific user instead of an org | +| `--max-repos`, `-m` | Maximum repositories to scan (0 = no limit) | | `--include-archived` | Include archived repositories | | `--include-forks` | Include forked repositories | -| `--wfgrp` | Workflow group name (default: `imported-workflows`) | +| `--wfgrp` | Workflow group name written into payload (default: `imported-workflows`) | | `--vcs-auth` | SG VCS integration path (e.g., `/integrations/github_com`) | | `--managed-state` | Enable SG-managed Terraform state | | `--output`, `-O` | Output file (default: `sg-payload.json`) | @@ -391,7 +383,7 @@ sg-git-scan --provider github --token ghp_xxx --org my-org \ The scanner detects Terraform directories, infers cloud provider from HCL provider blocks, parses Terraform version from `required_version`, and handles monorepos (each subdirectory becomes a separate workflow). -**Step 3: Review and edit sg-payload.json** +**Step 2: Review and edit sg-payload.json** Before importing, fill in the fields the scanner cannot infer automatically: @@ -399,7 +391,7 @@ Before importing, fill in the fields the scanner cannot infer automatically: - `VCSConfig.customSource.config.auth` — VCS integration path for private repos - `RunnerConstraints` — `shared` or private runner group -**Step 4: Bulk import to StackGuardian** +**Step 3: Bulk import to StackGuardian** ```bash export SG_API_TOKEN=