Skip to content

mpetrunic/gitmythx

1 Branch0 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

mpetrunicmpetrunic
add examples
Apr 30, 2019
c9769f7 · Apr 30, 2019

History

48 Commits
.circleci
.circleci
Aug 31, 2018
src
src
Apr 30, 2019
test
test
Apr 16, 2019
.dockerignore
.dockerignore
Aug 25, 2018
.env.sample
.env.sample
Apr 30, 2019
.gitignore
.gitignore
Apr 16, 2019
.sequelizerc
.sequelizerc
Aug 27, 2018
Dockerfile
Dockerfile
Apr 30, 2019
Dockerfile.production
Dockerfile.production
Apr 30, 2019
LICENSE
LICENSE
Aug 27, 2018
README.md
README.md
Apr 30, 2019
banner.png
banner.png
Aug 27, 2018
docker-compose-cleanup.yml
docker-compose-cleanup.yml
Aug 25, 2018
docker-compose.yml
docker-compose.yml
Apr 16, 2019
nodemon.json
nodemon.json
Apr 22, 2019
package.json
package.json
Apr 30, 2019
runfile.js
runfile.js
Aug 25, 2018
sequelizecli.js
sequelizecli.js
Apr 23, 2019
tsconfig.json
tsconfig.json
Apr 23, 2019
tslint.json
tslint.json
Aug 27, 2018
yarn.lock
yarn.lock
Apr 30, 2019

Repository files navigation

GitMythX

GitHub license

Repo containing github app for running MythX security checks.

Example

Usage

  • Install GitMythX to your smart contract repo
  • After installation you will be redirected to obtain MythX credentials
    • You can create MythX account here
  • Add gitmythx.json file to root of your repo

Example of gitmythx.json file:

{
  // full version including commit
  "solidityVersion": "v0.5.1+commit.c8a2cb62",
  "contracts": [
    //create this object for each contract you want to be run against security check
    {
      "name": "TestContract",
      //relative to github repo root
      "path": "./contracts/TestContract.sol"
    }
  ]
}

Development

Following software is required to be installed to use this repo:

Usage

Creating github app

  • Go to: Github -> Settings -> Developer settings -> Github Apps -> New Github App
  • Put some dummy urls (you will update urls after you start app locally)
  • Check Redirect on update
  • Permissions:
    • Checks: Read & Write
    • Repository contents: Read-only
    • Pull requests: Read & Write
  • Subscribe to following events:
    • Check suite
    • Check run
  • Generate private key and save as pk.pem in root of application

Running application locally

On first use of this repo, run npx run build which will build docker image.You will have to run npx run build each time you change dependencies in package.json (yarn.lock).

Copy .env.sample into .env and fill out env variables, some fields can only be populated after creating of github app.

Using npx run dev will start all required docker containers, execute migrations etc.

Since github requires https hook, install ngrok or something similar and in new terminal run ngrok http 3000. Copy generated https tunnel.

Update following props in GithubApp:

  • Homepage URL:
  • User authorization callback URL: /oauth/github
  • Setup URL (optional): /setup
  • Webhook URL: /github/hook
  • Webhook secret: <copy GITHUB_WEBHOOK_SECRET from .env>

Run npx run to see all available commands and their description.

Notice

  • make sure you update yarn.lock before building
  • use sequelize-cli local to generate migrations (because of timestamp)

About

Github app for running mythx checksuite

Resources

Readme

License

MIT license
Activity

Stars

4 stars

Watchers

0 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages