# Snyk Tags Tool
#### **Snyk Tags is a CLI tool which can:**
- Help filter Snyk projects by product type by adding product tags across a Snyk Group or Organization - using ```snyk-tags tag```
- Help filter Snyk projects by applying tags to all projects containing a specific name ```snyk-tags tag alltargets --contains-name=```
- Help filter Snyk projects by applying tags to a target import (for example a git repo like **snyk-labs/nodejs-goof**) - using ```snyk-tags target tag``` or from a csv/json file with ```snyk-tags fromfile target-tag```
- Help filter Snyk projects by applying attributes to a target import (for example a git repo like **snyk-labs/nodejs-goof**) - using ```snyk-tags target attributes``` or from a csv/json file with ```snyk-tags fromfile target-attributes```
- Help filter Snyk projects by adding the GitHub CODEOWNERS (only GitHub handles) as tags to the target import (must be a GitHub repo in the form **snyk-labs/nodejs-goof**) - using ```snyk-tags target github owners```
- Help with tag management by removing tags from a Group or a target import (for example a git repo like **snyk-labs/nodejs-goof**) - using ```snyk-tags target remove``` or listing all tags using ```snyk-tags list tags``` (also in bulk or from a csv/json file with ```snyk-tags fromfile```)
- [Associate Snyk Open Source, Code and Container projects](https://docs.snyk.io/manage-risk/insights/insights-setup/insights-setup-associating-snyk-open-source-code-and-container-projects#examples-of-project-tags) with software component tags, using ```snyk-tags component tag```.
### **snyk-tags tag**
```snyk-tags tag``` is a CLI tool that uses the Snyk Project Tag API to assign tags in bulk to Snyk projects based on the product.
```snyk-tags tag``` will update all projects of the specified product within a Snyk Group or Organization with the product's tag.
You can also specify a custom tag for the specific project types.
[List all project types](#list-of-all-project-types)
### **snyk-tags target**
```snyk-tags target``` goes through a target (repo, container, CLI import) to assign tags, attributes and assign GitHub metadata. Targets in snyk can be varied like:
- **snyk-labs/nodejs-goof** is the target from a git import
- **library/httpd** is the target from a container import
- **/snyk-labs/nodejs-goof** is the target from a CLI import
You can use:
- **```snyk-tags target tag```** to add tags to a target
- **```snyk-tags target attributes```** to add attributes to a target
- **```snyk-tags target github```** for specific GitHub metadata. The GitHub repo must include the GitHub Organization e.g. **snyk-labs/nodejs-goof**
[List all possible attributes](#list-of-all-attributes)
#### **snyk-tags target github**
To import GitHub metadata such as CODEOWNERS or Topics, you can use this command.
**Requirements:**
- GitHub PAT with ```read:org``` permissions
**Usage:**
- **```snyk-tags target github owners```** to add the CODEOWNERS file information as tags (limited to GitHub handles for now)
- **```snyk-tags target github topics```** to add the GitHub Topics as tags
### **Viewing results**
Once you run ```snyk-tags```, go into the UI, naviagate to the projects page and find the tags filter or attribute filter options on the left-hand menu. Select the tag/attribute you have applied and you will see all projects associated.
### **snyk-tags component tag**
```snyk-tags component tag``` automates tagging software components at scale for Snyk, based on powerful regular-expression based rules. Read more about this feature in [components](components.md).
## **Installation and requirements**
### **Requirements**
Requires Python version above 3.8
### **Installation**
To install the simplest way is to use pip:
```bash
pip install snyk-tags
```
Alternatively you can clone the repo and then run the following commands:
```python
poetry install # To install dependencies
python -m snyk-tags # To run snyk-tags
```
## Examples
For the following examples you will need a Snyk API token, this can either be a personal Snyk Group/Org admin or a service account, [here](https://docs.snyk.io/snyk-api-info/authentication-for-api) is more information on how to generate a Snyk API token. You can then pass this token as part of the command through ```--snyktkn=abc``` or as an environment variable ```SNYK_TOKEN```
### Applying tags by Snyk product
I want to filter all my Snyk Code projects to the whole Snyk Group:
``` bash
snyk-tags tag sast --group-id=abc --snyktkn=abc
```
I want to filter all my ```npm``` Snyk Open Source projects within a specific Snyk Organization:
``` bash
snyk-tags tag sca --scatype=npm --org-id=abc --snyktkn=abc
```
### Applying tags based on project name
I want to filter all my Snyk projects sharing a common project name substring
``` bash
snyk-tags tag alltargets --contains-name=microservice --group-id=abc --org-id=abc --snyktkn=abc --tagkey=app --tagvalue=microservice
```
### Managing tags based on target SCM repository
I want to filter all projects within my ```snyk-labs/nodejs-goof``` repo by ```project:snyk```
``` bash
snyk-tags target tag --target=snyk-labs/nodejs-goof --org-id=abc --snyktkn=abc --tagkey=project --tagvalue=snyk
```
I want to add attributes to all projects within my ```snyk-labs/python-goof``` repo. The attributes are ```critical, production, backend```
``` bash
snyk-tags target attributes --target=snyk-labs/python-goof --org-id=abc --snytkn=abc --criticality=critical --environment=backend --lifecycle=production
```
I want mark with the repo owners all projects of the repo ```snyk-labs/nodejs-goof``` so I can filter by owner e.g.```Owner:EricFernandezSnyk```
(to use a private GitHub instance, use `--gh-base-url=<your instance's API baseurl>`. Example: `--gh-base-url=https://gh.local/api/v3`)
``` bash
snyk-tags target github owners --target=snyk-labs/nodejs-goof --org-id=abc --snyktkn=abc --githubtkn=abc
```
I want add my GitHub Topics to all projects of the repo ```snyk-labs/nodejs-goof``` so I can filter by topics e.g.```GitHubTopic:python3```
(to use a private GitHub instance, use `--gh-base-url=<your instance's API baseurl>`. Example: `--gh-base-url=https://gh.local/api/v3`)
``` bash
snyk-tags target github topics --target=snyk-labs/nodejs-goof --org-id=abc --snyktkn=abc --githubtkn=abc
```
I want to remove the tag project:snyk from the repo ```snyk-labs/nodejs-goof```
``` bash
snyk-tags remove tag-from-target --target=snyk-labs/nodejs-goof --group-id=abc --snyktkn=abc --tagkey=project --tagkey=snyk
```
I want to remove the tag app:microservice from all targets within a specific Snyk Organization
``` bash
snyk-tags remove tag-from-alltargets --contains-name=apps-demo --org-id=abc --tagkey=app --tagvalue=microservice
```
I want to filter all projects within ```snyk-labs/nodejs-goof``` and ```snyk-labs/goof``` repo by ```project:snyk``` so I use a csv in the format ```org-id,target,key,value```
``` bash
snyk-tags fromfile target-tag --file=path/to/file.csv --snyktkn
```
## Types of projects and attributes
### List of all project types
| Snyk IaC | Snyk Open Source | Snyk Container | Snyk Code |
|:--------------------:|:----------------:|:--------------:|:---------:|
| terraformconfig | maven | dockerfile | sast |
| terraformplan | npm | apk | |
| k8sconfig | nuget | deb | |
| helmconfig | gradle | rpm | |
| cloudformationconfig | pip | linux | |
| armconfig | yarn | | |
| | gomodules | | |
| | rubygems | | |
| | composer | | |
| | sbt | | |
| | golangdep | | |
| | cocoapods | | |
| | poetry | | |
| | govendor | | |
| | cpp | | |
| | yarn-workspace | | |
| | hex | | |
| | paket | | |
| | golang | | |
### List of all attributes
| Criticality | Environment | Lifecycle |
|:--------------------:|:-----------:|:---------------:|
| critical | frontend | production |
| high | backend | development |
| medium | internal | sandbox |
| low | external | |
| | mobile | |
| | saas | |
| | onprem | |
| | hosted | |
| | distributed | |
Raw data
{
"_id": null,
"home_page": "https://github.com/snyk-labs/snyk-tags-tool",
"name": "snyk-tags",
"maintainer": null,
"docs_url": null,
"requires_python": "<4.0,>=3.8",
"maintainer_email": null,
"keywords": "snyk",
"author": "EricFernandezSnyk",
"author_email": "eric.fernandez@snyk.io",
"download_url": "https://files.pythonhosted.org/packages/10/cd/0854b932da08b26c93fdde98c4132e2257ae895fe1e94b52fc94336c6e44/snyk_tags-2.3.0.tar.gz",
"platform": null,
"description": "# Snyk Tags Tool\n\n\n\n#### **Snyk Tags is a CLI tool which can:**\n\n- Help filter Snyk projects by product type by adding product tags across a Snyk Group or Organization - using ```snyk-tags tag```\n- Help filter Snyk projects by applying tags to all projects containing a specific name ```snyk-tags tag alltargets --contains-name=```\n- Help filter Snyk projects by applying tags to a target import (for example a git repo like **snyk-labs/nodejs-goof**) - using ```snyk-tags target tag``` or from a csv/json file with ```snyk-tags fromfile target-tag```\n- Help filter Snyk projects by applying attributes to a target import (for example a git repo like **snyk-labs/nodejs-goof**) - using ```snyk-tags target attributes``` or from a csv/json file with ```snyk-tags fromfile target-attributes```\n- Help filter Snyk projects by adding the GitHub CODEOWNERS (only GitHub handles) as tags to the target import (must be a GitHub repo in the form **snyk-labs/nodejs-goof**) - using ```snyk-tags target github owners```\n- Help with tag management by removing tags from a Group or a target import (for example a git repo like **snyk-labs/nodejs-goof**) - using ```snyk-tags target remove``` or listing all tags using ```snyk-tags list tags``` (also in bulk or from a csv/json file with ```snyk-tags fromfile```)\n- [Associate Snyk Open Source, Code and Container projects](https://docs.snyk.io/manage-risk/insights/insights-setup/insights-setup-associating-snyk-open-source-code-and-container-projects#examples-of-project-tags) with software component tags, using ```snyk-tags component tag```.\n\n### **snyk-tags tag**\n\n```snyk-tags tag``` is a CLI tool that uses the Snyk Project Tag API to assign tags in bulk to Snyk projects based on the product.\n\n```snyk-tags tag``` will update all projects of the specified product within a Snyk Group or Organization with the product's tag.\n\nYou can also specify a custom tag for the specific project types.\n\n[List all project types](#list-of-all-project-types)\n\n### **snyk-tags target**\n\n```snyk-tags target``` goes through a target (repo, container, CLI import) to assign tags, attributes and assign GitHub metadata. Targets in snyk can be varied like:\n\n- **snyk-labs/nodejs-goof** is the target from a git import\n- **library/httpd** is the target from a container import\n- **/snyk-labs/nodejs-goof** is the target from a CLI import\n\nYou can use:\n\n- **```snyk-tags target tag```** to add tags to a target\n- **```snyk-tags target attributes```** to add attributes to a target\n- **```snyk-tags target github```** for specific GitHub metadata. The GitHub repo must include the GitHub Organization e.g. **snyk-labs/nodejs-goof**\n\n[List all possible attributes](#list-of-all-attributes)\n\n#### **snyk-tags target github**\n\nTo import GitHub metadata such as CODEOWNERS or Topics, you can use this command.\n\n**Requirements:**\n\n- GitHub PAT with ```read:org``` permissions\n\n**Usage:**\n\n- **```snyk-tags target github owners```** to add the CODEOWNERS file information as tags (limited to GitHub handles for now)\n- **```snyk-tags target github topics```** to add the GitHub Topics as tags\n\n### **Viewing results**\n\nOnce you run ```snyk-tags```, go into the UI, naviagate to the projects page and find the tags filter or attribute filter options on the left-hand menu. Select the tag/attribute you have applied and you will see all projects associated.\n\n### **snyk-tags component tag**\n\n```snyk-tags component tag``` automates tagging software components at scale for Snyk, based on powerful regular-expression based rules. Read more about this feature in [components](components.md).\n\n## **Installation and requirements**\n\n### **Requirements**\n\nRequires Python version above 3.8\n\n### **Installation**\n\nTo install the simplest way is to use pip:\n\n```bash\npip install snyk-tags\n```\n\nAlternatively you can clone the repo and then run the following commands:\n\n```python\npoetry install # To install dependencies\npython -m snyk-tags # To run snyk-tags\n```\n\n## Examples\n\nFor the following examples you will need a Snyk API token, this can either be a personal Snyk Group/Org admin or a service account, [here](https://docs.snyk.io/snyk-api-info/authentication-for-api) is more information on how to generate a Snyk API token. You can then pass this token as part of the command through ```--snyktkn=abc``` or as an environment variable ```SNYK_TOKEN```\n\n### Applying tags by Snyk product\n\nI want to filter all my Snyk Code projects to the whole Snyk Group:\n\n``` bash\nsnyk-tags tag sast --group-id=abc --snyktkn=abc\n```\n\nI want to filter all my ```npm``` Snyk Open Source projects within a specific Snyk Organization:\n\n``` bash\nsnyk-tags tag sca --scatype=npm --org-id=abc --snyktkn=abc\n```\n\n### Applying tags based on project name\n\nI want to filter all my Snyk projects sharing a common project name substring\n\n``` bash\nsnyk-tags tag alltargets --contains-name=microservice --group-id=abc --org-id=abc --snyktkn=abc --tagkey=app --tagvalue=microservice\n```\n\n### Managing tags based on target SCM repository\n\nI want to filter all projects within my ```snyk-labs/nodejs-goof``` repo by ```project:snyk```\n\n``` bash\nsnyk-tags target tag --target=snyk-labs/nodejs-goof --org-id=abc --snyktkn=abc --tagkey=project --tagvalue=snyk\n```\n\nI want to add attributes to all projects within my ```snyk-labs/python-goof``` repo. The attributes are ```critical, production, backend```\n\n``` bash\nsnyk-tags target attributes --target=snyk-labs/python-goof --org-id=abc --snytkn=abc --criticality=critical --environment=backend --lifecycle=production\n```\n\nI want mark with the repo owners all projects of the repo ```snyk-labs/nodejs-goof``` so I can filter by owner e.g.```Owner:EricFernandezSnyk```\n(to use a private GitHub instance, use `--gh-base-url=<your instance's API baseurl>`. Example: `--gh-base-url=https://gh.local/api/v3`)\n\n``` bash\nsnyk-tags target github owners --target=snyk-labs/nodejs-goof --org-id=abc --snyktkn=abc --githubtkn=abc\n```\n\nI want add my GitHub Topics to all projects of the repo ```snyk-labs/nodejs-goof``` so I can filter by topics e.g.```GitHubTopic:python3```\n(to use a private GitHub instance, use `--gh-base-url=<your instance's API baseurl>`. Example: `--gh-base-url=https://gh.local/api/v3`)\n\n``` bash\nsnyk-tags target github topics --target=snyk-labs/nodejs-goof --org-id=abc --snyktkn=abc --githubtkn=abc\n```\n\nI want to remove the tag project:snyk from the repo ```snyk-labs/nodejs-goof```\n\n``` bash\nsnyk-tags remove tag-from-target --target=snyk-labs/nodejs-goof --group-id=abc --snyktkn=abc --tagkey=project --tagkey=snyk\n```\n\nI want to remove the tag app:microservice from all targets within a specific Snyk Organization\n\n``` bash\nsnyk-tags remove tag-from-alltargets --contains-name=apps-demo --org-id=abc --tagkey=app --tagvalue=microservice\n```\n\nI want to filter all projects within ```snyk-labs/nodejs-goof``` and ```snyk-labs/goof``` repo by ```project:snyk``` so I use a csv in the format ```org-id,target,key,value```\n\n``` bash\nsnyk-tags fromfile target-tag --file=path/to/file.csv --snyktkn\n```\n\n## Types of projects and attributes\n\n### List of all project types\n\n| Snyk IaC | Snyk Open Source | Snyk Container | Snyk Code |\n|:--------------------:|:----------------:|:--------------:|:---------:|\n| terraformconfig | maven | dockerfile | sast |\n| terraformplan | npm | apk | |\n| k8sconfig | nuget | deb | |\n| helmconfig | gradle | rpm | |\n| cloudformationconfig | pip | linux | |\n| armconfig | yarn | | |\n| | gomodules | | |\n| | rubygems | | |\n| | composer | | |\n| | sbt | | |\n| | golangdep | | |\n| | cocoapods | | |\n| | poetry | | |\n| | govendor | | |\n| | cpp | | |\n| | yarn-workspace | | |\n| | hex | | |\n| | paket | | |\n| | golang | | |\n\n### List of all attributes\n\n| Criticality | Environment | Lifecycle |\n|:--------------------:|:-----------:|:---------------:|\n| critical | frontend | production |\n| high | backend | development |\n| medium | internal | sandbox |\n| low | external | |\n| | mobile | |\n| | saas | |\n| | onprem | |\n| | hosted | |\n| | distributed | |\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "CLI tool designed to manage tags and attributes at scale",
"version": "2.3.0",
"project_urls": {
"Homepage": "https://github.com/snyk-labs/snyk-tags-tool",
"Repository": "https://github.com/snyk-labs/snyk-tags-tool"
},
"split_keywords": [
"snyk"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "71be4131a3996ccb607e45f8b3d103f771d2c08e858184da20e9489d6c631534",
"md5": "21f020a238cf2dac1e8fb76aa76ec292",
"sha256": "a35fb72ae30b25b88aa6053a05a379c0ba4aa355940faf23d430db4506044fa0"
},
"downloads": -1,
"filename": "snyk_tags-2.3.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "21f020a238cf2dac1e8fb76aa76ec292",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.8",
"size": 26309,
"upload_time": "2024-07-09T11:36:19",
"upload_time_iso_8601": "2024-07-09T11:36:19.975928Z",
"url": "https://files.pythonhosted.org/packages/71/be/4131a3996ccb607e45f8b3d103f771d2c08e858184da20e9489d6c631534/snyk_tags-2.3.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "10cd0854b932da08b26c93fdde98c4132e2257ae895fe1e94b52fc94336c6e44",
"md5": "8ef745a3b59262908d27eb43575718cc",
"sha256": "6a5e4522adfabdfbea830960f1247ed943052e73bde3ee64b6bef35d73374e72"
},
"downloads": -1,
"filename": "snyk_tags-2.3.0.tar.gz",
"has_sig": false,
"md5_digest": "8ef745a3b59262908d27eb43575718cc",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.8",
"size": 19340,
"upload_time": "2024-07-09T11:36:23",
"upload_time_iso_8601": "2024-07-09T11:36:23.144685Z",
"url": "https://files.pythonhosted.org/packages/10/cd/0854b932da08b26c93fdde98c4132e2257ae895fe1e94b52fc94336c6e44/snyk_tags-2.3.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-07-09 11:36:23",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "snyk-labs",
"github_project": "snyk-tags-tool",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "snyk-tags"
}
JSON
