Конечные точки REST API для кампаний безопасности
Используйте REST API для создания кампаний безопасности и управления ими для вашей организации.
Примечание.
Эти конечные точки взаимодействуют только с опубликованными кампаниями. Проекты кампаний в настоящее время нельзя просматривать или управлять с помощью API.
List campaigns for an organization
Lists campaigns in an organization.
The authenticated user must be an owner or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint.
Подробные маркеры доступа для "List campaigns for an organization
Эта конечная точка работает со следующими точными типами маркеров:
- Маркеры доступа пользователей приложения GitHub
- Маркеры доступа к установке приложений GitHub
- Точные личные маркеры доступа
Маркер с точной детализацией должен иметь следующий набор разрешений.:
- "Campaigns" organization permissions (read)
Параметры для "List campaigns for an organization"
| Имя., Тип, Description |
|---|
accept string Setting to |
| Имя., Тип, Description |
|---|
org string Обязательное полеThe organization name. The name is not case sensitive. |
| Имя., Тип, Description |
|---|
page integer The page number of the results to fetch. For more information, see "Using pagination in the REST API." По умолчанию.: |
per_page integer The number of results per page (max 100). For more information, see "Using pagination in the REST API." По умолчанию.: |
direction string The direction to sort the results by. По умолчанию.: Возможные значения: |
state string If specified, only campaigns with this state will be returned. Возможные значения: |
sort string The property by which to sort the results. По умолчанию.: Возможные значения: |
Коды состояния http-ответа для "List campaigns for an organization"
| Код состояния | Описание |
|---|---|
200 | OK |
404 | Resource not found |
503 | Service unavailable |
Примеры кода для "List campaigns for an organization"
Если вы обращаетесь к GitHub в GHE.com, замените api.github.com выделенный поддомен api.SUBDOMAIN.ghe.comпредприятия.
Пример запроса
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/campaignsResponse
Status: 200[
{
"number": 3,
"created_at": "2024-02-14T12:29:18Z",
"updated_at": "2024-02-14T12:29:18Z",
"name": "Critical CodeQL alert",
"description": "Address critical alerts before they are exploited to prevent breaches, protect sensitive data, and mitigate financial and reputational damage.",
"managers": [
{
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
}
],
"ends_at": "2024-03-14T12:29:18Z",
"closed_at": null,
"state": "open"
},
{
"number": 4,
"created_at": "2024-03-30T12:29:18Z",
"updated_at": "2024-03-30T12:29:18Z",
"name": "Mitre top 10 KEV",
"description": "Remediate the MITRE Top 10 KEV (Known Exploited Vulnerabilities) to enhance security by addressing vulnerabilities actively exploited by attackers. This reduces risk, prevents breaches and can help protect sensitive data.",
"managers": [
{
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
}
],
"ends_at": "2024-04-30T12:29:18Z",
"closed_at": null,
"state": "open"
}
]Create a campaign for an organization
Create a campaign for an organization.
The authenticated user must be an owner or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint.
Fine-grained tokens must have the "Code scanning alerts" repository permissions (read) on all repositories included in the campaign.
Подробные маркеры доступа для "Create a campaign for an organization
Эта конечная точка работает со следующими точными типами маркеров:
- Маркеры доступа пользователей приложения GitHub
- Маркеры доступа к установке приложений GitHub
- Точные личные маркеры доступа
Маркер с точной детализацией должен иметь следующий набор разрешений.:
- "Campaigns" organization permissions (write)
Параметры для "Create a campaign for an organization"
| Имя., Тип, Description |
|---|
accept string Setting to |
| Имя., Тип, Description |
|---|
org string Обязательное полеThe organization name. The name is not case sensitive. |
| Имя., Тип, Description | |||
|---|---|---|---|
name string Обязательное полеThe name of the campaign | |||
description string Обязательное полеA description for the campaign | |||
managers array of strings The logins of the users to set as the campaign managers. At this time, only a single manager can be supplied. | |||
team_managers array of strings The slugs of the teams to set as the campaign managers. | |||
ends_at string Обязательное полеThe end date and time of the campaign. The date must be in the future. | |||
contact_link string or null The contact link of the campaign. Must be a URI. | |||
code_scanning_alerts array of objects Обязательное полеThe code scanning alerts to include in this campaign | |||
Properties of |
| Имя., Тип, Description |
|---|
repository_id integer Обязательное полеThe repository id |
alert_numbers array of integers Обязательное полеThe alert numbers |
generate_issues boolean If true, will automatically generate issues for the campaign. The default is false.
По умолчанию.: false
Коды состояния http-ответа для "Create a campaign for an organization"
| Код состояния | Описание |
|---|---|
200 | OK |
400 | Bad Request |
404 | Resource not found |
422 | Unprocessable Entity |
429 | Too Many Requests |
503 | Service unavailable |
Примеры кода для "Create a campaign for an organization"
Если вы обращаетесь к GitHub в GHE.com, замените api.github.com выделенный поддомен api.SUBDOMAIN.ghe.comпредприятия.
Пример запроса
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/campaigns \
-d '{"name":"Critical CodeQL alerts","description":"Address critical alerts before they are exploited to prevent breaches, protect sensitive data, and mitigate financial and reputational damage.","managers":["octocat"],"ends_at":"2024-03-14T00:00:00Z","code_scanning_alerts":[{"repository_id":1296269,"alert_numbers":[1,2]}]}'Response
Status: 200{
"number": 3,
"created_at": "2024-02-14T12:29:18Z",
"updated_at": "2024-02-14T12:29:18Z",
"name": "Critical CodeQL alert",
"description": "Address critical alerts before they are exploited to prevent breaches, protect sensitive data, and mitigate financial and reputational damage.",
"managers": [
{
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
}
],
"published_at": "2024-02-14T12:29:18Z",
"ends_at": "2024-03-14T12:29:18Z",
"closed_at": null,
"state": "open",
"alert_stats": {
"open_count": 10,
"closed_count": 3,
"in_progress_count": 3
}
}Get a campaign for an organization
Gets a campaign for an organization.
The authenticated user must be an owner or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint.
Подробные маркеры доступа для "Get a campaign for an organization
Эта конечная точка работает со следующими точными типами маркеров:
- Маркеры доступа пользователей приложения GitHub
- Маркеры доступа к установке приложений GitHub
- Точные личные маркеры доступа
Маркер с точной детализацией должен иметь следующий набор разрешений.:
- "Campaigns" organization permissions (read)
Параметры для "Get a campaign for an organization"
| Имя., Тип, Description |
|---|
accept string Setting to |
| Имя., Тип, Description |
|---|
org string Обязательное полеThe organization name. The name is not case sensitive. |
campaign_number integer Обязательное полеThe campaign number. |
Коды состояния http-ответа для "Get a campaign for an organization"
| Код состояния | Описание |
|---|---|
200 | OK |
404 | Resource not found |
422 | Unprocessable Entity |
503 | Service unavailable |
Примеры кода для "Get a campaign for an organization"
Если вы обращаетесь к GitHub в GHE.com, замените api.github.com выделенный поддомен api.SUBDOMAIN.ghe.comпредприятия.
Пример запроса
curl -L \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/campaigns/CAMPAIGN_NUMBERResponse
Status: 200{
"number": 3,
"created_at": "2024-02-14T12:29:18Z",
"updated_at": "2024-02-14T12:29:18Z",
"name": "Critical CodeQL alert",
"description": "Address critical alerts before they are exploited to prevent breaches, protect sensitive data, and mitigate financial and reputational damage.",
"managers": [
{
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
}
],
"published_at": "2024-02-14T12:29:18Z",
"ends_at": "2024-03-14T12:29:18Z",
"closed_at": null,
"state": "open",
"alert_stats": {
"open_count": 10,
"closed_count": 3,
"in_progress_count": 3
}
}Update a campaign
Updates a campaign in an organization.
The authenticated user must be an owner or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint.
Подробные маркеры доступа для "Update a campaign
Эта конечная точка работает со следующими точными типами маркеров:
- Маркеры доступа пользователей приложения GitHub
- Маркеры доступа к установке приложений GitHub
- Точные личные маркеры доступа
Маркер с точной детализацией должен иметь следующий набор разрешений.:
- "Campaigns" organization permissions (write)
Параметры для "Update a campaign"
| Имя., Тип, Description |
|---|
accept string Setting to |
| Имя., Тип, Description |
|---|
org string Обязательное полеThe organization name. The name is not case sensitive. |
campaign_number integer Обязательное полеThe campaign number. |
| Имя., Тип, Description |
|---|
name string The name of the campaign |
description string A description for the campaign |
managers array of strings The logins of the users to set as the campaign managers. At this time, only a single manager can be supplied. |
team_managers array of strings The slugs of the teams to set as the campaign managers. |
ends_at string The end date and time of the campaign, in ISO 8601 format':' YYYY-MM-DDTHH:MM:SSZ. |
contact_link string or null The contact link of the campaign. Must be a URI. |
state string Indicates whether a campaign is open or closed Возможные значения: |
Коды состояния http-ответа для "Update a campaign"
| Код состояния | Описание |
|---|---|
200 | OK |
400 | Bad Request |
404 | Resource not found |
422 | Unprocessable Entity |
503 | Service unavailable |
Примеры кода для "Update a campaign"
Если вы обращаетесь к GitHub в GHE.com, замените api.github.com выделенный поддомен api.SUBDOMAIN.ghe.comпредприятия.
Пример запроса
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/campaigns/CAMPAIGN_NUMBER \
-d '{"name":"Critical CodeQL alerts"}'Response
Status: 200{
"number": 3,
"created_at": "2024-02-14T12:29:18Z",
"updated_at": "2024-02-14T12:29:18Z",
"name": "Critical CodeQL alert",
"description": "Address critical alerts before they are exploited to prevent breaches, protect sensitive data, and mitigate financial and reputational damage.",
"managers": [
{
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
}
],
"published_at": "2024-02-14T12:29:18Z",
"ends_at": "2024-03-14T12:29:18Z",
"closed_at": null,
"state": "open",
"alert_stats": {
"open_count": 10,
"closed_count": 3,
"in_progress_count": 3
}
}Delete a campaign for an organization
Deletes a campaign in an organization.
The authenticated user must be an owner or security manager for the organization to use this endpoint.
OAuth app tokens and personal access tokens (classic) need the security_events scope to use this endpoint.
Подробные маркеры доступа для "Delete a campaign for an organization
Эта конечная точка работает со следующими точными типами маркеров:
- Маркеры доступа пользователей приложения GitHub
- Маркеры доступа к установке приложений GitHub
- Точные личные маркеры доступа
Маркер с точной детализацией должен иметь следующий набор разрешений.:
- "Campaigns" organization permissions (write)
Параметры для "Delete a campaign for an organization"
| Имя., Тип, Description |
|---|
accept string Setting to |
| Имя., Тип, Description |
|---|
org string Обязательное полеThe organization name. The name is not case sensitive. |
campaign_number integer Обязательное полеThe campaign number. |
Коды состояния http-ответа для "Delete a campaign for an organization"
| Код состояния | Описание |
|---|---|
204 | Deletion successful |
404 | Resource not found |
503 | Service unavailable |
Примеры кода для "Delete a campaign for an organization"
Если вы обращаетесь к GitHub в GHE.com, замените api.github.com выделенный поддомен api.SUBDOMAIN.ghe.comпредприятия.
Пример запроса
curl -L \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/ORG/campaigns/CAMPAIGN_NUMBERDeletion successful
Status: 204