circleci-audit
This is a simple tool that helps audit CircleCI context environment variables need to be rotated in response to the January 4, 2023 security incident.
Secrets that need rotation are highlighted for easy identification.
Usage
$ npm install -g circleci-audit
$ circleci-audit COMMAND
running command...
$ circleci-audit (--version)
circleci-audit/1.2.1 linux-x64 node-v18.12.1
$ circleci-audit --help [COMMAND]
USAGE
$ circleci-audit COMMAND
...Commands
circleci-audit contexts
Audit CircleCI contexts for exposed secrets
USAGE
$ circleci-audit contexts -o <value> -t <value> [-o csv|table|json]
FLAGS
-o, --orgId=<value> (required) Your organization's ID. Find it on app.circleci.com, click
'Organization Settings'. It's a UUID.
-o, --outputFormat=(csv|table|json) [default: table]
-t, --token=<value> (required) A CircleCI API token. Generate one here:
https://app.circleci.com/settings/user/tokens.
DESCRIPTION
Audit CircleCI contexts for exposed secrets
EXAMPLES
$ circleci-audit contexts --token $CIRCLECI_TOKEN --orgId YOUR-ORG-UUID
See code: dist/commands/contexts/index.ts
circleci-audit help [COMMAND]
Display help for circleci-audit.
USAGE
$ circleci-audit help [COMMAND] [-n]
ARGUMENTS
COMMAND Command to show help for.
FLAGS
-n, --nested-commands Include all nested commands in the output.
DESCRIPTION
Display help for circleci-audit.
See code: @oclif/plugin-help