Skip to content

Commit 80c3c95

Browse files
homeleshomeles
authored
Merge pull request #522 from github/homeles-repo-query
Adding query for repository audit report
2 parents a185f02 + dc2da51 commit 80c3c95

File tree

2 files changed

+178
-0
lines changed

2 files changed

+178
-0
lines changed

sql/README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@ The `audit` folder has queries that are all around auditing credentials, webhook
1515
- `hooks-repos.sql` - A report of all repository webhooks used in the past week, who owns it, and where the webhook goes. This is limited to a week based on the length of time these are kept in the `hookshot_delivery_logs` table.
1616
- `hooks-users.sql` - Same report as above, but for user-owned webhooks.
1717
- `oauth-apps.sql` - A report of all OAuth apps, who owns it, where it goes, and when it was last used.
18+
- `repos-audit.sql` - A report of all repositories including the commit count, PR count, Disk size, last push, and more.
1819
- `user-emails.sql` - A report of all emails that don't match a list of approved domains you define in the `WHERE` clause. This query should be deprecated by [this issue](https://github.com/github/roadmap/issues/204).
1920
- `user-ssh-keys.sql` - A report of all user SSH keys, when it was last used, when it was set up, and how long the key is.
2021

sql/audit/repos-audit.sql

Lines changed: 177 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,177 @@
1+
/*
2+
* This pulls a list of all repositories in GHES with details on
3+
* commit count, PR count, Issue count, Disk usage, Repo admins, Org owners, LFS usage, etc.
4+
* Please include the LIMIT clause at the bottom if you are concern of the number of results.
5+
*/
6+
SELECT repo.id as "Repo Id",
7+
repo.owner_login as "Org Name",
8+
repo.name as "Repository",
9+
IFNULL(repo.active, 0) as "is active",
10+
IFNULL(commits.commit_count, 0) as "Commit Count",
11+
IFNULL(pr.count, 0) as "PR Count",
12+
IFNULL(prr.count, 0) as "PR Review Count",
13+
IFNULL(issue.count, 0) as "Issue Count",
14+
IFNULL(pb.branch_count, 0) as "Protected Branch Count",
15+
IFNULL(pb.branch_names, '') as "Protected Branch Names",
16+
repo.public as "is public",
17+
IFNULL(internal.internal, 0) as "is internal",
18+
repo.public_fork_count as "Fork Child Count",
19+
IFNULL(repo2.is_fork, 0) as "is Fork",
20+
IFNULL(CONCAT(repo2.owner_login, "/", repo2.name), '') as "Fork Parent",
21+
CAST(repo.disk_usage / 1024 AS DECIMAL (10, 3)) as "Disk Usage (MB)",
22+
CAST(
23+
IFNULL(lfs_repo.lfs_size, 0) / 1024 / 1024 / 1024 AS DECIMAL (10, 2)
24+
) as "LFS Usage (GB)",
25+
IFNULL(lfs_repo.last_lfs_push, '') as "Last LFS Push",
26+
IFNULL(language.name, "none") as "Language",
27+
IFNULL(releases.count, 0) as "Release Count",
28+
CAST(
29+
IFNULL(release_size.release_asset_disk_size, 0) / 1024 / 1024 / 1024 AS DECIMAL (10, 2)
30+
) as "Releases Usage (GB)",
31+
IFNULL(projects.count, 0) as "Projects Count",
32+
IFNULL(hooks.count, 0) as "Hooks Count",
33+
IFNULL(admins.login, '') as "Repo Admins",
34+
IFNULL(team_admin.team_admins, '') as "Team Admins",
35+
IFNULL(org_admin.org_owners, '') as "Org Admins",
36+
repo.locked as "is Locked",
37+
repo.created_at as "Created at",
38+
repo.updated_at as "Updated at",
39+
repo.pushed_at as "Last Code Push",
40+
owner.type as "Org Type",
41+
repo.owner_id as "User/Owner Id",
42+
owner.created_at as "User/Owner Created",
43+
owner.updated_at as "User/Owner Updated",
44+
IFNULL(owner.suspended_at, '') as "User/Owner Suspended"
45+
FROM repositories repo
46+
LEFT JOIN users owner ON owner.id = repo.owner_id
47+
LEFT JOIN language_names language ON repo.primary_language_name_id = language.id
48+
LEFT JOIN (
49+
SELECT COUNT(id) as count,
50+
repository_id
51+
FROM pull_requests
52+
GROUP BY repository_id
53+
) pr on pr.repository_id = repo.id
54+
LEFT JOIN (
55+
SELECT COUNT(id) as count,
56+
repository_id
57+
FROM pull_request_reviews
58+
GROUP BY repository_id
59+
) prr on prr.repository_id = repo.id
60+
LEFT JOIN (
61+
SELECT COUNT(id) as count,
62+
repository_id
63+
FROM issues
64+
WHERE has_pull_request = 0
65+
GROUP BY repository_id
66+
) issue on issue.repository_id = repo.id
67+
LEFT JOIN (
68+
SELECT 1 as "internal",
69+
repository_id
70+
FROM internal_repositories
71+
) internal on internal.repository_id = repo.id
72+
LEFT JOIN (
73+
SELECT SUM(commit_count) as "commit_count",
74+
repository_id
75+
FROM commit_contributions
76+
GROUP BY repository_id
77+
) commits on commits.repository_id = repo.id
78+
LEFT JOIN (
79+
SELECT COUNT(id) as branch_count,
80+
repository_id,
81+
GROUP_CONCAT(name SEPARATOR ';') as branch_names
82+
FROM protected_branches
83+
GROUP BY repository_id
84+
) pb on pb.repository_id = repo.id
85+
LEFT JOIN (
86+
SELECT 1 as is_fork,
87+
id,
88+
name,
89+
parent_id,
90+
owner_login
91+
FROM repositories
92+
) repo2 on repo2.id = repo.parent_id
93+
LEFT JOIN (
94+
SELECT COUNT(id) as count,
95+
repository_id
96+
FROM releases
97+
GROUP BY repository_id
98+
) releases on releases.repository_id = repo.id
99+
LEFT JOIN (
100+
SELECT count(id) as count,
101+
owner_id
102+
FROM projects
103+
WHERE owner_type = "Repository"
104+
GROUP BY owner_id
105+
) projects on projects.owner_id = repo.id
106+
LEFT JOIN (
107+
SELECT count(id) as count,
108+
installation_target_id
109+
FROM hooks
110+
WHERE installation_target_type = "Repository"
111+
GROUP BY installation_target_id
112+
) hooks on hooks.installation_target_id = repo.id
113+
LEFT JOIN (
114+
SELECT a.subject_id,
115+
GROUP_CONCAT(uu.login SEPARATOR ';') as login
116+
FROM abilities a
117+
LEFT JOIN (
118+
SELECT u.id,
119+
u.login
120+
FROM users u
121+
) uu ON uu.id = a.actor_id
122+
WHERE a.subject_type = "Repository"
123+
AND a.actor_type = "User"
124+
AND a.action = 2
125+
GROUP BY a.subject_id
126+
) admins on admins.subject_id = repo.id
127+
LEFT JOIN (
128+
SELECT a.subject_id as sub_repo_id,
129+
GROUP_CONCAT(members.team_admins) as team_admins
130+
FROM abilities a
131+
LEFT JOIN (
132+
SELECT team.subject_id,
133+
GROUP_CONCAT(uu.login SEPARATOR ';') as team_admins
134+
FROM abilities team
135+
LEFT JOIN (
136+
SELECT id,
137+
login
138+
FROM users
139+
) uu ON uu.id = team.actor_id
140+
WHERE team.subject_type = "Team"
141+
AND team.actor_type = "User"
142+
GROUP BY team.subject_id
143+
) members ON members.subject_id = a.actor_id
144+
WHERE a.subject_type = "Repository"
145+
AND a.actor_type = "Team"
146+
AND a.action = 2
147+
GROUP BY a.subject_id
148+
) team_admin on team_admin.sub_repo_id = repo.id
149+
LEFT JOIN (
150+
SELECT a.subject_id,
151+
GROUP_CONCAT(uu.login SEPARATOR ';') as org_owners
152+
FROM abilities a
153+
LEFT JOIN (
154+
SELECT id,
155+
login
156+
FROM users
157+
) uu ON uu.id = a.actor_id
158+
WHERE a.subject_type = "Organization"
159+
AND a.action = 2
160+
GROUP BY a.subject_id
161+
) org_admin ON org_admin.subject_id = repo.owner_id
162+
LEFT JOIN (
163+
SELECT originating_repository_id,
164+
SUM(size) as lfs_size,
165+
MAX(created_at) as last_lfs_push
166+
FROM media_blobs
167+
GROUP BY originating_repository_id
168+
) as lfs_repo on lfs_repo.originating_repository_id = repo.id
169+
LEFT JOIN (
170+
SELECT repository_id,
171+
SUM(size) as release_asset_disk_size
172+
FROM release_assets
173+
GROUP BY repository_id
174+
) release_size on release_size.repository_id = repo.id
175+
ORDER BY repo.owner_login,
176+
repo.name
177+
-- LIMIT 100

0 commit comments

Comments
 (0)