Creating and using the Import files
How to use the generated import file with the snyk-api-import tool

How it works

When the snyk-contributors-count tool connects both to your Snyk account and your SCM account, it finds out which repos/projects are monitored by Snyk and which are not.
By applying the two related flags to the command, the tool generates an import file, populated with the unmonitored repo data, to be used with the snyk-api-import tool to import the missing repos to your Snyk account.
  • If the Snyk token was exported and the related Snyk account has an integration set for the specific SCM that is being scanned by the tool, the tool will try to find and match the OrgID and IntegrationID from Snyk as needed by the snyk-api-import tool and auto-add it to the import file.
  • If a Snyk token was not exported or the user has no Snyk account as of yet, this feature can be used to map all repos in the SCM and create the import file to be later used by the snyk-api-import tool. In this case or in a case that the tool can not find an OrgID or IntegrationID, it prompts the user to supply these IDs (once) and auto-adds them to the import file.

The Flags

importConfDir - This flag both indicates that a query for unmonitored repos should be made and expects a path to a folder (with write privileges) to create the json import files in. For example :
snyk-scm-contributors-count <command> --token TOKEN -- importConfDir /snyk/import/
By default, the above command populates the json import files with all type of unmonitored repos found when scanning the SCM. The importFileRepoType flag can be set with the values of "all", "private" or "public" (case insensitive) to fill the import file with only the given repos type data. For example:
snyk-scm-contributors-count <command> --token TOKEN -- importConfDir /snyk/import/ --importFileRepoType 'private'
The import file requires an OrgID and IntegrationID from the user in order to import them to the right organization and integration at Snyk.
The tool will try and find these two values from Snyk (provided that a SNYK_TOKEN was exported and that the org mapping at Snyk is mirrored to that of the SCM) and if the we can not find those values, the user will be prompted to supply them in the command line.
Once the user has stated the values for OrgID and IntegrationID once, these values will be set for ALL the entries in the import file (meaning that all the imported repos will get under the same org in Snyk).

Using the Snyk API import tool

The snyk-api-import tool helps users moderately import new repos in their Snyk account in a secure and robust way.
This tool requires a json file with the repos data to be imported, this file can be auto-generated by the snyk-contributors-count tool as described above.

More information

Get familiar with the snyk-api-import tool with these links:
Last modified 28d ago