Tool: snyk-api-import
Snyk helps you find, fix, and monitor for known vulnerabilities in your dependencies, both on an ad hoc basis and as part of your Continuous Integration (CI) (build) system.

snyk-api-import

The Snyk API project importer, snyk-api-import, is a script intended to help import projects into Snyk using available Snyk APIs at a controlled pace to avoid rate limiting from GitHub, GitLab, Bitbucket, and other systems and to provide a stable import. The script kicks off import in batches, waits for completion, and then keeps going. Any failed requests are retried before they are considered a failure and logged.
If you need to adjust concurrency you can stop the script, change the concurrency variable, and start again. The tool skips previous repos (targets) that have been requested for import.
To use snyk-api-import you must do the following in advance:
  • Set up your Snyk organizations (Orgs) before running an import.
  • Configure your Snyk organizations with some connection to SCM (GitHub, GitLab, Bitbucket, other) as you will need the integrationId to generate the import files.
  • Disable notifications for emails and so on, to avoid receiving import notifications (recommended).
  • Disable the fix PRs and PR checks until import is complete to avoid sending extra requests to SCMs (GitHub, GitLab, Bitbucket and so on).

Installation

Snyk snyk-api-import CLI can be installed through multiple channels.

Standalone executables (macOS, Linux, Windows)

Use the GitHub Releases to download a standalone executable of snyk-api-import CLI for your platform.

More installation methods

Install with npm or Yarn

Usage

By default the import command will run if no command is specified.
  • import - kick off a an API powered import of repos (targets) into existing Snyk Orgs defined in the import configuration file. All support available for all project types is provided through the Import API (Import Projects, Import).
  • help - show help and all available commands and their options.
  • orgs:data util - use to generate data required to create Orgs using the API.
  • orgs:create util - use to create the Orgs in Snyk based on the data file generated with orgs:data command.
  • import:data util - use to generate data required to kick off an import. Note that archived repos are excluded by default.
  • list:imported util - use to generate data to help skip previously imported targets during import.
The logs can be explored using Bunyan CLI

Contents of the snyk-api-import instructions

FAQ

Error: ENFILE: file table overflow, open or Error: EMFILE, too many open files
ERROR: HttpError: request to https://github.private.com failed, reason: self signed certificate in certificate chain
Does this work with brokered integrations?
What is supported for the import command?