bauditor 0.2.2 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +11 -10
- data/lib/bauditor/cli.rb +54 -11
- data/lib/bauditor/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 23e3e4603c5a6fd00686c9b596b7af0b46707211
|
|
4
|
+
data.tar.gz: 6be47706752c0bba1660ae9b3c3957b80ba803b1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 51e9edee4c6e161823b40dfcbf8d166f9818241a45b8c276bc6a676641372fdeafa8f3977db1f7195c91e01720b886aff4f31ba45a91310177295d03bdc942a5
|
|
7
|
+
data.tar.gz: c775051681ad06fa7d19e4ae6d670e3beded4fd4c02bff69a12fcd2c7d776d5aa2ab5545ddeb748e2e0b1b3e8fec13369fe98ffc40865f94d3913592b451e739
|
data/README.md
CHANGED
|
@@ -4,11 +4,14 @@ Run [bundler-audit](https://github.com/rubysec/bundler-audit) on multiple reposi
|
|
|
4
4
|
|
|
5
5
|
If you manage many ruby applications it can be a hassle to keep them all up-to-date and audited. This gem can aid in running bundle-audit on many repositories at once. It will do the following:
|
|
6
6
|
|
|
7
|
-
* create a directory in `/tmp/bauditor`
|
|
7
|
+
* create a directory in `/tmp/bauditor` OR in the --repo_path
|
|
8
8
|
* fetch a list of repos with `git clone repo --branch master --single-branch`
|
|
9
|
+
* If a `Gemfile.lock` is not present it will run `bundle lock` in an attempt to generate a lockfile.
|
|
9
10
|
* run `bundle-audit` on the repositories `Gemfile.lock` and print the output
|
|
10
|
-
* Print a summary
|
|
11
|
-
* `rm -rf
|
|
11
|
+
* Print a summary report
|
|
12
|
+
* If the --no-persist option is passed it will `rm -rf #{repo_path}.`
|
|
13
|
+
|
|
14
|
+
By default it will persist the repositories after each run. This way it only has to go a `git pull origin master` if the repository has already been cloned.
|
|
12
15
|
|
|
13
16
|
## Installation
|
|
14
17
|
|
|
@@ -25,8 +28,11 @@ Usage:
|
|
|
25
28
|
bauditor audit
|
|
26
29
|
|
|
27
30
|
Options:
|
|
28
|
-
|
|
29
|
-
|
|
31
|
+
[--repo-path=REPO_PATH] # Path to directory where fetched repositories will be stored
|
|
32
|
+
[--persist], [--no-persist] # Persist repositories, or not.
|
|
33
|
+
# Default: true
|
|
34
|
+
r, [--repos=one two three] # Space seperate list of repositories
|
|
35
|
+
c, [--config=CONFIG] # Path to file containing repositories one per line.
|
|
30
36
|
|
|
31
37
|
run bundle-audit on multiple repositories
|
|
32
38
|
```
|
|
@@ -102,11 +108,6 @@ ____________________________________________
|
|
|
102
108
|
|
|
103
109
|
```
|
|
104
110
|
|
|
105
|
-
## TODO
|
|
106
|
-
|
|
107
|
-
* option to set the `repo_path` instead of just `/tmp/bauditor`
|
|
108
|
-
* option to persist the repositories between runs and just do a `git pull` to speed things up a lot
|
|
109
|
-
|
|
110
111
|
## Development
|
|
111
112
|
|
|
112
113
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
data/lib/bauditor/cli.rb
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
require 'thor'
|
|
2
2
|
require 'fileutils'
|
|
3
|
+
require 'pry'
|
|
3
4
|
|
|
4
5
|
module Bauditor
|
|
5
6
|
class CLI < ::Thor
|
|
@@ -7,10 +8,24 @@ module Bauditor
|
|
|
7
8
|
|
|
8
9
|
desc 'audit', 'run bundle-audit on multiple repositories'
|
|
9
10
|
|
|
10
|
-
method_option :
|
|
11
|
-
|
|
11
|
+
method_option :repo_path,
|
|
12
|
+
type: :string,
|
|
13
|
+
desc: 'Path to directory where fetched repositories will be stored'
|
|
14
|
+
method_option :persist,
|
|
15
|
+
type: :boolean,
|
|
16
|
+
desc: 'Persist repositories, or not.',
|
|
17
|
+
default: true
|
|
18
|
+
method_option :repos,
|
|
19
|
+
type: :array,
|
|
20
|
+
aliases: 'r',
|
|
21
|
+
desc: 'Space seperate list of repositories'
|
|
22
|
+
method_option :config,
|
|
23
|
+
type: :string,
|
|
24
|
+
aliases: 'c',
|
|
25
|
+
desc: 'Path to file containing repositories one per line.'
|
|
12
26
|
|
|
13
27
|
def audit
|
|
28
|
+
puts options
|
|
14
29
|
if options[:repos].nil? && options[:config].nil?
|
|
15
30
|
puts 'Please provide either a list of repos (--repos=one two)'
|
|
16
31
|
puts 'or a configuraiton file --config=repos.cfg'
|
|
@@ -54,21 +69,43 @@ module Bauditor
|
|
|
54
69
|
say "[BAUDITOR] fetching and auditing #{name}", :yellow
|
|
55
70
|
hr
|
|
56
71
|
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
72
|
+
if File.exist?(name)
|
|
73
|
+
Dir.chdir name
|
|
74
|
+
`git pull origin master`
|
|
75
|
+
|
|
76
|
+
unless $?.success?
|
|
77
|
+
say "[BAUDITOR] error pulling origin master from git repo #{name}", :red
|
|
78
|
+
next
|
|
79
|
+
end
|
|
80
|
+
else
|
|
81
|
+
`git clone #{repo} --branch master --single-branch #{name}`
|
|
62
82
|
|
|
63
|
-
|
|
83
|
+
unless $?.success?
|
|
84
|
+
say "[BAUDITOR] error fetching git repo #{name}", :red
|
|
85
|
+
next
|
|
86
|
+
end
|
|
87
|
+
Dir.chdir name
|
|
88
|
+
end
|
|
64
89
|
|
|
90
|
+
rm_lock = false
|
|
91
|
+
unless File.exist?('Gemfile.lock')
|
|
92
|
+
say "[BAUDITOR] running bundle lock for #{name}", :yellow
|
|
93
|
+
system 'bundle lock'
|
|
94
|
+
rm_lock = true
|
|
95
|
+
end
|
|
65
96
|
success = system 'bundle-audit'
|
|
66
97
|
|
|
98
|
+
FileUtils.rm('Gemfile.lock') if rm_lock
|
|
99
|
+
|
|
67
100
|
self.summary[name] = success
|
|
68
101
|
end
|
|
69
102
|
hr
|
|
70
103
|
end
|
|
71
104
|
|
|
105
|
+
def persist?
|
|
106
|
+
options['persist']
|
|
107
|
+
end
|
|
108
|
+
|
|
72
109
|
def repo_path
|
|
73
110
|
options.fetch(:repo_path, '/tmp/bauditor')
|
|
74
111
|
end
|
|
@@ -77,6 +114,7 @@ module Bauditor
|
|
|
77
114
|
say "---------------------------------------------------", :blue
|
|
78
115
|
end
|
|
79
116
|
|
|
117
|
+
|
|
80
118
|
def set_repos
|
|
81
119
|
self.repos = options.fetch(:repos, [])
|
|
82
120
|
|
|
@@ -93,9 +131,10 @@ module Bauditor
|
|
|
93
131
|
def setup_dirs
|
|
94
132
|
unless File.exist?(repo_path)
|
|
95
133
|
Dir.mkdir(repo_path)
|
|
96
|
-
Dir.mkdir(File.join(repo_path, '.bundle'))
|
|
97
134
|
@dir_created = true
|
|
98
135
|
end
|
|
136
|
+
bundle_path = File.join(repo_path, '.bundle')
|
|
137
|
+
Dir.mkdir(bundle_path) unless File.exist?(bundle_path)
|
|
99
138
|
end
|
|
100
139
|
|
|
101
140
|
def summary_report
|
|
@@ -127,8 +166,12 @@ module Bauditor
|
|
|
127
166
|
|
|
128
167
|
def teardown
|
|
129
168
|
Dir.chdir File.dirname(__FILE__)
|
|
130
|
-
return
|
|
131
|
-
|
|
169
|
+
return if persist?
|
|
170
|
+
if @dir_created
|
|
171
|
+
FileUtils.rm_rf repo_path
|
|
172
|
+
else
|
|
173
|
+
Pathname.new(repo_path).children.each { |p| p.rmtree }
|
|
174
|
+
end
|
|
132
175
|
end
|
|
133
176
|
|
|
134
177
|
def update_db
|
data/lib/bauditor/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bauditor
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Lukas Eklund
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-02-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: thor
|