bauditor 0.2.2 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +11 -10
- data/lib/bauditor/cli.rb +54 -11
- data/lib/bauditor/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 23e3e4603c5a6fd00686c9b596b7af0b46707211
|
|
4
|
+
data.tar.gz: 6be47706752c0bba1660ae9b3c3957b80ba803b1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 51e9edee4c6e161823b40dfcbf8d166f9818241a45b8c276bc6a676641372fdeafa8f3977db1f7195c91e01720b886aff4f31ba45a91310177295d03bdc942a5
|
|
7
|
+
data.tar.gz: c775051681ad06fa7d19e4ae6d670e3beded4fd4c02bff69a12fcd2c7d776d5aa2ab5545ddeb748e2e0b1b3e8fec13369fe98ffc40865f94d3913592b451e739
|
data/README.md
CHANGED
|
@@ -4,11 +4,14 @@ Run [bundler-audit](https://github.com/rubysec/bundler-audit) on multiple reposi
|
|
|
4
4
|
|
|
5
5
|
If you manage many ruby applications it can be a hassle to keep them all up-to-date and audited. This gem can aid in running bundle-audit on many repositories at once. It will do the following:
|
|
6
6
|
|
|
7
|
-
* create a directory in `/tmp/bauditor`
|
|
7
|
+
* create a directory in `/tmp/bauditor` OR in the --repo_path
|
|
8
8
|
* fetch a list of repos with `git clone repo --branch master --single-branch`
|
|
9
|
+
* If a `Gemfile.lock` is not present it will run `bundle lock` in an attempt to generate a lockfile.
|
|
9
10
|
* run `bundle-audit` on the repositories `Gemfile.lock` and print the output
|
|
10
|
-
* Print a summary
|
|
11
|
-
* `rm -rf
|
|
11
|
+
* Print a summary report
|
|
12
|
+
* If the --no-persist option is passed it will `rm -rf #{repo_path}.`
|
|
13
|
+
|
|
14
|
+
By default it will persist the repositories after each run. This way it only has to go a `git pull origin master` if the repository has already been cloned.
|
|
12
15
|
|
|
13
16
|
## Installation
|
|
14
17
|
|
|
@@ -25,8 +28,11 @@ Usage:
|
|
|
25
28
|
bauditor audit
|
|
26
29
|
|
|
27
30
|
Options:
|
|
28
|
-
|
|
29
|
-
|
|
31
|
+
[--repo-path=REPO_PATH] # Path to directory where fetched repositories will be stored
|
|
32
|
+
[--persist], [--no-persist] # Persist repositories, or not.
|
|
33
|
+
# Default: true
|
|
34
|
+
r, [--repos=one two three] # Space seperate list of repositories
|
|
35
|
+
c, [--config=CONFIG] # Path to file containing repositories one per line.
|
|
30
36
|
|
|
31
37
|
run bundle-audit on multiple repositories
|
|
32
38
|
```
|
|
@@ -102,11 +108,6 @@ ____________________________________________
|
|
|
102
108
|
|
|
103
109
|
```
|
|
104
110
|
|
|
105
|
-
## TODO
|
|
106
|
-
|
|
107
|
-
* option to set the `repo_path` instead of just `/tmp/bauditor`
|
|
108
|
-
* option to persist the repositories between runs and just do a `git pull` to speed things up a lot
|
|
109
|
-
|
|
110
111
|
## Development
|
|
111
112
|
|
|
112
113
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
data/lib/bauditor/cli.rb
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
require 'thor'
|
|
2
2
|
require 'fileutils'
|
|
3
|
+
require 'pry'
|
|
3
4
|
|
|
4
5
|
module Bauditor
|
|
5
6
|
class CLI < ::Thor
|
|
@@ -7,10 +8,24 @@ module Bauditor
|
|
|
7
8
|
|
|
8
9
|
desc 'audit', 'run bundle-audit on multiple repositories'
|
|
9
10
|
|
|
10
|
-
method_option :
|
|
11
|
-
|
|
11
|
+
method_option :repo_path,
|
|
12
|
+
type: :string,
|
|
13
|
+
desc: 'Path to directory where fetched repositories will be stored'
|
|
14
|
+
method_option :persist,
|
|
15
|
+
type: :boolean,
|
|
16
|
+
desc: 'Persist repositories, or not.',
|
|
17
|
+
default: true
|
|
18
|
+
method_option :repos,
|
|
19
|
+
type: :array,
|
|
20
|
+
aliases: 'r',
|
|
21
|
+
desc: 'Space seperate list of repositories'
|
|
22
|
+
method_option :config,
|
|
23
|
+
type: :string,
|
|
24
|
+
aliases: 'c',
|
|
25
|
+
desc: 'Path to file containing repositories one per line.'
|
|
12
26
|
|
|
13
27
|
def audit
|
|
28
|
+
puts options
|
|
14
29
|
if options[:repos].nil? && options[:config].nil?
|
|
15
30
|
puts 'Please provide either a list of repos (--repos=one two)'
|
|
16
31
|
puts 'or a configuraiton file --config=repos.cfg'
|
|
@@ -54,21 +69,43 @@ module Bauditor
|
|
|
54
69
|
say "[BAUDITOR] fetching and auditing #{name}", :yellow
|
|
55
70
|
hr
|
|
56
71
|
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
72
|
+
if File.exist?(name)
|
|
73
|
+
Dir.chdir name
|
|
74
|
+
`git pull origin master`
|
|
75
|
+
|
|
76
|
+
unless $?.success?
|
|
77
|
+
say "[BAUDITOR] error pulling origin master from git repo #{name}", :red
|
|
78
|
+
next
|
|
79
|
+
end
|
|
80
|
+
else
|
|
81
|
+
`git clone #{repo} --branch master --single-branch #{name}`
|
|
62
82
|
|
|
63
|
-
|
|
83
|
+
unless $?.success?
|
|
84
|
+
say "[BAUDITOR] error fetching git repo #{name}", :red
|
|
85
|
+
next
|
|
86
|
+
end
|
|
87
|
+
Dir.chdir name
|
|
88
|
+
end
|
|
64
89
|
|
|
90
|
+
rm_lock = false
|
|
91
|
+
unless File.exist?('Gemfile.lock')
|
|
92
|
+
say "[BAUDITOR] running bundle lock for #{name}", :yellow
|
|
93
|
+
system 'bundle lock'
|
|
94
|
+
rm_lock = true
|
|
95
|
+
end
|
|
65
96
|
success = system 'bundle-audit'
|
|
66
97
|
|
|
98
|
+
FileUtils.rm('Gemfile.lock') if rm_lock
|
|
99
|
+
|
|
67
100
|
self.summary[name] = success
|
|
68
101
|
end
|
|
69
102
|
hr
|
|
70
103
|
end
|
|
71
104
|
|
|
105
|
+
def persist?
|
|
106
|
+
options['persist']
|
|
107
|
+
end
|
|
108
|
+
|
|
72
109
|
def repo_path
|
|
73
110
|
options.fetch(:repo_path, '/tmp/bauditor')
|
|
74
111
|
end
|
|
@@ -77,6 +114,7 @@ module Bauditor
|
|
|
77
114
|
say "---------------------------------------------------", :blue
|
|
78
115
|
end
|
|
79
116
|
|
|
117
|
+
|
|
80
118
|
def set_repos
|
|
81
119
|
self.repos = options.fetch(:repos, [])
|
|
82
120
|
|
|
@@ -93,9 +131,10 @@ module Bauditor
|
|
|
93
131
|
def setup_dirs
|
|
94
132
|
unless File.exist?(repo_path)
|
|
95
133
|
Dir.mkdir(repo_path)
|
|
96
|
-
Dir.mkdir(File.join(repo_path, '.bundle'))
|
|
97
134
|
@dir_created = true
|
|
98
135
|
end
|
|
136
|
+
bundle_path = File.join(repo_path, '.bundle')
|
|
137
|
+
Dir.mkdir(bundle_path) unless File.exist?(bundle_path)
|
|
99
138
|
end
|
|
100
139
|
|
|
101
140
|
def summary_report
|
|
@@ -127,8 +166,12 @@ module Bauditor
|
|
|
127
166
|
|
|
128
167
|
def teardown
|
|
129
168
|
Dir.chdir File.dirname(__FILE__)
|
|
130
|
-
return
|
|
131
|
-
|
|
169
|
+
return if persist?
|
|
170
|
+
if @dir_created
|
|
171
|
+
FileUtils.rm_rf repo_path
|
|
172
|
+
else
|
|
173
|
+
Pathname.new(repo_path).children.each { |p| p.rmtree }
|
|
174
|
+
end
|
|
132
175
|
end
|
|
133
176
|
|
|
134
177
|
def update_db
|
data/lib/bauditor/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bauditor
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Lukas Eklund
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-02-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: thor
|