chelsea 0.0.11 → 0.0.12
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.circleci/config.yml +3 -0
- data/.gitignore +1 -0
- data/Gemfile.lock +5 -3
- data/bin/chelsea +1 -0
- data/chelsea.gemspec +2 -1
- data/lib/chelsea/bom.rb +11 -4
- data/lib/chelsea/cli.rb +26 -6
- data/lib/chelsea/config.rb +5 -3
- data/lib/chelsea/db.rb +9 -0
- data/lib/chelsea/deps.rb +10 -7
- data/lib/chelsea/formatters/text.rb +27 -3
- data/lib/chelsea/gems.rb +27 -26
- data/lib/chelsea/iq_client.rb +95 -9
- data/lib/chelsea/oss_index.rb +8 -3
- data/lib/chelsea/spinner.rb +21 -0
- data/lib/chelsea/version.rb +1 -1
- metadata +19 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 51aa180ab06d876ef21c119a2127745fb903c219c812e314cb526cc686b765fd
|
4
|
+
data.tar.gz: 279d57c44b27fefb84815357e31db7b0ff2cbdbb0a65ffcd8c1332dc8bacd60e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4839db5a475789889a93a0e0f7e3e9ef79800dbdfee4b04001e0054607fa85127ebec6eadbb23d8870b217437559cc2c756c764a0f4993eb62831619c71002f2
|
7
|
+
data.tar.gz: 8905197d67b7909227c64fb943425e1493287bf60568a78aa4a0124c0e05e7bb1433744defde88934608e6476c781669567bb84166c558a59f38e67c95def91b
|
data/.circleci/config.yml
CHANGED
data/.gitignore
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
chelsea (0.0.
|
4
|
+
chelsea (0.0.11)
|
5
5
|
bundler (>= 1.2.0, < 3)
|
6
6
|
ox (~> 2.13.2)
|
7
7
|
pastel (~> 0.7.2)
|
@@ -15,6 +15,7 @@ GEM
|
|
15
15
|
specs:
|
16
16
|
addressable (2.7.0)
|
17
17
|
public_suffix (>= 2.0.2, < 5.0)
|
18
|
+
byebug (11.1.2)
|
18
19
|
crack (0.4.3)
|
19
20
|
safe_yaml (~> 1.0.0)
|
20
21
|
diff-lcs (1.3)
|
@@ -33,7 +34,7 @@ GEM
|
|
33
34
|
equatable (~> 0.6)
|
34
35
|
tty-color (~> 0.5)
|
35
36
|
public_suffix (4.0.3)
|
36
|
-
rake (
|
37
|
+
rake (12.3.3)
|
37
38
|
rest-client (2.0.2)
|
38
39
|
http-cookie (>= 1.0.2, < 2.0)
|
39
40
|
mime-types (>= 1.16, < 4.0)
|
@@ -72,8 +73,9 @@ PLATFORMS
|
|
72
73
|
ruby
|
73
74
|
|
74
75
|
DEPENDENCIES
|
76
|
+
byebug (~> 11.1.2)
|
75
77
|
chelsea!
|
76
|
-
rake (~>
|
78
|
+
rake (~> 12.3)
|
77
79
|
rspec (~> 3.0)
|
78
80
|
rspec_junit_formatter (~> 0.4.1)
|
79
81
|
webmock (~> 3.8.3)
|
data/bin/chelsea
CHANGED
@@ -6,6 +6,7 @@ opts =
|
|
6
6
|
begin
|
7
7
|
Slop.parse do |o|
|
8
8
|
o.string '-f', '--file', 'Path to your Gemfile.lock'
|
9
|
+
o.bool '-x', '--clear', 'Clear OSS Index cache'
|
9
10
|
o.bool '-c', '--config', 'Set persistent config for OSS Index'
|
10
11
|
o.string '-u', '--user', 'Specify OSS Index Username'
|
11
12
|
o.string '-p', '--token', 'Specify OSS Index API Token'
|
data/chelsea.gemspec
CHANGED
@@ -43,8 +43,9 @@ Gem::Specification.new do |spec|
|
|
43
43
|
spec.add_dependency "bundler", ">= 1.2.0", "< 3"
|
44
44
|
spec.add_dependency "ox", "~> 2.13.2"
|
45
45
|
|
46
|
-
spec.add_development_dependency "rake", "~>
|
46
|
+
spec.add_development_dependency "rake", "~> 12.3"
|
47
47
|
spec.add_development_dependency "rspec", "~> 3.0"
|
48
48
|
spec.add_development_dependency "rspec_junit_formatter", "~> 0.4.1"
|
49
49
|
spec.add_development_dependency "webmock", "~> 3.8.3"
|
50
|
+
spec.add_development_dependency "byebug", "~> 11.1.2"
|
50
51
|
end
|
data/lib/chelsea/bom.rb
CHANGED
@@ -4,16 +4,23 @@ require 'securerandom'
|
|
4
4
|
require 'ox'
|
5
5
|
|
6
6
|
module Chelsea
|
7
|
-
# Class to
|
7
|
+
# Class to convert dependencies to SBOM xml
|
8
8
|
class Bom
|
9
|
-
attr_accessor :xml
|
10
9
|
def initialize(dependencies)
|
11
10
|
@dependencies = dependencies
|
12
|
-
|
11
|
+
end
|
12
|
+
|
13
|
+
def collect
|
14
|
+
xml
|
15
|
+
to_s
|
16
|
+
end
|
17
|
+
|
18
|
+
def xml
|
19
|
+
@xml ||= _get_xml
|
13
20
|
end
|
14
21
|
|
15
22
|
def to_s
|
16
|
-
Ox.dump(@xml)
|
23
|
+
Ox.dump(@xml)
|
17
24
|
end
|
18
25
|
|
19
26
|
def random_urn_uuid
|
data/lib/chelsea/cli.rb
CHANGED
@@ -21,9 +21,15 @@ module Chelsea
|
|
21
21
|
def process!
|
22
22
|
if @opts.config?
|
23
23
|
_set_config # move to init
|
24
|
-
elsif @opts.
|
25
|
-
|
26
|
-
|
24
|
+
elsif @opts.clear?
|
25
|
+
require_relative 'db'
|
26
|
+
Chelsea::DB.new().clear_cache
|
27
|
+
puts "OSS Index cache cleared"
|
28
|
+
elsif @opts.file? && @opts.iq?
|
29
|
+
dependencies = _process_file_iq
|
30
|
+
_submit_sbom(dependencies)
|
31
|
+
elsif @opts.file?
|
32
|
+
_process_file
|
27
33
|
elsif @opts.help? # quit on opts.help earlier
|
28
34
|
puts _cli_flags # this doesn't exist
|
29
35
|
end
|
@@ -44,8 +50,13 @@ module Chelsea
|
|
44
50
|
auth_token: @opts[:iqpass]
|
45
51
|
}
|
46
52
|
)
|
47
|
-
bom = Chelsea::Bom.new(gems.deps.dependencies)
|
48
|
-
|
53
|
+
bom = Chelsea::Bom.new(gems.deps.dependencies).collect
|
54
|
+
|
55
|
+
status_url = iq.post_sbom(bom)
|
56
|
+
|
57
|
+
return unless status_url
|
58
|
+
|
59
|
+
iq.poll_status(status_url)
|
49
60
|
end
|
50
61
|
|
51
62
|
def _process_file
|
@@ -54,7 +65,16 @@ module Chelsea
|
|
54
65
|
quiet: @opts[:quiet],
|
55
66
|
options: @opts
|
56
67
|
)
|
57
|
-
gems.execute
|
68
|
+
gems.execute ? (exit 1) : (exit 0)
|
69
|
+
end
|
70
|
+
|
71
|
+
def _process_file_iq
|
72
|
+
gems = Chelsea::Gems.new(
|
73
|
+
file: @opts[:file],
|
74
|
+
quiet: @opts[:quiet],
|
75
|
+
options: @opts
|
76
|
+
)
|
77
|
+
gems.collect_iq
|
58
78
|
gems
|
59
79
|
end
|
60
80
|
|
data/lib/chelsea/config.rb
CHANGED
@@ -12,11 +12,13 @@ module Chelsea
|
|
12
12
|
def self.config(options = {})
|
13
13
|
if !options[:user].nil? && !options[:token].nil?
|
14
14
|
Chelsea::OSSIndex.new(
|
15
|
-
|
16
|
-
|
15
|
+
options: {
|
16
|
+
oss_index_user_name: options[:user],
|
17
|
+
oss_index_user_token: options[:token]
|
18
|
+
}
|
17
19
|
)
|
18
20
|
else
|
19
|
-
Chelsea::OSSIndex.new(oss_index_config)
|
21
|
+
Chelsea::OSSIndex.new(options: oss_index_config)
|
20
22
|
end
|
21
23
|
end
|
22
24
|
|
data/lib/chelsea/db.rb
CHANGED
@@ -20,6 +20,15 @@ module Chelsea
|
|
20
20
|
end
|
21
21
|
end
|
22
22
|
|
23
|
+
# This method will delete all values in the pstore db
|
24
|
+
def clear_cache
|
25
|
+
@store.transaction do
|
26
|
+
@store.roots.each do |root|
|
27
|
+
@store.delete(root)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
23
32
|
def _get_db_store_location()
|
24
33
|
initial_path = File.join(Dir.home.to_s, '.ossindex')
|
25
34
|
Dir.mkdir(initial_path) unless File.exist? initial_path
|
data/lib/chelsea/deps.rb
CHANGED
@@ -5,9 +5,6 @@ require 'rubygems/commands/dependency_command'
|
|
5
5
|
require 'json'
|
6
6
|
require 'rest-client'
|
7
7
|
|
8
|
-
require_relative 'dependency_exception'
|
9
|
-
require_relative 'oss_index'
|
10
|
-
|
11
8
|
module Chelsea
|
12
9
|
class Deps
|
13
10
|
def initialize(path:, quiet: false)
|
@@ -38,11 +35,17 @@ module Chelsea
|
|
38
35
|
reverse = Gem::Commands::DependencyCommand.new
|
39
36
|
reverse.options[:reverse_dependencies] = true
|
40
37
|
# We want to filter the reverses dependencies by specs in lockfile
|
41
|
-
spec_names = @lockfile.specs.map { |i| i.to_s.split }.map
|
42
|
-
|
43
|
-
# Add filtering if version meets range
|
44
|
-
reverse_dep.select { |name, dep, req, _| spec_names.include?(name.split("-")[0]) }
|
38
|
+
spec_names = @lockfile.specs.map { |i| i.to_s.split }.map do |n, _v|
|
39
|
+
n.to_s
|
45
40
|
end
|
41
|
+
reverse
|
42
|
+
.reverse_dependencies(@lockfile.specs)
|
43
|
+
.to_h
|
44
|
+
.transform_values do |reverse_dep|
|
45
|
+
reverse_dep.select do |name, _dep, _req, _|
|
46
|
+
spec_names.include?(name.split('-')[0])
|
47
|
+
end
|
48
|
+
end
|
46
49
|
end
|
47
50
|
|
48
51
|
# Iterates over all dependencies and stores them
|
@@ -18,6 +18,8 @@ module Chelsea
|
|
18
18
|
|
19
19
|
i = 0
|
20
20
|
count = server_response.count()
|
21
|
+
server_response.sort! {|x| x['vulnerabilities'].count}
|
22
|
+
|
21
23
|
server_response.each do |r|
|
22
24
|
i += 1
|
23
25
|
package = r['coordinates']
|
@@ -29,8 +31,8 @@ module Chelsea
|
|
29
31
|
if vulnerable
|
30
32
|
response += @pastel.red("[#{i}/#{count}] - #{package} ") + @pastel.red.bold("Vulnerable.\n")
|
31
33
|
response += _get_reverse_deps(reverse_deps, name) if reverse_deps
|
32
|
-
r['vulnerabilities'].each do |k,
|
33
|
-
response += _format_vuln(
|
34
|
+
r['vulnerabilities'].each do |k, _|
|
35
|
+
response += _format_vuln(k)
|
34
36
|
end
|
35
37
|
else
|
36
38
|
if !@quiet
|
@@ -48,7 +50,29 @@ module Chelsea
|
|
48
50
|
end
|
49
51
|
|
50
52
|
def _format_vuln(vuln)
|
51
|
-
|
53
|
+
cvssScore = vuln['cvssScore']
|
54
|
+
vuln_response = "\n\tVulnerability Details:\n"
|
55
|
+
vuln_response += _color_based_on_cvss_score(cvssScore, "\n\tID: #{vuln['id']}\n")
|
56
|
+
vuln_response += _color_based_on_cvss_score(cvssScore, "\n\tTitle: #{vuln['title']}\n")
|
57
|
+
vuln_response += _color_based_on_cvss_score(cvssScore, "\n\tDescription: #{vuln['description']}\n")
|
58
|
+
vuln_response += _color_based_on_cvss_score(cvssScore, "\n\tCVSS Score: #{vuln['cvssScore']}\n")
|
59
|
+
vuln_response += _color_based_on_cvss_score(cvssScore, "\n\tCVSS Vector: #{vuln['cvssVector']}\n")
|
60
|
+
vuln_response += _color_based_on_cvss_score(cvssScore, "\n\tCVE: #{vuln['cve']}\n")
|
61
|
+
vuln_response += _color_based_on_cvss_score(cvssScore, "\n\tReference: #{vuln['reference']}\n\n")
|
62
|
+
vuln_response
|
63
|
+
end
|
64
|
+
|
65
|
+
def _color_based_on_cvss_score(cvssScore, text)
|
66
|
+
case cvssScore
|
67
|
+
when 0..3
|
68
|
+
@pastel.cyan.bold(text)
|
69
|
+
when 4..5
|
70
|
+
@pastel.yellow.bold(text)
|
71
|
+
when 6..7
|
72
|
+
@pastel.orange.bold(text)
|
73
|
+
else
|
74
|
+
@pastel.red.bold(text)
|
75
|
+
end
|
52
76
|
end
|
53
77
|
|
54
78
|
def _get_reverse_deps(coords, name)
|
data/lib/chelsea/gems.rb
CHANGED
@@ -1,6 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
require 'pastel'
|
3
|
-
require 'tty-spinner'
|
4
3
|
require 'bundler'
|
5
4
|
require 'bundler/lockfile_parser'
|
6
5
|
require 'rubygems'
|
@@ -10,21 +9,27 @@ require_relative 'version'
|
|
10
9
|
require_relative 'formatters/factory'
|
11
10
|
require_relative 'deps'
|
12
11
|
require_relative 'bom'
|
12
|
+
require_relative 'spinner'
|
13
13
|
|
14
14
|
module Chelsea
|
15
|
+
# Class to collect and audit packages from a Gemfile.lock
|
15
16
|
class Gems
|
16
17
|
attr_accessor :deps
|
17
|
-
def initialize(file:, quiet: false, options: {'format': 'text'})
|
18
|
+
def initialize(file:, quiet: false, options: { 'format': 'text' })
|
18
19
|
@quiet = quiet
|
19
20
|
unless File.file?(file) || file.nil?
|
20
21
|
raise 'Gemfile.lock not found, check --file path'
|
21
22
|
end
|
23
|
+
|
22
24
|
_silence_stderr if @quiet
|
23
25
|
|
24
26
|
@pastel = Pastel.new
|
25
|
-
@formatter = FormatterFactory.new.get_formatter(
|
27
|
+
@formatter = FormatterFactory.new.get_formatter(
|
28
|
+
format: options[:format],
|
29
|
+
quiet: @quiet)
|
26
30
|
@client = Chelsea.client(options)
|
27
31
|
@deps = Chelsea::Deps.new(path: Pathname.new(file))
|
32
|
+
@spinner = Chelsea::Spinner.new
|
28
33
|
end
|
29
34
|
|
30
35
|
# Audits depenencies using deps library and prints results
|
@@ -42,6 +47,13 @@ module Chelsea
|
|
42
47
|
end
|
43
48
|
results = @formatter.get_results(server_response, reverse_dependencies)
|
44
49
|
@formatter.do_print(results)
|
50
|
+
|
51
|
+
server_response.map { |r| r['vulnerabilities'].length.positive? }.any?
|
52
|
+
end
|
53
|
+
|
54
|
+
def collect_iq
|
55
|
+
dependencies = @deps.dependencies
|
56
|
+
dependencies
|
45
57
|
end
|
46
58
|
|
47
59
|
# Runs through auditing algorithm, raising exceptions
|
@@ -50,40 +62,40 @@ module Chelsea
|
|
50
62
|
# This spinner management is out of control
|
51
63
|
# we should wrap a block with start and stop messages,
|
52
64
|
# or use a stack to ensure all spinners stop.
|
53
|
-
|
65
|
+
spin = @spinner.spin_msg 'Parsing dependencies'
|
54
66
|
|
55
67
|
begin
|
56
68
|
dependencies = @deps.dependencies
|
57
|
-
|
69
|
+
spin.success('...done.')
|
58
70
|
rescue StandardError => e
|
59
|
-
|
71
|
+
spin.stop
|
60
72
|
_print_err "Parsing dependency line #{gem} failed."
|
61
73
|
end
|
62
74
|
|
63
75
|
reverse_dependencies = @deps.reverse_dependencies
|
64
76
|
|
65
|
-
|
77
|
+
spin = @spinner.spin_msg 'Parsing Versions'
|
66
78
|
coordinates = @deps.coordinates
|
67
|
-
|
68
|
-
|
79
|
+
spin.success('...done.')
|
80
|
+
spin = @spinner.spin_msg 'Making request to OSS Index server'
|
69
81
|
|
70
82
|
begin
|
71
83
|
server_response = @client.get_vulns(coordinates)
|
72
|
-
|
84
|
+
spin.success('...done.')
|
73
85
|
rescue SocketError => e
|
74
|
-
|
86
|
+
spin.stop('...request failed.')
|
75
87
|
_print_err 'Socket error getting data from OSS Index server.'
|
76
88
|
rescue RestClient::RequestFailed => e
|
77
|
-
|
89
|
+
spin.stop('...request failed.')
|
78
90
|
_print_err "Error getting data from OSS Index server:#{e.response}."
|
79
91
|
rescue RestClient::ResourceNotFound => e
|
80
|
-
|
92
|
+
spin.stop('...request failed.')
|
81
93
|
_print_err 'Error getting data from OSS Index server. Resource not found.'
|
82
94
|
rescue Errno::ECONNREFUSED => e
|
83
|
-
|
95
|
+
spin.stop('...request failed.')
|
84
96
|
_print_err 'Error getting data from OSS Index server. Connection refused.'
|
85
97
|
rescue StandardError => e
|
86
|
-
|
98
|
+
spin.stop('...request failed.')
|
87
99
|
_print_err 'UNKNOWN Error getting data from OSS Index server.'
|
88
100
|
end
|
89
101
|
[server_response, dependencies, reverse_dependencies]
|
@@ -95,17 +107,6 @@ module Chelsea
|
|
95
107
|
$stderr.reopen('/dev/null', 'w')
|
96
108
|
end
|
97
109
|
|
98
|
-
def _spin_msg(msg)
|
99
|
-
format = "[#{@pastel.green(':spinner')}] " + @pastel.white(msg)
|
100
|
-
spinner = TTY::Spinner.new(
|
101
|
-
format,
|
102
|
-
success_mark: @pastel.green('+'),
|
103
|
-
hide_cursor: true
|
104
|
-
)
|
105
|
-
spinner.auto_spin
|
106
|
-
spinner
|
107
|
-
end
|
108
|
-
|
109
110
|
def _print_err(s)
|
110
111
|
puts @pastel.red.bold(s)
|
111
112
|
end
|
data/lib/chelsea/iq_client.rb
CHANGED
@@ -1,8 +1,12 @@
|
|
1
1
|
require 'rest-client'
|
2
2
|
require 'json'
|
3
|
+
require 'pastel'
|
4
|
+
|
5
|
+
require_relative 'spinner'
|
3
6
|
|
4
7
|
module Chelsea
|
5
8
|
class IQClient
|
9
|
+
|
6
10
|
DEFAULT_OPTIONS = {
|
7
11
|
public_application_id: 'testapp',
|
8
12
|
server_url: 'http://localhost:8070',
|
@@ -12,17 +16,26 @@ module Chelsea
|
|
12
16
|
}
|
13
17
|
def initialize(options: DEFAULT_OPTIONS)
|
14
18
|
@options = options
|
19
|
+
@pastel = Pastel.new
|
20
|
+
@spinner = Chelsea::Spinner.new
|
15
21
|
end
|
16
22
|
|
17
|
-
def
|
18
|
-
|
23
|
+
def post_sbom(sbom)
|
24
|
+
spin = @spinner.spin_msg "Submitting sbom to Nexus IQ Server"
|
25
|
+
@internal_application_id = _get_internal_application_id
|
19
26
|
resource = RestClient::Resource.new(
|
20
27
|
_api_url,
|
21
28
|
user: @options[:username],
|
22
29
|
password: @options[:auth_token]
|
23
30
|
)
|
24
|
-
|
25
|
-
|
31
|
+
res = resource.post sbom.to_s, _headers.merge(content_type: 'application/xml')
|
32
|
+
unless res.code != 202
|
33
|
+
spin.success("...done.")
|
34
|
+
status_url(res)
|
35
|
+
else
|
36
|
+
spin.stop('...request failed.')
|
37
|
+
nil
|
38
|
+
end
|
26
39
|
end
|
27
40
|
|
28
41
|
def status_url(res)
|
@@ -30,16 +43,89 @@ module Chelsea
|
|
30
43
|
res['statusUrl']
|
31
44
|
end
|
32
45
|
|
46
|
+
def poll_status(url)
|
47
|
+
spin = @spinner.spin_msg "Polling Nexus IQ Server for results"
|
48
|
+
loop do
|
49
|
+
begin
|
50
|
+
res = _poll_iq_server(url)
|
51
|
+
if res.code == 200
|
52
|
+
spin.success("...done.")
|
53
|
+
_handle_response(res)
|
54
|
+
break
|
55
|
+
end
|
56
|
+
rescue
|
57
|
+
sleep(1)
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
33
62
|
private
|
34
63
|
|
64
|
+
def _handle_response(res)
|
65
|
+
res = JSON.parse(res.body)
|
66
|
+
unless res['policyAction'] == 'Failure'
|
67
|
+
puts @pastel.white.bold("Hi! Chelsea here, no policy violations for this audit!")
|
68
|
+
puts @pastel.white.bold("Report URL: #{res['reportHtmlUrl']}")
|
69
|
+
exit 0
|
70
|
+
else
|
71
|
+
puts @pastel.red.bold("Hi! Chelsea here, you have some policy violations to clean up!")
|
72
|
+
puts @pastel.red.bold("Report URL: #{res['reportHtmlUrl']}")
|
73
|
+
exit 1
|
74
|
+
end
|
75
|
+
end
|
76
|
+
|
77
|
+
def _poll_iq_server(status_url)
|
78
|
+
resource = RestClient::Resource.new(
|
79
|
+
"#{@options[:server_url]}/#{status_url}",
|
80
|
+
user: @options[:username],
|
81
|
+
password: @options[:auth_token]
|
82
|
+
)
|
83
|
+
|
84
|
+
resource.get _headers
|
85
|
+
end
|
86
|
+
|
87
|
+
def status(status_url)
|
88
|
+
resource = RestClient::Resource.new(
|
89
|
+
"#{@options[:server_url]}/#{status_url}",
|
90
|
+
user: @options[:username],
|
91
|
+
password: @options[:auth_token]
|
92
|
+
)
|
93
|
+
resource.get _headers
|
94
|
+
end
|
95
|
+
|
96
|
+
def _status_url(res)
|
97
|
+
res = JSON.parse(res.body)
|
98
|
+
res['statusUrl']
|
99
|
+
end
|
100
|
+
|
101
|
+
private
|
102
|
+
|
103
|
+
def _poll_status
|
104
|
+
return unless @status_url
|
105
|
+
|
106
|
+
loop do
|
107
|
+
begin
|
108
|
+
res = check_status(@status_url)
|
109
|
+
if res.code == 200
|
110
|
+
puts JSON.parse(res.body)
|
111
|
+
break
|
112
|
+
end
|
113
|
+
rescue RestClient::ResourceNotFound => _e
|
114
|
+
print '.'
|
115
|
+
sleep(1)
|
116
|
+
end
|
117
|
+
end
|
118
|
+
end
|
119
|
+
|
35
120
|
def _get_internal_application_id
|
36
121
|
resource = RestClient::Resource.new(
|
37
122
|
_internal_application_id_api_url,
|
38
|
-
user: @username,
|
39
|
-
password: @auth_token
|
123
|
+
user: @options[:username],
|
124
|
+
password: @options[:auth_token]
|
40
125
|
)
|
41
|
-
res =
|
42
|
-
res
|
126
|
+
res = resource.get _headers
|
127
|
+
body = JSON.parse(res)
|
128
|
+
body['applications'][0]['id']
|
43
129
|
end
|
44
130
|
|
45
131
|
def _headers
|
@@ -47,7 +133,7 @@ module Chelsea
|
|
47
133
|
end
|
48
134
|
|
49
135
|
def _api_url
|
50
|
-
"#{@options[:server_url]}/api/v2/scan/applications/#{
|
136
|
+
"#{@options[:server_url]}/api/v2/scan/applications/#{@internal_application_id}/sources/chelsea"
|
51
137
|
end
|
52
138
|
|
53
139
|
def _internal_application_id_api_url
|
data/lib/chelsea/oss_index.rb
CHANGED
@@ -6,9 +6,13 @@ require_relative 'db'
|
|
6
6
|
|
7
7
|
module Chelsea
|
8
8
|
class OSSIndex
|
9
|
-
|
10
|
-
|
11
|
-
|
9
|
+
DEFAULT_OPTIONS = {
|
10
|
+
oss_index_username: '',
|
11
|
+
oss_index_user_token: ''
|
12
|
+
}
|
13
|
+
def initialize(options: DEFAULT_OPTIONS)
|
14
|
+
@oss_index_user_name = options[:oss_index_user_name]
|
15
|
+
@oss_index_user_token = options[:oss_index_user_token]
|
12
16
|
@db = DB.new
|
13
17
|
end
|
14
18
|
|
@@ -26,6 +30,7 @@ module Chelsea
|
|
26
30
|
cached_server_response = cached_server_response.concat(res_json)
|
27
31
|
@db.save_values_to_db(res_json)
|
28
32
|
end
|
33
|
+
|
29
34
|
cached_server_response
|
30
35
|
end
|
31
36
|
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'tty-spinner'
|
2
|
+
require 'pastel'
|
3
|
+
|
4
|
+
module Chelsea
|
5
|
+
class Spinner
|
6
|
+
def initialize()
|
7
|
+
@pastel = Pastel.new
|
8
|
+
end
|
9
|
+
|
10
|
+
def spin_msg(msg)
|
11
|
+
format = "[#{@pastel.green(':spinner')}] " + @pastel.white(msg)
|
12
|
+
spinner = TTY::Spinner.new(
|
13
|
+
format,
|
14
|
+
success_mark: @pastel.green('+'),
|
15
|
+
hide_cursor: true
|
16
|
+
)
|
17
|
+
spinner.auto_spin
|
18
|
+
spinner
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
data/lib/chelsea/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: chelsea
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.12
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Allister Beharry
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-04-
|
11
|
+
date: 2020-04-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: tty-font
|
@@ -120,14 +120,14 @@ dependencies:
|
|
120
120
|
requirements:
|
121
121
|
- - "~>"
|
122
122
|
- !ruby/object:Gem::Version
|
123
|
-
version: '
|
123
|
+
version: '12.3'
|
124
124
|
type: :development
|
125
125
|
prerelease: false
|
126
126
|
version_requirements: !ruby/object:Gem::Requirement
|
127
127
|
requirements:
|
128
128
|
- - "~>"
|
129
129
|
- !ruby/object:Gem::Version
|
130
|
-
version: '
|
130
|
+
version: '12.3'
|
131
131
|
- !ruby/object:Gem::Dependency
|
132
132
|
name: rspec
|
133
133
|
requirement: !ruby/object:Gem::Requirement
|
@@ -170,6 +170,20 @@ dependencies:
|
|
170
170
|
- - "~>"
|
171
171
|
- !ruby/object:Gem::Version
|
172
172
|
version: 3.8.3
|
173
|
+
- !ruby/object:Gem::Dependency
|
174
|
+
name: byebug
|
175
|
+
requirement: !ruby/object:Gem::Requirement
|
176
|
+
requirements:
|
177
|
+
- - "~>"
|
178
|
+
- !ruby/object:Gem::Version
|
179
|
+
version: 11.1.2
|
180
|
+
type: :development
|
181
|
+
prerelease: false
|
182
|
+
version_requirements: !ruby/object:Gem::Requirement
|
183
|
+
requirements:
|
184
|
+
- - "~>"
|
185
|
+
- !ruby/object:Gem::Version
|
186
|
+
version: 11.1.2
|
173
187
|
description:
|
174
188
|
email:
|
175
189
|
- allister.beharry@gmail.com
|
@@ -217,6 +231,7 @@ files:
|
|
217
231
|
- lib/chelsea/gems.rb
|
218
232
|
- lib/chelsea/iq_client.rb
|
219
233
|
- lib/chelsea/oss_index.rb
|
234
|
+
- lib/chelsea/spinner.rb
|
220
235
|
- lib/chelsea/version.rb
|
221
236
|
homepage: https://github.com/sonatype-nexus-community/chelsea
|
222
237
|
licenses:
|