chelsea 0.0.26 → 0.0.27
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.circleci/config.yml +3 -1
- data/Gemfile.lock +5 -5
- data/README.md +7 -1
- data/chelsea.gemspec +0 -1
- data/lib/chelsea/cli.rb +25 -2
- data/lib/chelsea/iq_client.rb +43 -13
- data/lib/chelsea/spinner.rb +1 -1
- data/lib/chelsea/version.rb +1 -1
- metadata +2 -16
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0f179d743f4810498f2e0edbe787038e2caed8e43af7279c39bf309860a568ae
|
4
|
+
data.tar.gz: b20643fbaa0bbc56073a53575b4d3d5ba2d1b4f5b8b1e996dcdc373e2a2bd997
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b44c830f8e38ba6693babade3cb1da853baf545a6839aa79bea41a5821712cf055737e8af349c1c9aa9653bb09c5faa1cad0660ec3806f0add68418dadd36f54
|
7
|
+
data.tar.gz: ec6ebcd7e0ac9fb7ebb30349c824187cfc06390fabd40a76a39c4c622a6801c513c5446f89dc3422f703e15cab214a3b1fb72ff7acd4f7ef6e249a27c8331b6e
|
data/.circleci/config.yml
CHANGED
@@ -35,7 +35,9 @@ jobs:
|
|
35
35
|
- chelsea-bundle-v2-
|
36
36
|
- run:
|
37
37
|
name: Bundle Install
|
38
|
-
command:
|
38
|
+
command: |
|
39
|
+
bundle config set --local path 'vendor/bundle'
|
40
|
+
bundle check || bundle install
|
39
41
|
- save_cache:
|
40
42
|
key: chelsea-bundle-v2-{{ checksum "Gemfile.lock" }}
|
41
43
|
paths:
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
chelsea (0.0.
|
4
|
+
chelsea (0.0.26)
|
5
5
|
bundler (>= 1.2.0, < 3)
|
6
6
|
ox (~> 2.13.2)
|
7
7
|
pastel (~> 0.7.2)
|
@@ -31,7 +31,7 @@ GEM
|
|
31
31
|
mime-types-data (3.2020.0512)
|
32
32
|
necromancer (0.6.0)
|
33
33
|
netrc (0.11.0)
|
34
|
-
ox (2.13.
|
34
|
+
ox (2.13.4)
|
35
35
|
pastel (0.7.4)
|
36
36
|
equatable (~> 0.6)
|
37
37
|
tty-color (~> 0.5)
|
@@ -57,16 +57,16 @@ GEM
|
|
57
57
|
rspec_junit_formatter (0.4.1)
|
58
58
|
rspec-core (>= 2, < 4, != 2.12.0)
|
59
59
|
safe_yaml (1.0.5)
|
60
|
-
slop (4.8.
|
60
|
+
slop (4.8.2)
|
61
61
|
strings (0.1.8)
|
62
62
|
strings-ansi (~> 0.1)
|
63
63
|
unicode-display_width (~> 1.5)
|
64
64
|
unicode_utils (~> 1.4)
|
65
65
|
strings-ansi (0.2.0)
|
66
|
-
tty-color (0.5.
|
66
|
+
tty-color (0.5.2)
|
67
67
|
tty-cursor (0.7.1)
|
68
68
|
tty-font (0.5.0)
|
69
|
-
tty-screen (0.8.
|
69
|
+
tty-screen (0.8.1)
|
70
70
|
tty-spinner (0.9.3)
|
71
71
|
tty-cursor (~> 0.7)
|
72
72
|
tty-table (0.11.0)
|
data/README.md
CHANGED
@@ -167,7 +167,13 @@ Run tests:
|
|
167
167
|
bundle exec rspec
|
168
168
|
```
|
169
169
|
|
170
|
-
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
170
|
+
To install this gem onto your local machine, run `bundle exec rake install`. To manually release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
171
|
+
|
172
|
+
### Release Process
|
173
|
+
|
174
|
+
Chelsea is automatically released after a commit to the `master` branch.
|
175
|
+
|
176
|
+
To avoid performing a release after a commit to the `master` branch, be sure your commit message includes `[skip ci] `.
|
171
177
|
|
172
178
|
## Why Chelsea?
|
173
179
|
|
data/chelsea.gemspec
CHANGED
data/lib/chelsea/cli.rb
CHANGED
@@ -39,15 +39,19 @@ module Chelsea
|
|
39
39
|
_set_config # move to init
|
40
40
|
elsif @opts.clear?
|
41
41
|
require_relative 'db'
|
42
|
-
Chelsea::DB.new
|
42
|
+
Chelsea::DB.new.clear_cache
|
43
43
|
puts "OSS Index cache cleared"
|
44
44
|
elsif @opts.file? && @opts.iq?
|
45
45
|
dependencies = _process_file_iq
|
46
46
|
_submit_sbom(dependencies)
|
47
|
+
elsif !@opts.file? && @opts.iq?
|
48
|
+
abort "Missing the --file argument. It is required with the --iq argument."
|
47
49
|
elsif @opts.file?
|
48
50
|
_process_file
|
49
51
|
elsif @opts.help? # quit on opts.help earlier
|
50
52
|
puts _cli_flags # this doesn't exist
|
53
|
+
else
|
54
|
+
abort "Missing arguments! Chelsea did nothing. Try providing the --file <Gemfile.lock> argument."
|
51
55
|
end
|
52
56
|
end
|
53
57
|
|
@@ -73,7 +77,26 @@ module Chelsea
|
|
73
77
|
|
74
78
|
return unless status_url
|
75
79
|
|
76
|
-
iq.poll_status(status_url)
|
80
|
+
msg, color, exit_code = iq.poll_status(status_url)
|
81
|
+
show_status(msg, color)
|
82
|
+
# this may not be very ruby-esque, but `return exit_code` and `exit_code` didn't result in the desired exit status
|
83
|
+
exit exit_code
|
84
|
+
end
|
85
|
+
|
86
|
+
def show_status(msg, color)
|
87
|
+
case color
|
88
|
+
when Chelsea::IQClient::COLOR_FAILURE
|
89
|
+
puts @pastel.red.bold(msg)
|
90
|
+
when Chelsea::IQClient::COLOR_WARNING
|
91
|
+
# want yellow, but that doesn't print
|
92
|
+
# puts @pastel.color.bold(msg, color)
|
93
|
+
puts @pastel.blue.blue(msg)
|
94
|
+
when Chelsea::IQClient::COLOR_NONE
|
95
|
+
# want yellow, but that doesn't print
|
96
|
+
puts @pastel.green.bold(msg)
|
97
|
+
else
|
98
|
+
puts @pastel.bold(msg)
|
99
|
+
end
|
77
100
|
end
|
78
101
|
|
79
102
|
def _process_file
|
data/lib/chelsea/iq_client.rb
CHANGED
@@ -17,6 +17,7 @@
|
|
17
17
|
require 'rest-client'
|
18
18
|
require 'json'
|
19
19
|
require 'pastel'
|
20
|
+
require 'uri'
|
20
21
|
|
21
22
|
require_relative 'spinner'
|
22
23
|
|
@@ -31,6 +32,7 @@ module Chelsea
|
|
31
32
|
internal_application_id: '',
|
32
33
|
stage: 'build'
|
33
34
|
}
|
35
|
+
|
34
36
|
def initialize(options: DEFAULT_OPTIONS)
|
35
37
|
@options = options
|
36
38
|
@pastel = Pastel.new
|
@@ -46,12 +48,12 @@ module Chelsea
|
|
46
48
|
password: @options[:auth_token]
|
47
49
|
)
|
48
50
|
res = resource.post sbom.to_s, _headers.merge(content_type: 'application/xml')
|
49
|
-
|
50
|
-
spin.success("...done.")
|
51
|
-
status_url(res)
|
52
|
-
else
|
51
|
+
if res.code != 202
|
53
52
|
spin.stop('...request failed.')
|
54
53
|
nil
|
54
|
+
else
|
55
|
+
spin.success("...done.")
|
56
|
+
status_url(res)
|
55
57
|
end
|
56
58
|
end
|
57
59
|
|
@@ -67,8 +69,7 @@ module Chelsea
|
|
67
69
|
res = _poll_iq_server(url)
|
68
70
|
if res.code == 200
|
69
71
|
spin.success("...done.")
|
70
|
-
_handle_response(res)
|
71
|
-
break
|
72
|
+
return _handle_response(res)
|
72
73
|
end
|
73
74
|
rescue
|
74
75
|
sleep(1)
|
@@ -76,18 +77,39 @@ module Chelsea
|
|
76
77
|
end
|
77
78
|
end
|
78
79
|
|
80
|
+
# colors to use when printing message
|
81
|
+
COLOR_FAILURE = 31
|
82
|
+
COLOR_WARNING = 33 # want yellow, but doesn't appear to print
|
83
|
+
COLOR_NONE = 32
|
84
|
+
# Known policy actions
|
85
|
+
POLICY_ACTION_FAILURE = 'Failure'
|
86
|
+
POLICY_ACTION_WARNING = 'Warning'
|
87
|
+
POLICY_ACTION_NONE = 'None'
|
88
|
+
|
79
89
|
private
|
80
90
|
|
81
91
|
def _handle_response(res)
|
82
92
|
res = JSON.parse(res.body)
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
93
|
+
# get absolute report url
|
94
|
+
absolute_report_html_url = URI.join(@options[:server_url], res['reportHtmlUrl'])
|
95
|
+
|
96
|
+
case res['policyAction']
|
97
|
+
when POLICY_ACTION_FAILURE
|
98
|
+
return "Hi! Chelsea here, you have some policy violations to clean up!"\
|
99
|
+
"\nReport URL: #{absolute_report_html_url}",
|
100
|
+
COLOR_FAILURE, 1
|
101
|
+
when POLICY_ACTION_WARNING
|
102
|
+
return "Hi! Chelsea here, you have some policy warnings to peck at!"\
|
103
|
+
"\nReport URL: #{absolute_report_html_url}",
|
104
|
+
COLOR_WARNING, 0
|
105
|
+
when POLICY_ACTION_NONE
|
106
|
+
return "Hi! Chelsea here, no policy violations for this audit!"\
|
107
|
+
"\nReport URL: #{absolute_report_html_url}",
|
108
|
+
COLOR_NONE, 0
|
87
109
|
else
|
88
|
-
|
89
|
-
|
90
|
-
|
110
|
+
return "Hi! Chelsea here, no policy violations for this audit, but unknown policy action!"\
|
111
|
+
"\nReport URL: #{absolute_report_html_url}",
|
112
|
+
COLOR_FAILURE, 1
|
91
113
|
end
|
92
114
|
end
|
93
115
|
|
@@ -141,7 +163,15 @@ module Chelsea
|
|
141
163
|
password: @options[:auth_token]
|
142
164
|
)
|
143
165
|
res = resource.get _headers
|
166
|
+
if res.code != 200
|
167
|
+
puts "failed to get internal application id for IQ application id: #{@options[:public_application_id]}. response status: #{res.code}"
|
168
|
+
return
|
169
|
+
end
|
144
170
|
body = JSON.parse(res)
|
171
|
+
if body['applications'].empty?
|
172
|
+
puts "failed to get internal application id for IQ application id: #{@options[:public_application_id]}"
|
173
|
+
return
|
174
|
+
end
|
145
175
|
body['applications'][0]['id']
|
146
176
|
end
|
147
177
|
|
data/lib/chelsea/spinner.rb
CHANGED
data/lib/chelsea/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: chelsea
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.27
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Allister Beharry
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-01-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: tty-font
|
@@ -198,20 +198,6 @@ dependencies:
|
|
198
198
|
- - "~>"
|
199
199
|
- !ruby/object:Gem::Version
|
200
200
|
version: 11.1.2
|
201
|
-
- !ruby/object:Gem::Dependency
|
202
|
-
name: pry
|
203
|
-
requirement: !ruby/object:Gem::Requirement
|
204
|
-
requirements:
|
205
|
-
- - ">="
|
206
|
-
- !ruby/object:Gem::Version
|
207
|
-
version: '0'
|
208
|
-
type: :development
|
209
|
-
prerelease: false
|
210
|
-
version_requirements: !ruby/object:Gem::Requirement
|
211
|
-
requirements:
|
212
|
-
- - ">="
|
213
|
-
- !ruby/object:Gem::Version
|
214
|
-
version: '0'
|
215
201
|
description:
|
216
202
|
email:
|
217
203
|
- allister.beharry@gmail.com
|