code_quality 0.3.0 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: eace4c0b5c37da862ea1badeb54ef4f0163236d4f3b73134cbe7dfea9830de86
4
- data.tar.gz: 2927bcc4f3ddff5ff6c142bfdb5835f2fafba593148c547d6e8ca6142d111df4
3
+ metadata.gz: 1fc47dc8cf14d7cd8a5106fff0b642bc487093bfeacabfbfab5637df50cf4ab7
4
+ data.tar.gz: cf6c2cc1d8c0412eb56e793cfb9d4dc73be29eafff29c2700289e1fa10d52304
5
5
  SHA512:
6
- metadata.gz: ce5e2c0afa00141987f63bbfaedfbffd7595fe1b888f9dfa90816e1de0a3b8ffd83097ddec857656ce79452417174a37b06e723e0e0891f82dccc3beba52a927
7
- data.tar.gz: 8d318b6278cf2111400c19c0dc296c572fe6a2a3855bc22850b40bc352d2ff060330e7b8086d1562f9122c201ca1a4057d484eaff321bee1b413100f2c19d622
6
+ metadata.gz: ef8ce46be84722fa2053dd4979723985aa21a8d7cb5f68c3cffbb409e54d82210adbc87da53a3390ab149f32b2bf1e182392a8963a6763f8060fea5b7b33e82f
7
+ data.tar.gz: a5b5032fd98227186ae874c9279fd36d2cd79e2bf163177089b65f43f321909b41fe9c28016d744318583ba44ce9a84c8e229853cf991aa60ad5d9c49b21539f
@@ -1,3 +1,26 @@
1
+ ################
2
+ # CI Workflow:
3
+ # feature development, trigger by `git push`:
4
+ # test -> code_audit(code_security_audit and code_quality_audit)
5
+ #
6
+ # feature deploy, trigger by `git push --tags`
7
+ # test -> deploy
8
+ #
9
+ # Stages:
10
+ # - test: run `rake test`
11
+ # - code_audit: run `code_quality security_audit` and `code_quality quality_audit`
12
+ # - deploy: auto build and upload a gem package to rubygems.org after `git push --tags`
13
+ #
14
+ # Principle:
15
+ # - fail fast
16
+ # - done is better than perfect
17
+ ################
18
+
19
+ stages:
20
+ - test
21
+ - code_audit
22
+ - deploy
23
+
1
24
  sudo: false
2
25
  language: ruby
3
26
  rvm:
@@ -9,6 +32,16 @@ env:
9
32
  global:
10
33
  secure: HLfW6QDOiyxaM7wBRDzdF9ud0Ey1EVL/rdnvt8TvM7VUbtUt4wLlCbUcIIASbxrv0AV/MtpkS4n9O/WIk3rcdndoUzoPtYBNIKI9McJuunoSxzY2pwlF7scZz0aE64OJCCshCEeaNRR5p8yw7Lw4gptsdFmceIVXyPfGEG924arSwFcAhMUnWxaIBFamH9/j2KXrq0RkagX2b4+HUqH1at4cfc/otFUbvQxaGL5eaxI+ReZU3MwO3uxAvdoWoiWpAS3NDTxJKN9GMT6a67wzbxGPERj2G75sGubwVJfvRhdh+BgjAOJjgSMaUMYn2HA9phN5Mkb0z9yaZu2RuBzEscHv8Cq8pSVHb75IvjBdk2Ovsq3R25D/jFdTPnLnJxsrWYVLDDSyJvpyc1aOcws/Ry7MEX8v+Lt0gWJraleTcfn51ulZY/cWlD8utVqvTjfjGjKEZrmYXn5nu0xTJ3vYHMttqKavh6nQxcc7cDRLbVDE5GI9PUjENNP+ZxY0ldiSQiYm+S/1OuHZP9/z6DXMhIDUFZBNSIy3dkKW5bUFQNeb40mi0muS8elqoKQ/fkumU7YmKEVrdkP6wyL6LEa4HYqFAy/glktcb1r9PTSPpE/Z40rx0wemUaPSyY/2SYp1CMoSJpIHvt2IHzrlPaSuK9UTObmtH02CRqB9R8/cURU=
11
34
 
35
+ jobs:
36
+ include:
37
+ - stage: code_audit
38
+ if: branch != master
39
+ install: gem install code_quality --no-ri --no-rdoc
40
+ script:
41
+ - bundle install # to generate Gemfile.lock
42
+ - code_quality security_audit
43
+ - code_quality quality_audit fail_fast=false generate_index=true lowest_score=90 rubocop_max_offenses=120
44
+
12
45
  deploy:
13
46
  # automatically release Ruby gem to RubyGems after a successful build with `git push --tags`
14
47
  - provider: rubygems
@@ -39,14 +39,20 @@ module CodeQuality
39
39
 
40
40
  OptionParser.new do |opts|
41
41
  opts.separator "Run code_quality for a ruby/rails project, e.g.:"
42
- opts.separator " code_quality lowest_score=90 max_offenses=100 metrics=stats,rails_best_practices,roodi rails_best_practices_max_offenses=10 roodi_max_offenses=10"
42
+ opts.separator " code_quality lowest_score=90 rubocop_max_offenses=100 metrics=stats,rails_best_practices,roodi rails_best_practices_max_offenses=10 roodi_max_offenses=10"
43
43
  opts.separator ""
44
44
  opts.separator "Show available tasks:"
45
45
  opts.separator " code_quality -T"
46
46
  opts.separator ""
47
- opts.separator "Invoke a audit task:"
47
+ opts.separator "Invoke an audit task:"
48
48
  opts.separator " code_quality AUDIT_TASK"
49
49
  opts.separator ""
50
+ opts.separator "Invoke all security audit tasks:"
51
+ opts.separator " code_quality security_audit"
52
+ opts.separator ""
53
+ opts.separator "Invoke all quality audit tasks:"
54
+ opts.separator " code_quality quality_audit"
55
+ opts.separator ""
50
56
  opts.separator "Advanced options:"
51
57
 
52
58
  opts.on_tail("-h", "--help", "-H", "Display this help message.") do
@@ -1,3 +1,3 @@
1
1
  module CodeQuality
2
- VERSION = "0.3.0"
2
+ VERSION = "0.3.1"
3
3
  end
@@ -47,11 +47,14 @@ namespace :code_quality do
47
47
  end
48
48
 
49
49
  desc "brakeman"
50
+ # options:
51
+ # brakeman_options: pass extract CLI options, e.g.: brakeman_options="--skip-files lib/templates/"
50
52
  task :brakeman => :prepare do |task|
53
+ options = options_from_env(:brakeman_options)
51
54
  require 'json'
52
55
  run_audit task, "Brakeman audit - checks Ruby on Rails applications for security vulnerabilities" do
53
56
  @report_path = "#{report_dir}/brakeman-report.txt"
54
- `brakeman -o #{@report_path} -o #{report_dir}/brakeman-report.json`
57
+ `brakeman -o #{@report_path} -o #{report_dir}/brakeman-report.json #{options[:brakeman_options]} .`
55
58
  puts `cat #{@report_path}`
56
59
  report = JSON.parse(File.read("#{report_dir}/brakeman-report.json"))
57
60
  audit_faild "There are #{report["errors"].size} errors, must fix them ASAP." if report["errors"].any?
@@ -84,7 +87,7 @@ namespace :code_quality do
84
87
  # default tasks
85
88
  task :default => [:run_all, :resources] do; end
86
89
 
87
- desc "run all audit tasks"
90
+ # desc "run all audit tasks"
88
91
  task :run_all => :helpers do
89
92
  options = options_from_env(:fail_fast, :generate_index)
90
93
  fail_fast = options.fetch(:fail_fast, "false")
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: code_quality
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.3.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - RainChen
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2018-02-28 00:00:00.000000000 Z
11
+ date: 2018-04-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler-audit