diffend-monitor 0.2.40 → 0.2.46

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f88e005924b71bf6f49c352bb8a94c3c86cf1a9af15f011ba357e2dc25cb0dbc
-  data.tar.gz: 7f8b7badc3e62ca223adf7170941986c7d55d2f0ec8fea62889c2ce9898d2024
+  metadata.gz: d7a9ce0136a3adc532898cdabc5972be7ed152c0479a7ad724ec66a5a563777a
+  data.tar.gz: ece9ff8f2226deff51cb670b0cb985247fd4b497d0538015d736192bb0548b01
 SHA512:
-  metadata.gz: 4f1349f7a42b8eb9edc0cdfa3e73c607d3f523955fcd2051d09901035f3731195632be70575e8f0e4f5b129dace9b9a350f353da223a1c75566561159bcc7968
-  data.tar.gz: efec99d3c42273b5ad96b51bcadf2e3a33db5d49b88f728bc30da461174c4bf07edda96f7470aaa6b5faed58c0c194620296ebe421d00571a22e41a6a13171c7
+  metadata.gz: a2b69a6ca6aacb8a99d45c6333f6da252b4a952d939d704b75f6d122e9cb5c383bb222992488226ebc3a400bd9db91a310365279141d612524c191b67a5b2d69
+  data.tar.gz: fe78cb956b12566737ab17dd092c2a42eab82cafd9dd5ca81f409978b0f837c28b4ff99d0617aeae847085390dc173736f3786d31d5973b54f856cfa7cc35261

data/CHANGELOG.md

@@ -2,6 +2,27 @@
 
 ## [Unreleased][master]
 
+## [0.2.46] (2021-05-05)
+- Optimized file selection to make releases smaller and easier to read through.
+
+## [0.2.45] (2021-05-05)
+- Bundler 2.2.17 support
+
+## [0.2.44] (2021-03-31)
+- `project_id`, `shareable_id` and `shareable_key` need to be a valid UUID
+
+## [0.2.43] (2021-03-16)
+- introduce `DIFFEND_TAGS` ([#119](https://github.com/diffend-io/diffend-ruby/pull/119))
+- add support for `bundle add` command ([#118](https://github.com/diffend-io/diffend-ruby/pull/118))
+
+## [0.2.42] (2021-03-09)
+- introduce `DIFFEND_SKIP_DENY` flag
+- fix config not being passed properly to `build_error` in `Diffend::Execute` ([#116](https://github.com/diffend-io/diffend-ruby/pull/116))
+
+## [0.2.41] (2021-03-09)
+- introduce integration specs ([#107](https://github.com/diffend-io/diffend-ruby/pull/107))
+- use `Bundler::Definition.resolve` for specs ([#112](https://github.com/diffend-io/diffend-ruby/pull/112))
+
 ## [0.2.40] (2021-02-23)
 - don't expose ips, we can identify instance by a hostname ([#108](https://github.com/diffend-io/diffend-ruby/pull/108))
 - don't set `verify_mode` when creating request in `Diffend::Request`, use default value set by `use_ssl` flag instead ([#109](https://github.com/diffend-io/diffend-ruby/pull/109))
@@ -126,7 +147,11 @@
 
 - initial release
 
-[master]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.40...HEAD
+[master]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.44...HEAD
+[0.2.44]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.43...v0.2.44
+[0.2.43]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.42...v0.2.43
+[0.2.42]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.41...v0.2.42
+[0.2.41]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.40...v0.2.41
 [0.2.40]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.39...v0.2.40
 [0.2.39]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.38...v0.2.39
 [0.2.38]: https://github.com/diffend-io/diffend-ruby/compare/v0.2.37...v0.2.38

data/certs/mensfeld.pem

@@ -1,25 +1,25 @@
 -----BEGIN CERTIFICATE-----
 MIIEODCCAqCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAjMSEwHwYDVQQDDBhtYWNp
-ZWovREM9bWVuc2ZlbGQvREM9cGwwHhcNMTkwNzMwMTQ1NDU0WhcNMjAwNzI5MTQ1
-NDU0WjAjMSEwHwYDVQQDDBhtYWNpZWovREM9bWVuc2ZlbGQvREM9cGwwggGiMA0G
-CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC9fCwtaHZG2SyyNXiH8r0QbJQx/xxl
-dkvwWz9QGJO+O8rEx20FB1Ab+MVkfOscwIv5jWpmk1U9whzDPl1uFtIbgu+sk+Zb
-uQlZyK/DPN6c+/BbBL+RryTBRyvkPLoCVwm7uxc/JZ1n4AI6eF4cCZ2ieZ9QgQbU
-MQs2QPqs9hT50Ez/40GnOdadVfiDDGz+NME2C4ms0BriXwZ1tcRTfJIHe2xjIbbb
-y5qRGfsLKcgMzvLQR24olixyX1MR0s4+Wveq3QL/gBhL4veUcv+UABJA8IJR0kyB
-seHHutusiwZ1v3SjjjW1xLLrc2ARV0mgCb0WaK2T4iA3oFTGLh6Ydz8LNl31KQFv
-94nRd8IhmJxrhQ6dQ/WT9IXoa5S9lfT5lPJeINemH4/6QPABzf9W2IZlCdI9wCdB
-TBaw57MKneGAYZiKjw6OALSy2ltQUCl3RqFl3VP7n8uFy1U987Q5VIIQ3O1UUsQD
-Oe/h+r7GUU4RSPKgPlrwvW9bD/UQ+zF51v8CAwEAAaN3MHUwCQYDVR0TBAIwADAL
-BgNVHQ8EBAMCBLAwHQYDVR0OBBYEFJNIBHdfEUD7TqHqIer2YhWaWhwcMB0GA1Ud
+ZWovREM9bWVuc2ZlbGQvREM9cGwwHhcNMjAwODExMDkxNTM3WhcNMjEwODExMDkx
+NTM3WjAjMSEwHwYDVQQDDBhtYWNpZWovREM9bWVuc2ZlbGQvREM9cGwwggGiMA0G
+CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDCpXsCgmINb6lHBXXBdyrgsBPSxC4/
+2H+weJ6L9CruTiv2+2/ZkQGtnLcDgrD14rdLIHK7t0o3EKYlDT5GhD/XUVhI15JE
+N7IqnPUgexe1fbZArwQ51afxz2AmPQN2BkB2oeQHXxnSWUGMhvcEZpfbxCCJH26w
+hS0Ccsma8yxA6hSlGVhFVDuCr7c2L1di6cK2CtIDpfDaWqnVNJEwBYHIxrCoWK5g
+sIGekVt/admS9gRhIMaIBg+Mshth5/DEyWO2QjteTodItlxfTctrfmiAl8X8T5JP
+VXeLp5SSOJ5JXE80nShMJp3RFnGw5fqjX/ffjtISYh78/By4xF3a25HdWH9+qO2Z
+tx0wSGc9/4gqNM0APQnjN/4YXrGZ4IeSjtE+OrrX07l0TiyikzSLFOkZCAp8oBJi
+Fhlosz8xQDJf7mhNxOaZziqASzp/hJTU/tuDKl5+ql2icnMv5iV/i6SlmvU29QNg
+LCV71pUv0pWzN+OZbHZKWepGhEQ3cG9MwvkCAwEAAaN3MHUwCQYDVR0TBAIwADAL
+BgNVHQ8EBAMCBLAwHQYDVR0OBBYEFImGed2AXS070ohfRidiCEhXEUN+MB0GA1Ud
 EQQWMBSBEm1hY2llakBtZW5zZmVsZC5wbDAdBgNVHRIEFjAUgRJtYWNpZWpAbWVu
-c2ZlbGQucGwwDQYJKoZIhvcNAQELBQADggGBAKA4eqko6BTNhlysip6rfBkVTGri
-ZXsL+kRb2hLvsQJS/kLyM21oMlu+LN0aPj3qEFR8mE/YeDD8rLAfruBRTltPNbR7
-xA5eE1gkxY5LfExUtK3b2wPqfmo7mZgfcsMwfYg/tUXw1WpBCnrhAJodpGH6SXmp
-A40qFUZst0vjiOoO+aTblIHPmMJXoZ3K42dTlNKlEiDKUWMRKSgpjjYGEYalFNWI
-hHfCz2r8L2t+dYdMZg1JGbEkq4ADGsAA8ioZIpJd7V4hI17u5TCdi7X5wh/0gN0E
-CgP+nLox3D+l2q0QuQEkayr+auFYkzTCkF+BmEk1D0Ru4mcf3F4CJvEmW4Pzbjqt
-i1tsCWPtJ4E/UUKnKaWKqGbjrjHJ0MuShYzHkodox5IOiCXIQg+1+YSzfXUV6WEK
-KJG/fhg1JV5vVDdVy6x+tv5SQ5ctU0feCsVfESi3rE3zRd+nvzE9HcZ5aXeL1UtJ
-nT5Xrioegu2w1jPyVEgyZgTZC5rvD0nNS5sFNQ==
+c2ZlbGQucGwwDQYJKoZIhvcNAQELBQADggGBAKiHpwoENVrMi94V1zD4o8/6G3AU
+gWz4udkPYHTZLUy3dLznc/sNjdkJFWT3E6NKYq7c60EpJ0m0vAEg5+F5pmNOsvD3
+2pXLj9kisEeYhR516HwXAvtngboUcb75skqvBCU++4Pu7BRAPjO1/ihLSBexbwSS
+fF+J5OWNuyHHCQp+kGPLtXJe2yUYyvSWDj3I2//Vk0VhNOIlaCS1+5/P3ZJThOtm
+zJUBI7h3HgovwRpcnmk2mXTmU4Zx/bCzX8EA6VY0khEvnmiq7S6eBF0H9qH8KyQ6
+EkVLpvmUDFcf/uNaBQdazEMB5jYtwoA8gQlANETNGPi51KlkukhKgaIEDMkBDJOx
+65N7DzmkcyY0/GwjIVIxmRhcrCt1YeCUElmfFx0iida1/YRm6sB2AXqScc1+ECRi
+2DND//YJUikn1zwbz1kT70XmHd97B4Eytpln7K+M1u2g1pHVEPW4owD/ammXNpUy
+nt70FcDD4yxJQ+0YNiHd0N8IcVBM1TMIVctMNQ==
 -----END CERTIFICATE-----

data/diffend.gemspec

@@ -4,10 +4,19 @@ lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'diffend/version'
 
+files_locations = %w[
+  *.md
+  lib/**/*.rb
+  config/*
+  certs/*
+  diffend.gemspec
+  plugins.rb
+]
+
 Gem::Specification.new do |spec|
-  spec.name          = 'diffend'
+  spec.name          = 'diffend-monitor'
   spec.version       = Diffend::VERSION
-  spec.authors       = ['Tomasz Pajor']
+  spec.authors       = ['Tomasz Pajor', 'Maciej Mensfeld']
   spec.email         = ['contact@diffend.io']
 
   spec.summary       = 'OSS supply chain security and management platform'
@@ -18,10 +27,11 @@ Gem::Specification.new do |spec|
     spec.signing_key = File.expand_path('~/.ssh/gem-private_key.pem')
   end
 
-  spec.cert_chain    = %w[certs/tomaszpajor.pem]
-  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(spec)/}) }
+  spec.cert_chain    = %w[certs/mensfeld.pem]
   spec.require_paths = %w[lib]
 
+  files_locations.each { |location| spec.files += Dir[location] }
+
   spec.add_development_dependency 'bundler'
   spec.add_development_dependency 'rake'
 end

data/lib/diffend/commands.rb

@@ -11,5 +11,7 @@ module Diffend
     EXEC = 'exec'
     # Bundler secure command introduced by diffend plugin
     SECURE = 'secure'
+    # Bundler add command
+    ADD = 'add'
   end
 end

data/lib/diffend/configs/error_messages.rb

@@ -32,6 +32,17 @@ module Diffend
             Expected #{Validator::KNOWN_KEYS[key].join(' or ')}, was #{config.public_send(key).class}.
           MSG
         end
+
+        # Invalid uuid value message
+        #
+        # @param key [String] invalid key
+        #
+        # @return [String]
+        def invalid_uuid(key)
+          <<~MSG
+            Diffend configuration value for #{key} is invalid.
+          MSG
+        end
       end
     end
   end

data/lib/diffend/configs/validator.rb

@@ -17,6 +17,14 @@ module Diffend
         development?: [TrueClass, FalseClass]
       }.freeze
 
+      # List of known uuid keys
+      UUID_KEYS = %i[project_id shareable_id shareable_key].freeze
+
+      # Imported from https://github.com/assaf/uuid/blob/master/lib/uuid.rb#L199
+      UUID_FORMAT = /\A[\da-f]{8}-([\da-f]{4}-){3}[\da-f]{12}\z/i
+
+      private_constant :UUID_KEYS, :UUID_FORMAT
+
       class << self
         # @param config [Diffend::Config]
         def call(config)
@@ -28,6 +36,12 @@ module Diffend
 
             config.errors << ErrorMessages.invalid_key(config, key) if invalid?(config, key)
           end
+
+          UUID_KEYS.each do |key|
+            next if valid_uuid?(config, key)
+
+            config.errors << ErrorMessages.invalid_uuid(key)
+          end
         end
 
         private
@@ -49,6 +63,14 @@ module Diffend
         def invalid?(config, key)
           !KNOWN_KEYS[key].include?(config.public_send(key).class)
         end
+
+        # @param config [Diffend::Config]
+        # @param key [String]
+        #
+        # @return [Boolean] true if key has a valid uuid, false otherwise
+        def valid_uuid?(config, key)
+          UUID_FORMAT.match?(config.public_send(key))
+        end
       end
     end
   end

data/lib/diffend/errors.rb

@@ -21,5 +21,7 @@ module Diffend
     HandledException = Class.new(BaseError)
     # Raised when we are unable to resolve dependencies
     DependenciesResolveException = Class.new(BaseError)
+    # Failure of a shell command execution
+    FailedShellCommand = Class.new(BaseError)
   end
 end

data/lib/diffend/execute.rb

@@ -30,7 +30,7 @@ module Diffend
       # @param response [Hash] response from diffend API
       def build_message(config, response)
         if response.key?('error')
-          build_error(response)
+          build_error(config, response)
         elsif response.key?('action')
           build_verdict(config, response)
         else
@@ -43,8 +43,9 @@ module Diffend
         end
       end
 
+      # @param config [Diffend::Config]
       # @param response [Hash] response from diffend API
-      def build_error(response)
+      def build_error(config, response)
         build_error_message(response)
           .tap(&config.logger.method(:error))
 
@@ -65,7 +66,7 @@ module Diffend
           build_deny_message(config.command, response)
             .tap(&config.logger.method(:error))
 
-          exit 1
+          exit 1 unless ENV.key?('DIFFEND_SKIP_DENY')
         else
           Diffend::HandleErrors::Report.call(
             config: config,

data/lib/diffend/handle_errors/report.rb

@@ -39,10 +39,10 @@ module Diffend
         # @return [Diffend::RequestObject]
         def build_request_object(config, payload)
           Diffend::RequestObject.new(
-            config: config,
-            url: config.errors_url,
-            payload: payload,
-            request_method: :post
+            config,
+            config.errors_url,
+            payload,
+            :post
           )
         end
 

data/lib/diffend/integration_repository.rb

@@ -0,0 +1,92 @@
+# frozen_string_literal: true
+
+module Diffend
+  # Repository for integrations
+  class IntegrationRepository
+    # Plugin code entry in Gemfile
+    GEMFILE_PLUGIN_ENTRY = 'plugin \'diffend\''
+    # Gemfile file name
+    GEMFILE_FILE_NAME = 'Gemfile'
+    # Gemfile backup file name
+    GEMFILE_BACKUP_FILE_NAME = 'Gemfile.backup'
+    # Plugin install command
+    PLUGIN_INSTALL_COMMAND = 'bundle plugin install diffend'
+
+    attr_reader :command, :name, :repository
+
+    # @param command [String] command executed via bundler
+    # @param name [String] repository name
+    def initialize(command, name)
+      @command = command
+      @name = name
+      @repository = Diffend::Repository.new(command, name)
+    end
+
+    # @return [String] full name of the repository with command
+    def full_name
+      "#{command}_#{name}"
+    end
+
+    # @param path [String] path to the repository
+    def config?(path)
+      # check if .diffend.yml exists
+      return if File.exist?(File.join(path, Diffend::Config::FILENAME))
+
+      puts "Diffend configuration does not exist for #{command} #{name}"
+      exit 1
+    end
+
+    # @param path [String] path to the repository
+    def install_plugin(path)
+      cmd = Diffend::Shell.call_in_path(path, PLUGIN_INSTALL_COMMAND)
+
+      unless cmd[:exit_code].zero?
+        puts "#{PLUGIN_INSTALL_COMMAND} failed"
+        puts cmd[:stderr]
+        exit 1
+      end
+
+      switch_plugin_to_development(path, cmd[:stdout])
+      add_plugin_to_gemfile(path)
+    end
+
+    private
+
+    # @param path [String] path to the repository
+    # @param stdout [String] stdout from plugin install command
+    def switch_plugin_to_development(path, stdout)
+      installed_version = stdout.scan(/Installing diffend (\d*\.\d*\.\d*)/)[0][0]
+      diffend_working_path = File.expand_path('..', Bundler.bin_path)
+      bundler_plugins_path = File.join(path, '.bundle/plugin/gems')
+      bundler_diffend_plugin_path = File.join(bundler_plugins_path, "diffend-#{installed_version}")
+      FileUtils.mv(bundler_diffend_plugin_path, "#{bundler_diffend_plugin_path}-")
+      FileUtils.ln_s(diffend_working_path, bundler_diffend_plugin_path)
+    end
+
+    # @param path [String] path to the repository
+    def add_plugin_to_gemfile(path)
+      gemfile_path = File.join(path, GEMFILE_FILE_NAME)
+
+      FileUtils.mv(gemfile_path, File.join(path, GEMFILE_BACKUP_FILE_NAME))
+      file = File.open(gemfile_path, 'w')
+      source_detected = nil
+
+      File.readlines(
+        File.join(path, GEMFILE_BACKUP_FILE_NAME)
+      ).each do |line|
+        if line.start_with?('source') && source_detected.nil?
+          source_detected = true
+        elsif source_detected
+          source_detected = false
+          file.write("\n#{GEMFILE_PLUGIN_ENTRY}\n")
+        end
+
+        file.write(line)
+      end
+
+      file.close
+
+      FileUtils.rm(File.join(path, GEMFILE_BACKUP_FILE_NAME))
+    end
+  end
+end

data/lib/diffend/local_context/host.rb

@@ -56,7 +56,7 @@ module Diffend
         #
         # @return [Array]
         def tags
-          tags = []
+          tags = prepare_user_tags
 
           if ENV.key?('GITHUB_ACTIONS')
             tags << 'ci'
@@ -71,6 +71,17 @@ module Diffend
           tags
         end
 
+        # Prepare user tags
+        #
+        # @return [Array]
+        def prepare_user_tags
+          if ENV.key?('DIFFEND_TAGS')
+            ENV['DIFFEND_TAGS'].split(',')
+          else
+            []
+          end
+        end
+
         # @param str [String] that we want to clean and truncate
         def clean(str)
           str

data/lib/diffend/local_context/packages.rb

@@ -39,8 +39,7 @@ module Diffend
           ::Bundler.ui.silence { instance.resolve }
 
           case command
-          when Commands::INSTALL, Commands::EXEC, Commands::SECURE then instance.build_install
-          when Commands::UPDATE then instance.build_update
+          when Commands::INSTALL, Commands::EXEC, Commands::SECURE, Commands::UPDATE, Commands::ADD then instance.build
           else
             raise ArgumentError, "invalid command: #{command}"
           end
@@ -63,37 +62,21 @@ module Diffend
       # Resolve definition
       def resolve
         @cached ? @definition.resolve_with_cache! : @definition.resolve_remotely!
-      end
-
-      # Build install specification
-      #
-      # @return [Hash]
-      def build_install
-        hash = build_main
-
-        @definition.specs.each do |spec|
-          next if skip?(spec.source)
-
-          locked_spec = @locked_specs.find { |s| s.name == spec.name }
-
-          hash['dependencies'][spec.name] = {
-            'platform' => build_spec_platform(spec, locked_spec),
-            'source' => build_spec_source(spec),
-            'type' => build_dependency_type(spec.name),
-            'versions' => build_versions(spec, locked_spec)
-          }
-        end
 
-        hash
+        # Despite bundler not materializing resolution, we always need to do so to get all the
+        # gems details
+        @definition.specs
       end
 
-      # Build update specification
+      # Build specification
       #
       # @return [Hash]
-      def build_update
+      def build
         hash = build_main
 
-        @definition.specs.each do |spec|
+        @definition.resolve.each do |spec|
+          # Skip metadata
+          next if spec.instance_variable_get(:@specification).nil?
           next if skip?(spec.source)
 
           locked_spec = @locked_specs.find { |s| s.name == spec.name }
@@ -117,8 +100,8 @@ module Diffend
       def build_main
         {
           'dependencies' => {},
-          'sources' => build_sources,
           'plugins' => {},
+          'sources' => build_sources,
           'platforms' => @definition.platforms.map(&:to_s)
         }
       end