drone-hunter 0.1.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/dependabot.yml +11 -0
- data/.github/workflows/codeql-analysis.yml +72 -0
- data/.github/workflows/gem-push.yml +45 -0
- data/CHANGELOG.md +18 -0
- data/README.md +6 -0
- data/bin/drone-hunter +33 -10
- data/lib/drone_hunter.rb +9 -1
- metadata +5 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6e480e4c3cedc73d1c18070de5285a2a9ec12a01e203d87d96d33a4b3cd4239a
|
|
4
|
+
data.tar.gz: 5d5ff07a714bad22fac37ee885fa65f020a2a1c77f25975a375a54aa6083b512
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e59220a2943629071563fe2d3c05571a31637801ef42782c40d44a60676d537e29d303868bc2f1021a3e69952acc26de41409eb6b60f429b18e0d5b6b51b235a
|
|
7
|
+
data.tar.gz: a3d03c03c714a27d1091f228473f638181008780dd665afb0d7fcf0d59a59515a029cbcbf49541a2bd4c1078209f38023e03569e284c0ede4158abe8e2f3ec26
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
# To get started with Dependabot version updates, you'll need to specify which
|
|
2
|
+
# package ecosystems to update and where the package manifests are located.
|
|
3
|
+
# Please see the documentation for all configuration options:
|
|
4
|
+
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
|
|
5
|
+
|
|
6
|
+
version: 2
|
|
7
|
+
updates:
|
|
8
|
+
- package-ecosystem: "bundler" # See documentation for possible values
|
|
9
|
+
directory: "/" # Location of package manifests
|
|
10
|
+
schedule:
|
|
11
|
+
interval: "weekly"
|
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
# For most projects, this workflow file will not need changing; you simply need
|
|
2
|
+
# to commit it to your repository.
|
|
3
|
+
#
|
|
4
|
+
# You may wish to alter this file to override the set of languages analyzed,
|
|
5
|
+
# or to provide custom queries or build logic.
|
|
6
|
+
#
|
|
7
|
+
# ******** NOTE ********
|
|
8
|
+
# We have attempted to detect the languages in your repository. Please check
|
|
9
|
+
# the `language` matrix defined below to confirm you have the correct set of
|
|
10
|
+
# supported CodeQL languages.
|
|
11
|
+
#
|
|
12
|
+
name: "CodeQL"
|
|
13
|
+
|
|
14
|
+
on:
|
|
15
|
+
push:
|
|
16
|
+
branches: [ "master" ]
|
|
17
|
+
pull_request:
|
|
18
|
+
# The branches below must be a subset of the branches above
|
|
19
|
+
branches: [ "master" ]
|
|
20
|
+
schedule:
|
|
21
|
+
- cron: '35 6 * * 3'
|
|
22
|
+
|
|
23
|
+
jobs:
|
|
24
|
+
analyze:
|
|
25
|
+
name: Analyze
|
|
26
|
+
runs-on: ubuntu-latest
|
|
27
|
+
permissions:
|
|
28
|
+
actions: read
|
|
29
|
+
contents: read
|
|
30
|
+
security-events: write
|
|
31
|
+
|
|
32
|
+
strategy:
|
|
33
|
+
fail-fast: false
|
|
34
|
+
matrix:
|
|
35
|
+
language: [ 'ruby' ]
|
|
36
|
+
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
|
|
37
|
+
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
|
|
38
|
+
|
|
39
|
+
steps:
|
|
40
|
+
- name: Checkout repository
|
|
41
|
+
uses: actions/checkout@v3
|
|
42
|
+
|
|
43
|
+
# Initializes the CodeQL tools for scanning.
|
|
44
|
+
- name: Initialize CodeQL
|
|
45
|
+
uses: github/codeql-action/init@v2
|
|
46
|
+
with:
|
|
47
|
+
languages: ${{ matrix.language }}
|
|
48
|
+
# If you wish to specify custom queries, you can do so here or in a config file.
|
|
49
|
+
# By default, queries listed here will override any specified in a config file.
|
|
50
|
+
# Prefix the list here with "+" to use these queries and those in the config file.
|
|
51
|
+
|
|
52
|
+
# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
|
|
53
|
+
# queries: security-extended,security-and-quality
|
|
54
|
+
|
|
55
|
+
|
|
56
|
+
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
|
|
57
|
+
# If this step fails, then you should remove it and run the build manually (see below)
|
|
58
|
+
- name: Autobuild
|
|
59
|
+
uses: github/codeql-action/autobuild@v2
|
|
60
|
+
|
|
61
|
+
# ℹ️ Command-line programs to run using the OS shell.
|
|
62
|
+
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
|
|
63
|
+
|
|
64
|
+
# If the Autobuild fails above, remove it and uncomment the following three lines.
|
|
65
|
+
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
|
|
66
|
+
|
|
67
|
+
# - run: |
|
|
68
|
+
# echo "Run, Build Application using script"
|
|
69
|
+
# ./location_of_script_within_repo/buildscript.sh
|
|
70
|
+
|
|
71
|
+
- name: Perform CodeQL Analysis
|
|
72
|
+
uses: github/codeql-action/analyze@v2
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
name: Ruby Gem
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [ "master" ]
|
|
6
|
+
pull_request:
|
|
7
|
+
branches: [ "master" ]
|
|
8
|
+
|
|
9
|
+
jobs:
|
|
10
|
+
build:
|
|
11
|
+
name: Build + Publish
|
|
12
|
+
runs-on: ubuntu-latest
|
|
13
|
+
permissions:
|
|
14
|
+
contents: read
|
|
15
|
+
packages: write
|
|
16
|
+
|
|
17
|
+
steps:
|
|
18
|
+
- uses: actions/checkout@v3
|
|
19
|
+
- name: Set up Ruby 2.6
|
|
20
|
+
uses: actions/setup-ruby@v1
|
|
21
|
+
with:
|
|
22
|
+
ruby-version: 2.6.x
|
|
23
|
+
|
|
24
|
+
- name: Publish to GPR
|
|
25
|
+
run: |
|
|
26
|
+
mkdir -p $HOME/.gem
|
|
27
|
+
touch $HOME/.gem/credentials
|
|
28
|
+
chmod 0600 $HOME/.gem/credentials
|
|
29
|
+
printf -- "---\n:github: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
|
|
30
|
+
gem build *.gemspec
|
|
31
|
+
gem push --KEY github --host https://rubygems.pkg.github.com/${OWNER} *.gem
|
|
32
|
+
env:
|
|
33
|
+
GEM_HOST_API_KEY: "Bearer ${{secrets.GITHUB_TOKEN}}"
|
|
34
|
+
OWNER: ${{ github.repository_owner }}
|
|
35
|
+
|
|
36
|
+
# - name: Publish to RubyGems
|
|
37
|
+
# run: |
|
|
38
|
+
# mkdir -p $HOME/.gem
|
|
39
|
+
# touch $HOME/.gem/credentials
|
|
40
|
+
# chmod 0600 $HOME/.gem/credentials
|
|
41
|
+
# printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
|
|
42
|
+
# gem build *.gemspec
|
|
43
|
+
# gem push *.gem
|
|
44
|
+
# env:
|
|
45
|
+
# GEM_HOST_API_KEY: "${{secrets.RUBYGEMS_AUTH_TOKEN}}"
|
data/CHANGELOG.md
ADDED
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
# Change Log
|
|
2
|
+
|
|
3
|
+
## 0.3.0
|
|
4
|
+
|
|
5
|
+
- [feature] added `--ignore-archived` option to skip archived repositories.
|
|
6
|
+
|
|
7
|
+
## 0.2.0
|
|
8
|
+
|
|
9
|
+
- [config] added `--github-auto-paginate` option if you want to turn this off for some reason.
|
|
10
|
+
- [feature] added `--output-normalize` option to remove cosmetic differences from dronefiles.
|
|
11
|
+
|
|
12
|
+
## 0.1.1
|
|
13
|
+
|
|
14
|
+
- [fix] `--output-format=files` actually works now.
|
|
15
|
+
|
|
16
|
+
## 0.1.0
|
|
17
|
+
|
|
18
|
+
- initial release
|
data/README.md
CHANGED
|
@@ -76,6 +76,12 @@ drone-hunter.output/rancherlabs/support-tools/.drone.yml
|
|
|
76
76
|
|
|
77
77
|
The only limits are your imagination (and the GitHub API Rate Limit).
|
|
78
78
|
|
|
79
|
+
## Output Normalization
|
|
80
|
+
|
|
81
|
+
As of `0.2.0`, you can pass use the `--output-normalize` option to
|
|
82
|
+
remove formatting differences in the dronefiles. This reduces false
|
|
83
|
+
negatives when trying to identify which files are the same.
|
|
84
|
+
|
|
79
85
|
## License
|
|
80
86
|
|
|
81
87
|
`drone-hunter` is available under the [MIT License](https://tldrlegal.com/license/mit-license). See `LICENSE.txt` for the full text.
|
data/bin/drone-hunter
CHANGED
|
@@ -49,6 +49,15 @@ def log_level_from(input)
|
|
|
49
49
|
end
|
|
50
50
|
end
|
|
51
51
|
|
|
52
|
+
# accepts the same values as YAML: https://yaml.org/type/bool.html
|
|
53
|
+
def boolean_from(input)
|
|
54
|
+
case input
|
|
55
|
+
when /1|true|yes|on|enabled?/i then true
|
|
56
|
+
when /0|false|no|off|disabled?/i then false
|
|
57
|
+
else raise NotImplementedError
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
|
|
52
61
|
#########################
|
|
53
62
|
# Default Configuration #
|
|
54
63
|
#########################
|
|
@@ -59,15 +68,19 @@ config = {
|
|
|
59
68
|
dir: File.expand_path(ENV.fetch("DRONE_HUNTER_CACHE_DIR", './drone-hunter.cache'))
|
|
60
69
|
},
|
|
61
70
|
github: {
|
|
62
|
-
auto_paginate: true,
|
|
71
|
+
auto_paginate: boolean_from(ENV.fetch("DRONE_HUNTER_GITHUB_AUTO_PAGINATE", "true")),
|
|
63
72
|
access_token: github_access_token_from_environment
|
|
64
73
|
},
|
|
74
|
+
ignore: {
|
|
75
|
+
archived: boolean_from(ENV.fetch("DRONE_HUNTER_IGNORE_ARCHIVED", "false"))
|
|
76
|
+
},
|
|
65
77
|
log: {
|
|
66
78
|
level: log_level_from(ENV.fetch("DRONE_HUNTER_LOG_LEVEL", "info"))
|
|
67
79
|
},
|
|
68
80
|
output: {
|
|
69
81
|
format: output_format_from(ENV.fetch("DRONE_HUNTER_OUTPUT_FORMAT", "json")),
|
|
70
82
|
path: File.expand_path(ENV.fetch("DRONE_HUNTER_OUTPUT_PATH", "./drone-hunter.output")),
|
|
83
|
+
normalize: boolean_from(ENV.fetch("DRONE_HUNTER_OUTPUT_NORMALIZE", "false")),
|
|
71
84
|
}
|
|
72
85
|
}
|
|
73
86
|
|
|
@@ -76,11 +89,14 @@ config = {
|
|
|
76
89
|
################################
|
|
77
90
|
|
|
78
91
|
OptionParser.new do |options|
|
|
79
|
-
options.on("-C", "--cache-dir=DIR", "env: DRONE_HUNTER_CACHE_DIR")
|
|
80
|
-
options.on( "--github-access-token=TOKEN", "env: DRONE_HUNTER_GITHUB_ACCESS_TOKEN")
|
|
81
|
-
options.on("-
|
|
82
|
-
options.on("-
|
|
83
|
-
options.on("-
|
|
92
|
+
options.on("-C", "--cache-dir=DIR", "env: DRONE_HUNTER_CACHE_DIR") { |argument| config[:cache][:dir] = File.expand_path(argument) }
|
|
93
|
+
options.on( "--github-access-token=TOKEN", "env: DRONE_HUNTER_GITHUB_ACCESS_TOKEN") { |argument| config[:github][:access_token] = argument }
|
|
94
|
+
options.on( "--[no-]github-auto-paginate", "env: DRONE_HUNTER_GITHUB_AUTO_PAGINATE") { |argument| config[:github][:auto_paginate] = argument}
|
|
95
|
+
options.on("-L", "--log-level=LEVEL", "env: DRONE_HUNTER_LOG_LEVEL") { |argument| config[:log][:level] = log_level_from(argument) }
|
|
96
|
+
options.on("-o", "--output-format=FORMAT", "env: DRONE_HUNTER_OUTPUT_FORMAT") { |argument| config[:output][:format] = output_format_from(argument) }
|
|
97
|
+
options.on("-p", "--output-path=PATH", "env: DRONE_HUNTER_OUTPUT_PATH") { |argument| config[:output][:path] = File.expand_path(argument) }
|
|
98
|
+
options.on("-N", "--[no-]output-normalize", "env: DRONE_HUNTER_OUTPUT_NORMALIZE") { |argument| config[:output][:normalize] = argument }
|
|
99
|
+
options.on("-A", "--[no-]ignore-archived", "env: DRONE_HUNTER_IGNORE_ARCHIVED") { |argument| config[:ignore][:archived] = argument }
|
|
84
100
|
end.parse!
|
|
85
101
|
|
|
86
102
|
#################
|
|
@@ -122,13 +138,20 @@ cache = Moneta.new(:File, dir: config[:cache][:dir])
|
|
|
122
138
|
# Main Program #
|
|
123
139
|
################
|
|
124
140
|
|
|
125
|
-
hunt = DroneHunter.new(owners: ARGV, log: log, github: github, cache: cache)
|
|
141
|
+
hunt = DroneHunter.new(owners: ARGV, log: log, github: github, cache: cache, ignore: config[:ignore])
|
|
126
142
|
|
|
127
143
|
if config[:hacking]
|
|
128
144
|
require "pry"
|
|
129
145
|
binding.pry
|
|
130
146
|
else
|
|
131
|
-
hunt.dronefiles.
|
|
147
|
+
hunt.dronefiles.each do |dronefile|
|
|
148
|
+
if config[:output][:normalize]
|
|
149
|
+
require "yaml"
|
|
150
|
+
original = dronefile["content"]
|
|
151
|
+
normalized = YAML.dump(YAML.load(original))
|
|
152
|
+
dronefile["content"] = normalized
|
|
153
|
+
end
|
|
154
|
+
end.then do |dronefiles|
|
|
132
155
|
case config[:output][:format]
|
|
133
156
|
when :JSON
|
|
134
157
|
require "json"
|
|
@@ -140,8 +163,8 @@ else
|
|
|
140
163
|
require "fileutils"
|
|
141
164
|
Dir.chdir(File.expand_path(*FileUtils.mkdir_p(config[:output][:path]))) do |output|
|
|
142
165
|
dronefiles.each do |file|
|
|
143
|
-
Dir.chdir(File.expand_path(*FileUtils.mkdir_p(File.join(output, file[
|
|
144
|
-
File.write(File.join(".", file[
|
|
166
|
+
Dir.chdir(File.expand_path(*FileUtils.mkdir_p(File.join(output, file["repository"])))) do |repo|
|
|
167
|
+
File.write(File.join(".", file["path"]), file["content"])
|
|
145
168
|
end
|
|
146
169
|
end
|
|
147
170
|
end
|
data/lib/drone_hunter.rb
CHANGED
|
@@ -21,12 +21,18 @@ class DroneHunter
|
|
|
21
21
|
@github ||= options.fetch(:client) { Octokit::Client.new(auto_paginate: true) }
|
|
22
22
|
@cache ||= options.fetch(:cache) { Moneta.new(:File, dir: 'drone-hunter.cache') }
|
|
23
23
|
@owners ||= Set.new(options.fetch(:owners, []))
|
|
24
|
+
@ignoring ||= { archived: false }.merge(options.fetch(:ignore, {}))
|
|
24
25
|
end
|
|
25
26
|
|
|
26
27
|
attr_reader :log
|
|
27
28
|
attr_reader :github
|
|
28
29
|
attr_reader :cache
|
|
29
30
|
attr_reader :owners
|
|
31
|
+
attr_reader :ignoring
|
|
32
|
+
|
|
33
|
+
def ignoring_archived?
|
|
34
|
+
ignoring.fetch(:archived, false)
|
|
35
|
+
end
|
|
30
36
|
|
|
31
37
|
def cached(key, *rest, &block)
|
|
32
38
|
if cache.key?(key)
|
|
@@ -41,7 +47,9 @@ class DroneHunter
|
|
|
41
47
|
def repositories(owner = nil)
|
|
42
48
|
case owner
|
|
43
49
|
when String then cached("repositories/#{owner}") { github.repositories(owner) }
|
|
44
|
-
when nil then owners.flat_map { |owner| repositories(owner) }
|
|
50
|
+
when nil then owners.flat_map { |owner| repositories(owner) }.reject do |repo|
|
|
51
|
+
ignoring_archived? && repo.archived
|
|
52
|
+
end
|
|
45
53
|
else raise TypeError
|
|
46
54
|
end
|
|
47
55
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: drone-hunter
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chris Olstrom
|
|
@@ -57,6 +57,10 @@ executables:
|
|
|
57
57
|
extensions: []
|
|
58
58
|
extra_rdoc_files: []
|
|
59
59
|
files:
|
|
60
|
+
- ".github/dependabot.yml"
|
|
61
|
+
- ".github/workflows/codeql-analysis.yml"
|
|
62
|
+
- ".github/workflows/gem-push.yml"
|
|
63
|
+
- CHANGELOG.md
|
|
60
64
|
- Gemfile
|
|
61
65
|
- LICENSE.txt
|
|
62
66
|
- README.md
|