RubyGems - examine - Versions diffs - 0.1.0 → 0.1.1 - Mend

examine 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

checksums.yaml +4 -4
data/.gitignore +2 -0
data/.gitlab-ci.yml +22 -12
data/Dockerfile +4 -1
data/Gemfile.lock +8 -2
data/README.md +10 -16
data/examine.gemspec +1 -0
data/lib/examine/cli/application.rb +10 -0
data/lib/examine/cli/clair.rb +105 -0
data/lib/examine/cli.rb +12 -0
data/lib/examine/version.rb +1 -1
data/lib/examine.rb +1 -59
metadata +19 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b2a1d5ed29dd05eb35da28ce3e86fa677d793e2e5d6c4bd5aefcf83aad061ee4
-  data.tar.gz: 1505a21f5bc90e47a5b32f52c3ca212254c519cfa3369e3562607646d8ab09e4
+  metadata.gz: d580d78447a470a51a68c9c9c67a921f223bd982b7d28977885b7b70ea1d9f1f
+  data.tar.gz: 7775399dbe8b3f043a77de1afb83be5a54e4096e9be051f3089f0a830aa3e1bd
 SHA512:
-  metadata.gz: 871169220ce9b4e092cc340da5e91d3593b2efa5cf9a23b51ad412f0c5e502969fadd9183ff37b8473c8fe694f9824be09cc5ab47ec33831de1f2dcc314c3fab
-  data.tar.gz: ec29a18745998923877749760080805ebf000049dbec1df08e1003df8f6160aaa088c9c77acf5f2791150dd9fa0b8048d67538f4b0680941ab16950385af95b2
+  metadata.gz: 7deb9c99012fdb03a1a6bf94d49bd168c1590f17ed84be12ab704c0d77612b52fd6e22aa155bf5f64a8ca7367abf6288c2fe1054a5708d5ccc3c02f8d411df3c
+  data.tar.gz: 9b43e8f24d5b0d14a0f6a8cf797c18712f2f7ffd4299b1bde86a1de4e2fe726cc1c3d5e63dacc947caf5de114f2760023b73d140fc44088b3e88a6430966394c

data/.gitignore CHANGED Viewed

@@ -9,3 +9,5 @@
 # rspec failure tracking
 .rspec_status
+*.log
+*.json

data/.gitlab-ci.yml CHANGED Viewed

@@ -1,36 +1,46 @@
 services:
-  - docker:stable-dind
+  - docker:dind
 stages:
   - build
   - test
-include:
-  - template: Container-Scanning.gitlab-ci.yml
+variables:
+  DOCKER_IMAGE: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
 build:
   image: docker:stable
   stage: build
-  variables:
-    IMAGE: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
   script:
     - docker info
     - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
-    - docker build -t $IMAGE .
-    - docker push $IMAGE
+    - docker build -t $DOCKER_IMAGE .
+    - docker push $DOCKER_IMAGE
 rspec:
   image:
-    name: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
+    name: $DOCKER_IMAGE
     entrypoint: [""]
+  variables:
+    GIT_STRATEGY: none
   stage: test
   script:
-    - bundle exec rspec
+    - cd /examine/ && bundle exec rspec
 examine:
   image:
-    name: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
-    entrypoint: [""]
+    name: docker:stable
+  allow_failure: true
+  variables:
+    CLAIR_URL: http://docker:6060
+    DOCKER_DRIVER: overlay2
+    DOCKER_HOST: tcp://docker:2375
+    GIT_STRATEGY: none
+    NO_PROXY: docker,localhost
+    TARGET_IMAGE: $DOCKER_IMAGE
   stage: test
   script:
-    - bundle exec ./examine clair scan mokhan/minbox:latest
+    - apk add ruby curl
+    - gem install examine --no-document
+    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
+    - examine clair scan $DOCKER_IMAGE --clair_url $CLAIR_URL --ip $(hostname -i)

data/Dockerfile CHANGED Viewed

@@ -1,6 +1,9 @@
 FROM docker:stable
-RUN apk add ruby git
+RUN apk add ruby git curl
 RUN gem install bundler -v '~> 2.0' --no-document
+RUN wget https://github.com/arminc/clair-scanner/releases/download/v12/clair-scanner_linux_amd64 && \
+  mv clair-scanner_linux_amd64 /usr/local/bin/clair-scanner && \
+  chmod +x /usr/local/bin/clair-scanner
 RUN mkdir -p /examine
 WORKDIR /examine
 COPY . .

data/Gemfile.lock CHANGED Viewed

@@ -1,13 +1,19 @@
 PATH
   remote: .
   specs:
-    examine (0.1.0)
+    examine (0.1.1)
+      down (~> 4.8)
       thor (~> 0.20)
 GEM
   remote: https://rubygems.org/
   specs:
+    addressable (2.6.0)
+      public_suffix (>= 2.0.2, < 4.0)
     diff-lcs (1.3)
+    down (4.8.1)
+      addressable (~> 2.5)
+    public_suffix (3.1.1)
     rake (10.5.0)
     rspec (3.8.0)
       rspec-core (~> 3.8.0)
@@ -34,4 +40,4 @@ DEPENDENCIES
   rspec (~> 3.0)
 BUNDLED WITH
-   2.0.1
+   2.0.2

data/README.md CHANGED Viewed

@@ -1,28 +1,22 @@
 # Examine
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/examine`. To experiment with that code, run `bin/console` for an interactive prompt.
-TODO: Delete this and the text above, and describe your gem
+This gem is used to perform different types of analysis on your
+code/images.
 ## Installation
-Add this line to your application's Gemfile:
-```ruby
-gem 'examine'
-```
-And then execute:
-    $ bundle
-Or install it yourself as:
+Install it yourself as:
     $ gem install examine
 ## Usage
-TODO: Write usage instructions here
+To scan a docker image: (this requires docker to be running on your system)
+```bash
+$ examine clair scan mokhan/minbox:latest
+$ examine clair scan node:latest
+```
 ## Development
@@ -32,7 +26,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 ## Contributing
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/examine.
+Bug reports and pull requests are welcome on GitLab at https://gitlab.com/xlgmokha/examine.
 ## License

data/examine.gemspec CHANGED Viewed

@@ -23,6 +23,7 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
+  spec.add_dependency "down", "~> 4.8"
   spec.add_dependency "thor", "~> 0.20"
   spec.add_development_dependency "bundler", "~> 2.0"
   spec.add_development_dependency "rake", "~> 10.0"

data/lib/examine/cli/application.rb ADDED Viewed

@@ -0,0 +1,10 @@
+module Examine
+  module CLI
+    class Application < Thor
+      package_name 'examine'
+      desc 'clair', 'manage clair'
+      subcommand :clair, Examine::CLI::Clair
+    end
+  end
+end

data/lib/examine/cli/clair.rb ADDED Viewed

@@ -0,0 +1,105 @@
+module Examine
+  module CLI
+    class Clair < Thor
+      DOWNLOAD_PATH = 'https://github.com/arminc/clair-scanner/releases/download/v12/'
+      method_option :clair_url, desc: 'clair url', default: 'http://localhost:6060', type: :string
+      desc 'start', 'start a clair server'
+      def start
+        ensure_docker_installed!
+        spawn 'docker run -d --name clair-db arminc/clair-db:latest'
+        wait_until('docker ps --filter="name=clair-db" --filter="status=running" --filter="expose=5432/tcp" | grep -v CONT')
+        spawn 'docker run --restart=unless-stopped -p 6060:6060 --link clair-db:postgres -d --name clair arminc/clair-local-scan:latest'
+        wait_until('docker ps --filter="name=clair" --filter="status=running" --filter="expose=6060/tcp" | grep -v CONT')
+        wait_until("curl -s #{options[:clair_url]}/v1/namespaces > /dev/null")
+      end
+      method_option :ip, desc: 'ip address', default: nil, type: :string
+      method_option :clair_url, desc: 'clair url', default: 'http://localhost:6060', type: :string
+      method_option :report, desc: 'report file', default: 'report.json', type: :string
+      method_option :log, desc: 'log file', default: 'clair.log', type: :string
+      method_option :whitelist, desc: 'whitelist file', default: nil, type: :string
+      desc 'scan <image>', 'scan a specific image'
+      def scan(image)
+        start unless started?
+        ip = options[:ip] || Socket.ip_address_list[1].ip_address
+        system "docker pull #{image}"
+        command = [
+          clair_exe,
+          "-c #{options[:clair_url]}",
+          "--ip #{ip}",
+          "-r #{options[:report]}",
+          "-l #{options[:log]}",
+          image,
+        ]
+        command.insert(-2, "-w #{options[:whitelist]}") if options[:whitelist]
+        system command.join(' ')
+      end
+      desc 'status', 'status of clair server'
+      def status
+        system "docker ps -a | grep clair"
+      end
+      desc 'stop', 'stop all clair servers'
+      def stop
+        system "docker stop $(docker ps | grep -v CONT | grep clair- | awk '{ print $1 }')"
+        system "docker system prune -f"
+      end
+      private
+      def started?
+        status
+      end
+      def clair_exe
+        @clair_exe ||= executable_exists?('clair-scanner') || download_clair
+      end
+      def executable_exists?(exe)
+        found = ENV['PATH'].split(':').find do |x|
+          File.exist?(File.join(x, exe))
+        end
+        return File.join(found, exe) if found
+      end
+      def download_clair
+        File.join(Dir.tmpdir, 'clair-scanner').tap do |exe|
+          Down.download(clair_download_path, destination: exe)
+          `chmod +x #{exe}`
+        end
+      end
+      def clair_download_path
+        platform = Gem::Platform.local
+        exe = {
+          'x86-darwin' => 'clair-scanner_darwin_386',
+          'x86-linux' => 'clair-scanner_linux_386',
+          'x86_64-darwin' => 'clair-scanner_darwin_amd64',
+          'x86_64-linux' => 'clair-scanner_linux_amd64',
+        }["#{platform.cpu}-#{platform.os}"]
+        return URI.join(DOWNLOAD_PATH, exe).to_s if exe
+        raise 'clair-scanner could not be found in your PATH. Download from https://github.com/arminc/clair-scanner/releases'
+      end
+      def wait
+        print '.'
+        sleep 1
+      end
+      def wait_until(command)
+        Timeout.timeout(60, nil, command) do
+          wait until system(command)
+        end
+      end
+      def ensure_docker_installed!
+        raise 'docker was not detected on the system' unless executable_exists?('docker')
+      end
+    end
+  end
+end

data/lib/examine/cli.rb ADDED Viewed

@@ -0,0 +1,12 @@
+require 'down'
+require 'socket'
+require 'thor'
+require 'timeout'
+require 'examine/cli/clair'
+require 'examine/cli/application'
+module Examine
+  module CLI
+  end
+end

data/lib/examine/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Examine
-  VERSION = "0.1.0"
+  VERSION = "0.1.1"
 end

data/lib/examine.rb CHANGED Viewed

@@ -1,64 +1,6 @@
+require "examine/cli"
 require "examine/version"
-require 'socket'
-require 'thor'
 module Examine
   class Error < StandardError; end
-  module CLI
-    class Clair < Thor
-      method_option :clair_url, desc: 'clair url', default: 'http://localhost:6060', type: :string
-      desc 'start', 'start a clair server'
-      def start
-        db_pid = spawn 'docker run -d --name clair-db arminc/clair-db:latest'
-        command = 'docker ps --filter="name=clair-db" --filter="status=running" --filter="expose=5432/tcp" | grep -v CONT'
-        print '.' until system(command)
-        puts "clair-db started. (PID: #{db_pid})"
-        clair_pid = spawn 'docker run --restart=unless-stopped -p 6060:6060 --link clair-db:postgres -d --name clair arminc/clair-local-scan:latest'
-        command = 'docker ps --filter="name=clair" --filter="status=running" --filter="expose=6060/tcp" | grep -v CONT'
-        print '.' until system(command)
-        print '.' until system("curl -s #{options[:clair_url]}/v1/namespaces > /dev/null")
-        puts "clair-local-scan started. (PID: #{clair_pid})"
-      end
-      method_option :ip, desc: 'ip address', default: nil, type: :string
-      method_option :clair_url, desc: 'clair url', default: 'http://localhost:6060', type: :string
-      desc 'scan <image>', 'scan a specific image'
-      def scan(image)
-        start unless started?
-        ip = options[:ip] || Socket.ip_address_list[1].ip_address
-        system "docker pull #{image}"
-        system "clair-scanner -c #{options[:clair_url]} --ip #{ip} #{image}"
-      end
-      desc 'status', 'status of clair server'
-      def status
-        system "docker ps -a | grep clair"
-      end
-      desc 'stop', 'stop all clair servers'
-      def stop
-        system "docker stop $(docker ps | grep -v CONT | grep clair- | awk '{ print $1 }')"
-        system "docker system prune -f"
-      end
-      private
-      def started?
-        status
-      end
-    end
-    class Application < Thor
-      package_name 'examine'
-      desc 'clair', 'manage clair'
-      subcommand :clair, Examine::CLI::Clair
-    end
-  end
 end

metadata CHANGED Viewed

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: examine
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - mo
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-07-23 00:00:00.000000000 Z
+date: 2019-07-24 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: down
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.8'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.8'
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement
@@ -88,6 +102,9 @@ files:
 - examine.gemspec
 - exe/examine
 - lib/examine.rb
+- lib/examine/cli.rb
+- lib/examine/cli/application.rb
+- lib/examine/cli/clair.rb
 - lib/examine/version.rb
 homepage: https://www.mokhan.ca/
 licenses: