RubyGems - examine - Versions diffs - 0.1.0 → 0.1.1 - Mend

examine 0.1.0 → 0.1.1

Files changed (13) hide show

checksums.yaml +4 -4
data/.gitignore +2 -0
data/.gitlab-ci.yml +22 -12
data/Dockerfile +4 -1
data/Gemfile.lock +8 -2
data/README.md +10 -16
data/examine.gemspec +1 -0
data/lib/examine/cli/application.rb +10 -0
data/lib/examine/cli/clair.rb +105 -0
data/lib/examine/cli.rb +12 -0
data/lib/examine/version.rb +1 -1
data/lib/examine.rb +1 -59
metadata +19 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b2a1d5ed29dd05eb35da28ce3e86fa677d793e2e5d6c4bd5aefcf83aad061ee4
-  data.tar.gz: 1505a21f5bc90e47a5b32f52c3ca212254c519cfa3369e3562607646d8ab09e4
+  metadata.gz: d580d78447a470a51a68c9c9c67a921f223bd982b7d28977885b7b70ea1d9f1f
+  data.tar.gz: 7775399dbe8b3f043a77de1afb83be5a54e4096e9be051f3089f0a830aa3e1bd
 SHA512:
-  metadata.gz: 871169220ce9b4e092cc340da5e91d3593b2efa5cf9a23b51ad412f0c5e502969fadd9183ff37b8473c8fe694f9824be09cc5ab47ec33831de1f2dcc314c3fab
-  data.tar.gz: ec29a18745998923877749760080805ebf000049dbec1df08e1003df8f6160aaa088c9c77acf5f2791150dd9fa0b8048d67538f4b0680941ab16950385af95b2
+  metadata.gz: 7deb9c99012fdb03a1a6bf94d49bd168c1590f17ed84be12ab704c0d77612b52fd6e22aa155bf5f64a8ca7367abf6288c2fe1054a5708d5ccc3c02f8d411df3c
+  data.tar.gz: 9b43e8f24d5b0d14a0f6a8cf797c18712f2f7ffd4299b1bde86a1de4e2fe726cc1c3d5e63dacc947caf5de114f2760023b73d140fc44088b3e88a6430966394c

data/.gitignore CHANGED Viewed

@@ -9,3 +9,5 @@
 # rspec failure tracking
 .rspec_status
+*.log
+*.json

data/.gitlab-ci.yml CHANGED Viewed

@@ -1,36 +1,46 @@
 services:
-  - docker:stable-dind
+  - docker:dind
 stages:
   - build
   - test
-include:
-  - template: Container-Scanning.gitlab-ci.yml
+variables:
+  DOCKER_IMAGE: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
 build:
   image: docker:stable
   stage: build
-  variables:
-    IMAGE: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
   script:
     - docker info
     - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
-    - docker build -t $IMAGE .
-    - docker push $IMAGE
+    - docker build -t $DOCKER_IMAGE .
+    - docker push $DOCKER_IMAGE
 rspec:
   image:
-    name: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
+    name: $DOCKER_IMAGE
     entrypoint: [""]
+  variables:
+    GIT_STRATEGY: none
   stage: test
   script:
-    - bundle exec rspec
+    - cd /examine/ && bundle exec rspec
 examine:
   image:
-    name: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
-    entrypoint: [""]
+    name: docker:stable
+  allow_failure: true
+  variables:
+    CLAIR_URL: http://docker:6060
+    DOCKER_DRIVER: overlay2
+    DOCKER_HOST: tcp://docker:2375
+    GIT_STRATEGY: none
+    NO_PROXY: docker,localhost
+    TARGET_IMAGE: $DOCKER_IMAGE
   stage: test
   script:
-    - bundle exec ./examine clair scan mokhan/minbox:latest
+    - apk add ruby curl
+    - gem install examine --no-document
+    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
+    - examine clair scan $DOCKER_IMAGE --clair_url $CLAIR_URL --ip $(hostname -i)

data/Dockerfile CHANGED Viewed

@@ -1,6 +1,9 @@
 FROM docker:stable
-RUN apk add ruby git
+RUN apk add ruby git curl
 RUN gem install bundler -v '~> 2.0' --no-document
+RUN wget https://github.com/arminc/clair-scanner/releases/download/v12/clair-scanner_linux_amd64 && \
+  mv clair-scanner_linux_amd64 /usr/local/bin/clair-scanner && \
+  chmod +x /usr/local/bin/clair-scanner
 RUN mkdir -p /examine
 WORKDIR /examine
 COPY . .

data/Gemfile.lock CHANGED Viewed

@@ -1,13 +1,19 @@
 PATH
   remote: .
   specs:
-    examine (0.1.0)
+    examine (0.1.1)
+      down (~> 4.8)
       thor (~> 0.20)
 GEM
   remote: https://rubygems.org/
   specs:
+    addressable (2.6.0)
+      public_suffix (>= 2.0.2, < 4.0)
     diff-lcs (1.3)
+    down (4.8.1)
+      addressable (~> 2.5)
+    public_suffix (3.1.1)
     rake (10.5.0)
     rspec (3.8.0)
       rspec-core (~> 3.8.0)
@@ -34,4 +40,4 @@ DEPENDENCIES
   rspec (~> 3.0)
 BUNDLED WITH
-   2.0.1
+   2.0.2

data/README.md CHANGED Viewed

@@ -1,28 +1,22 @@
 # Examine
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/examine`. To experiment with that code, run `bin/console` for an interactive prompt.
-TODO: Delete this and the text above, and describe your gem
+This gem is used to perform different types of analysis on your
+code/images.
 ## Installation
-Add this line to your application's Gemfile:
-```ruby
-gem 'examine'
-```
-And then execute:
-    $ bundle
-Or install it yourself as:
+Install it yourself as:
     $ gem install examine
 ## Usage
-TODO: Write usage instructions here
+To scan a docker image: (this requires docker to be running on your system)
+```bash
+$ examine clair scan mokhan/minbox:latest
+$ examine clair scan node:latest
+```
 ## Development
@@ -32,7 +26,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 ## Contributing
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/examine.
+Bug reports and pull requests are welcome on GitLab at https://gitlab.com/xlgmokha/examine.
 ## License

data/examine.gemspec CHANGED Viewed

@@ -23,6 +23,7 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
+  spec.add_dependency "down", "~> 4.8"
   spec.add_dependency "thor", "~> 0.20"
   spec.add_development_dependency "bundler", "~> 2.0"
   spec.add_development_dependency "rake", "~> 10.0"

data/lib/examine/cli/application.rb ADDED Viewed

@@ -0,0 +1,10 @@
+module Examine
+  module CLI
+    class Application < Thor
+      package_name 'examine'
+      desc 'clair', 'manage clair'
+      subcommand :clair, Examine::CLI::Clair
+    end
+  end
+end

data/lib/examine/cli/clair.rb ADDED Viewed

@@ -0,0 +1,105 @@
+module Examine
+  module CLI
+    class Clair < Thor
+      DOWNLOAD_PATH = 'https://github.com/arminc/clair-scanner/releases/download/v12/'
+      method_option :clair_url, desc: 'clair url', default: 'http://localhost:6060', type: :string
+      desc 'start', 'start a clair server'
+      def start
+        ensure_docker_installed!
+        spawn 'docker run -d --name clair-db arminc/clair-db:latest'
+        wait_until('docker ps --filter="name=clair-db" --filter="status=running" --filter="expose=5432/tcp" | grep -v CONT')
+        spawn 'docker run --restart=unless-stopped -p 6060:6060 --link clair-db:postgres -d --name clair arminc/clair-local-scan:latest'
+        wait_until('docker ps --filter="name=clair" --filter="status=running" --filter="expose=6060/tcp" | grep -v CONT')
+        wait_until("curl -s #{options[:clair_url]}/v1/namespaces > /dev/null")
+      end
+      method_option :ip, desc: 'ip address', default: nil, type: :string
+      method_option :clair_url, desc: 'clair url', default: 'http://localhost:6060', type: :string
+      method_option :report, desc: 'report file', default: 'report.json', type: :string
+      method_option :log, desc: 'log file', default: 'clair.log', type: :string
+      method_option :whitelist, desc: 'whitelist file', default: nil, type: :string
+      desc 'scan <image>', 'scan a specific image'
+      def scan(image)
+        start unless started?
+        ip = options[:ip] || Socket.ip_address_list[1].ip_address
+        system "docker pull #{image}"
+        command = [
+          clair_exe,
+          "-c #{options[:clair_url]}",
+          "--ip #{ip}",
+          "-r #{options[:report]}",
+          "-l #{options[:log]}",
+          image,
+        ]
+        command.insert(-2, "-w #{options[:whitelist]}") if options[:whitelist]
+        system command.join(' ')
+      end
+      desc 'status', 'status of clair server'
+      def status
+        system "docker ps -a | grep clair"
+      end
+      desc 'stop', 'stop all clair servers'
+      def stop
+        system "docker stop $(docker ps | grep -v CONT | grep clair- | awk '{ print $1 }')"
+        system "docker system prune -f"
+      end
+      private
+      def started?
+        status
+      end
+      def clair_exe
+        @clair_exe ||= executable_exists?('clair-scanner') || download_clair
+      end
+      def executable_exists?(exe)
+        found = ENV['PATH'].split(':').find do |x|
+          File.exist?(File.join(x, exe))
+        end
+        return File.join(found, exe) if found
+      end
+      def download_clair
+        File.join(Dir.tmpdir, 'clair-scanner').tap do |exe|
+          Down.download(clair_download_path, destination: exe)
+          `chmod +x #{exe}`
+        end
+      end
+      def clair_download_path
+        platform = Gem::Platform.local
+        exe = {
+          'x86-darwin' => 'clair-scanner_darwin_386',
+          'x86-linux' => 'clair-scanner_linux_386',
+          'x86_64-darwin' => 'clair-scanner_darwin_amd64',
+          'x86_64-linux' => 'clair-scanner_linux_amd64',
+        }["#{platform.cpu}-#{platform.os}"]
+        return URI.join(DOWNLOAD_PATH, exe).to_s if exe
+        raise 'clair-scanner could not be found in your PATH. Download from https://github.com/arminc/clair-scanner/releases'
+      end
+      def wait
+        print '.'
+        sleep 1
+      end
+      def wait_until(command)
+        Timeout.timeout(60, nil, command) do
+          wait until system(command)
+        end
+      end
+      def ensure_docker_installed!
+        raise 'docker was not detected on the system' unless executable_exists?('docker')
+      end
+    end
+  end
+end

data/lib/examine/cli.rb ADDED Viewed

@@ -0,0 +1,12 @@
+require 'down'
+require 'socket'
+require 'thor'
+require 'timeout'
+require 'examine/cli/clair'
+require 'examine/cli/application'
+module Examine
+  module CLI
+  end
+end

data/lib/examine/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Examine
-  VERSION = "0.1.0"
+  VERSION = "0.1.1"
 end

data/lib/examine.rb CHANGED Viewed

@@ -1,64 +1,6 @@
+require "examine/cli"
 require "examine/version"
-require 'socket'
-require 'thor'
 module Examine
   class Error < StandardError; end
-  module CLI
-    class Clair < Thor
-      method_option :clair_url, desc: 'clair url', default: 'http://localhost:6060', type: :string
-      desc 'start', 'start a clair server'
-      def start
-        db_pid = spawn 'docker run -d --name clair-db arminc/clair-db:latest'
-        command = 'docker ps --filter="name=clair-db" --filter="status=running" --filter="expose=5432/tcp" | grep -v CONT'
-        print '.' until system(command)
-        puts "clair-db started. (PID: #{db_pid})"
-        clair_pid = spawn 'docker run --restart=unless-stopped -p 6060:6060 --link clair-db:postgres -d --name clair arminc/clair-local-scan:latest'
-        command = 'docker ps --filter="name=clair" --filter="status=running" --filter="expose=6060/tcp" | grep -v CONT'
-        print '.' until system(command)
-        print '.' until system("curl -s #{options[:clair_url]}/v1/namespaces > /dev/null")
-        puts "clair-local-scan started. (PID: #{clair_pid})"
-      end
-      method_option :ip, desc: 'ip address', default: nil, type: :string
-      method_option :clair_url, desc: 'clair url', default: 'http://localhost:6060', type: :string
-      desc 'scan <image>', 'scan a specific image'
-      def scan(image)
-        start unless started?
-        ip = options[:ip] || Socket.ip_address_list[1].ip_address
-        system "docker pull #{image}"
-        system "clair-scanner -c #{options[:clair_url]} --ip #{ip} #{image}"
-      end
-      desc 'status', 'status of clair server'
-      def status
-        system "docker ps -a | grep clair"
-      end
-      desc 'stop', 'stop all clair servers'
-      def stop
-        system "docker stop $(docker ps | grep -v CONT | grep clair- | awk '{ print $1 }')"
-        system "docker system prune -f"
-      end
-      private
-      def started?
-        status
-      end
-    end
-    class Application < Thor
-      package_name 'examine'
-      desc 'clair', 'manage clair'
-      subcommand :clair, Examine::CLI::Clair
-    end
-  end
 end

metadata CHANGED Viewed

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: examine
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - mo
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-07-23 00:00:00.000000000 Z
+date: 2019-07-24 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: down
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.8'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.8'
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement
@@ -88,6 +102,9 @@ files:
 - examine.gemspec
 - exe/examine
 - lib/examine.rb
+- lib/examine/cli.rb
+- lib/examine/cli/application.rb
+- lib/examine/cli/clair.rb
 - lib/examine/version.rb
 homepage: https://www.mokhan.ca/
 licenses: