fastlane-plugin-checks 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c90e1d038f090efc39fc1b2006a60ae91ac738a3db94f390bed49194412bf580
|
4
|
+
data.tar.gz: 50a7011e2e26ccdf5adc70a06c0cf9292fef7ab989dfb620b02fde35794c11d8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6d074eec91e7dafd55b04b7a644058344b2032b073fb99da14055a1f57fac3c8f46d6e249193d032f575addd459cb0e21195ffffce05f0b60bc88b488631733b
|
7
|
+
data.tar.gz: cc6b676ef75ce07693cdb8529ee3b16c461e652513d47f5ff9bc18430bc83d92308336075a41e40c40e2ff0d20f766960e0d35c41aa1581652523edbc26edc6b
|
data/README.md
CHANGED
@@ -1,27 +1,69 @@
|
|
1
|
-
#
|
1
|
+
# Google Checks plugin for Fastlane
|
2
2
|
|
3
3
|
[](https://rubygems.org/gems/fastlane-plugin-checks)
|
4
4
|
|
5
|
-
|
5
|
+
The [Checks App Compliance fastlane
|
6
|
+
plugin](https://goo.gle/checks-fastlane-plugin) is an seamless way to automate
|
7
|
+
your iOS Checks analysis right from fastlane. This plugin lets you upload your
|
8
|
+
app to Checks by adding an action into your `Fastfile`. For additional
|
9
|
+
information about fastlane plugins, see the [fastlane
|
10
|
+
documentation](https://docs.fastlane.tools/plugins/using-plugins/).
|
6
11
|
|
7
|
-
|
8
|
-
[Checks](https://checks.google.com). To get started with
|
9
|
-
`fastlane-plugin-checks`, add it to your project by running:
|
12
|
+
Checks is a compliance platform from Google for mobile app developers that simplifies the path to privacy for development teams and the apps they’re building. Learn more at [checks.google.com](https://checks.google.com/).
|
10
13
|
|
11
|
-
|
12
|
-
|
14
|
+
## Requirements
|
15
|
+
|
16
|
+
To configure Checks to run in a pipeline, ensure you've fully onboarded and have retrieved key configuration inputs from
|
17
|
+
your Checks account and Google Cloud project.
|
18
|
+
|
19
|
+
### Create a Checks account and connect your app
|
20
|
+
|
21
|
+
Follow the [Quickstart](https://developers.google.com/checks/guide/getting-started/quickstart) documentation to create a Checks account and connect your first app.
|
22
|
+
|
23
|
+
### Target Checks account and app
|
24
|
+
|
25
|
+
When you run Checks in your CI/CD platform, you will need to assign the results
|
26
|
+
to a Checks account and an app that you've connected to that Checks account. To
|
27
|
+
do this, you'll need the Checks **Account ID** and **App ID**.
|
28
|
+
|
29
|
+
For your **Account ID**, visit your [Account Settings
|
30
|
+
page](https://checks.google.com/console/settings/account).
|
31
|
+
|
32
|
+
For your **App ID**, visit your [App Settings
|
33
|
+
page](https://checks.google.com/console/settings/apps).
|
34
|
+
|
35
|
+
### Authentication
|
36
|
+
|
37
|
+
A **service account** should be used when using Checks in an automation setup,
|
38
|
+
such as CI/CD. For more information on how to create and configure a service
|
39
|
+
account, see [Authenticate the
|
40
|
+
CLI](/checks/guide/cli/install-checks-cli#authenticate-service).
|
41
|
+
|
42
|
+
It is recommended to use CI environment variables to configure your JSON key.
|
43
|
+
For example:
|
44
|
+
|
45
|
+
```
|
46
|
+
CHECKS_CREDENTIALS=/my/path/to/serviceaccount.json
|
13
47
|
```
|
14
48
|
|
15
|
-
##
|
49
|
+
## Getting started
|
16
50
|
|
17
|
-
|
51
|
+
To add Checks to your fastlane configuration, run the following command from the
|
52
|
+
root of your iOS project:
|
18
53
|
|
54
|
+
```posix-terminal
|
55
|
+
fastlane add_plugin checks
|
19
56
|
```
|
20
|
-
|
57
|
+
|
58
|
+
Next, In a `./fastlane/Fastfile` lane, add a `checks_app_scan` block. The basic
|
59
|
+
way to use `checks_app_scan` with the required parameters is:
|
60
|
+
|
61
|
+
```ruby
|
62
|
+
checks_app_scan(
|
21
63
|
account_id: "<your Checks account ID>",
|
22
64
|
app_id: "<your Checks app ID>",
|
23
65
|
binary_path: "<path to your .apk/.aab/.ipa>",
|
24
|
-
service_account_file_path: "
|
66
|
+
service_account_file_path: ENV["SERVICE_ACCOUNT_JSON"],
|
25
67
|
)
|
26
68
|
```
|
27
69
|
|
@@ -34,18 +76,53 @@ Name | Type | Default | Description
|
|
34
76
|
service_account_file_path | string | – | Path to your serviceaccount.json file. Please refer to [Authenticate Google Checks](https://developers.google.com/checks/guide/integrate/cli/install-checks-cli#authenticate-service) with a service account to generate a service account.
|
35
77
|
account_id | string | – | Google Checks account ID from [Checks settings page](https://checks.area120.google.com/console/settings)
|
36
78
|
app_id | string | – | Google Checks application ID
|
37
|
-
binary_path | string | – |
|
79
|
+
binary_path | string | – | Path to the application binary file: .apk, .aab or .ipa
|
38
80
|
generate_report | boolean | true | If `false` the action won't upload and run the report for binary_path. It is useful to test your authentication and other paramaters.
|
39
81
|
wait_for_report | boolean | true | If `false` the action won't wait for the report completion and the build will keep going.
|
40
|
-
severity_threshold | string | – | Valid values are: `PRIORITY` `POTENTIAL` `OPPORTUNITY
|
82
|
+
severity_threshold | string | – | With this option, only vulnerabilities of the specified level or higher are reported. Valid values are: `PRIORITY` `POTENTIAL` `OPPORTUNITY`.
|
41
83
|
fail_on | string | – | if `all` then action will fail if there are any failed checks following `severity_threshold` condition. It won't fail by default.
|
42
84
|
operation_id | string | – | For development and testing purposes. If an upload is already in progress, or you want to analyse an existing upload.
|
43
85
|
|
44
86
|
## Example
|
45
87
|
|
46
|
-
|
47
|
-
|
48
|
-
|
88
|
+
By configuring the inputs to the Checks fastlane plugin, you can customize if
|
89
|
+
the Checks analysis should run in the background or as part of your testing
|
90
|
+
suite.
|
91
|
+
|
92
|
+
### Upload each new release to Checks and run the analysis in the background
|
93
|
+
|
94
|
+
```ruby
|
95
|
+
platform :ios do
|
96
|
+
desc "My example app"
|
97
|
+
lane :distribute do
|
98
|
+
build_ios_app(...)
|
99
|
+
checks_app_scan(
|
100
|
+
account_id: "1234567890",
|
101
|
+
app_id: "1234567890",
|
102
|
+
binary_path: "./example-app.ipa",
|
103
|
+
service_account_file_path: ENV["SERVICE_ACCOUNT_JSON"],
|
104
|
+
)
|
105
|
+
distribute_ios_app(...)
|
106
|
+
end
|
107
|
+
end
|
108
|
+
```
|
109
|
+
|
110
|
+
### Run Checks as part of your Fastlane testing suite
|
111
|
+
|
112
|
+
```ruby
|
113
|
+
desc "Checks App Compliance analysis"
|
114
|
+
lane :test do |options|
|
115
|
+
checks_app_scan(
|
116
|
+
account_id: "1234567890",
|
117
|
+
app_id: "1234567890",
|
118
|
+
binary_path: "./example-app.ipa",
|
119
|
+
service_account_file_path: ENV["SERVICE_ACCOUNT_JSON"],
|
120
|
+
wait_for_report: true,
|
121
|
+
severity_threshold: "PRIORITY",
|
122
|
+
fail_on: "ALL",
|
123
|
+
)
|
124
|
+
end
|
125
|
+
```
|
49
126
|
|
50
127
|
## Run tests for this plugin
|
51
128
|
|
@@ -26,7 +26,7 @@ require_relative '../options'
|
|
26
26
|
module Fastlane
|
27
27
|
UI = FastlaneCore::UI unless Fastlane.const_defined?(:UI)
|
28
28
|
module Actions
|
29
|
-
class
|
29
|
+
class ChecksAppScanAction < Action
|
30
30
|
def self.run(params) # rubocop:disable Metrics/PerceivedComplexity
|
31
31
|
# required parameters
|
32
32
|
service_account_file_path = params[:service_account_file_path]
|
@@ -101,7 +101,7 @@ module Fastlane
|
|
101
101
|
end
|
102
102
|
|
103
103
|
def self.description
|
104
|
-
"
|
104
|
+
"Checks App Compliance scan"
|
105
105
|
end
|
106
106
|
|
107
107
|
def self.authors
|
@@ -114,7 +114,7 @@ module Fastlane
|
|
114
114
|
|
115
115
|
def self.details
|
116
116
|
# Optional:
|
117
|
-
"
|
117
|
+
"Upload your mobile app to Checks to run an App Compliance scan"
|
118
118
|
end
|
119
119
|
|
120
120
|
def self.available_options
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: fastlane-plugin-checks
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sherzat Aitbayev
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-04-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: faraday
|
@@ -206,8 +206,8 @@ dependencies:
|
|
206
206
|
- - ">="
|
207
207
|
- !ruby/object:Gem::Version
|
208
208
|
version: '0'
|
209
|
-
description:
|
210
|
-
email:
|
209
|
+
description:
|
210
|
+
email:
|
211
211
|
executables: []
|
212
212
|
extensions: []
|
213
213
|
extra_rdoc_files: []
|
@@ -215,7 +215,7 @@ files:
|
|
215
215
|
- LICENSE
|
216
216
|
- README.md
|
217
217
|
- lib/fastlane/plugin/checks.rb
|
218
|
-
- lib/fastlane/plugin/checks/actions/
|
218
|
+
- lib/fastlane/plugin/checks/actions/checks_app_scan.rb
|
219
219
|
- lib/fastlane/plugin/checks/helper/checks_service.rb
|
220
220
|
- lib/fastlane/plugin/checks/helper/credentials.rb
|
221
221
|
- lib/fastlane/plugin/checks/helper/report_parser.rb
|
@@ -226,7 +226,7 @@ licenses:
|
|
226
226
|
- Apache-2.0
|
227
227
|
metadata:
|
228
228
|
rubygems_mfa_required: 'true'
|
229
|
-
post_install_message:
|
229
|
+
post_install_message:
|
230
230
|
rdoc_options: []
|
231
231
|
require_paths:
|
232
232
|
- lib
|
@@ -241,8 +241,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
241
241
|
- !ruby/object:Gem::Version
|
242
242
|
version: '0'
|
243
243
|
requirements: []
|
244
|
-
rubygems_version: 3.5.
|
245
|
-
signing_key:
|
244
|
+
rubygems_version: 3.5.9
|
245
|
+
signing_key:
|
246
246
|
specification_version: 4
|
247
247
|
summary: Fastlane plugin for Checks (checks.google.com)
|
248
248
|
test_files: []
|