firespring_dev_commands 1.3.0

data/lib/firespring_dev_commands/node.rb

@@ -0,0 +1,107 @@
+module Dev
+  # Class containing methods related to node application
+  class Node
+    # The default path of the application inside the container
+    DEFAULT_PATH = '/usr/src/app'.freeze
+
+    # The default name of the node package file
+    DEFAULT_PACKAGE_FILE = 'package.json'.freeze
+
+    # Config object for setting top level git config options
+    Config = Struct.new(:container_path, :local_path, :package_file) do
+      def initialize
+        self.container_path = DEFAULT_PATH
+        self.local_path = DEV_COMMANDS_ROOT_DIR
+        self.package_file = DEFAULT_PACKAGE_FILE
+      end
+    end
+
+    class << self
+      # Instantiates a new top level config object if one hasn't already been created
+      # Yields that config object to any given block
+      # Returns the resulting config object
+      def config
+        @config ||= Config.new
+        yield(@config) if block_given?
+        @config
+      end
+
+      # Alias the config method to configure for a slightly clearer access syntax
+      alias_method :configure, :config
+    end
+
+    attr_accessor :container_path, :local_path, :package_file
+
+    def initialize(container_path: nil, local_path: nil, package_file: nil)
+      @container_path = container_path || self.class.config.container_path
+      @local_path = local_path || self.class.config.local_path
+      @package_file = package_file || self.class.config.package_file
+    end
+
+    # The base npm command that is the starting point for all subsequent commands
+    def base_command
+      ['npm', '--prefix', container_path]
+    end
+
+    # Build the command which can be use to perform a security audit report
+    def audit_command
+      audit = base_command
+      audit << 'audit'
+      audit << '--audit-level=none'
+      audit << '--json'
+      audit.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      audit << '2>&1' << '||' << 'true'
+
+      # Run the command as part of a shell script
+      ['sh', '-c', audit.join(' ')]
+    end
+
+    # Build the command to fix any security vulnerabilities that were found
+    def audit_fix_command
+      audit_fix = base_command
+      audit_fix << 'audit' << 'fix'
+      audit_fix.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      audit_fix
+    end
+
+    # Build the npm install command
+    def install_command
+      install = base_command
+      install << 'install'
+      install.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      install
+    end
+
+    # Build the node lint command
+    def lint_command
+      lint = base_command
+      lint << 'run' << 'lint'
+      lint.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      lint
+    end
+
+    # Build the node lint fix command
+    def lint_fix_command
+      lint_fix = base_command
+      lint_fix << 'run' << 'lint-fix'
+      lint_fix.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      lint_fix
+    end
+
+    # Build the node test command
+    def test_command
+      test = base_command
+      test << 'run' << 'test'
+      test.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      test
+    end
+
+    # Build the node test command
+    def test_coverage_command
+      test = base_command
+      test << 'run' << 'test:coverage'
+      test.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      test
+    end
+  end
+end

data/lib/firespring_dev_commands/php/audit.rb

@@ -0,0 +1,71 @@
+require 'json'
+require 'net/http'
+require 'uri'
+
+module Dev
+  class Php
+    # Class which contains commands and customizations for security audit reports
+    class Audit
+      attr_accessor :data
+
+      def initialize(data)
+        @data = JSON.parse(Dev::Common.new.strip_non_json(data))
+      end
+
+      # Convert the php audit data to the standardized audit report object
+      def to_report
+        Dev::Audit::Report.new(
+          data['advisories'].map do |_, v|
+            v.map do |it|
+              Dev::Audit::Report::Item.new(
+                id: it['advisoryId'],
+                name: it['packageName'],
+                severity: severity(it['cve']),
+                title: it['title'],
+                url: it['link'],
+                version: it['affectedVersions']
+              )
+            end
+          end.flatten
+        )
+      end
+
+      # Takes the give CVE number and looks it up on the NIST api
+      # Returns the highest severity reported (worst case scneario)
+      def severity(cve)
+        # Sleep to make sure we don't get rate limited
+        sleep(6)
+        url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=#{cve}"
+        response = Net::HTTP.get_response(URI.parse(url))
+
+        # If we can't talk to NIST, just assume the worst at 'unknown'
+        raise "#{response.code} #{response.message}" unless response.is_a?(Net::HTTPSuccess)
+
+        # Get the cve data out of the json body
+        cve_data = JSON.parse(response.body)['vulnerabilities'].first['cve']
+
+        # Sanity check to make sure it gave us the correct information
+        raise 'returned cve did not matche expected' unless cve == cve_data['id']
+
+        # Find the max cvss reported for this vulnerability
+        max_cvss = cve_data['metrics']['cvssMetricV31']&.map { |it| it['cvssData']['baseScore'] }&.max.to_f
+
+        # Map that severity to the correct level
+        cvss_to_severity(max_cvss)
+      rescue => e
+        LOG.error("Error looking up severity for #{cve}: #{e.message}")
+        LOG.error('WARNING: Unable to determine severity - ignoring with UNKNOWN')
+        Dev::Audit::Report::Level::UNKNOWN
+      end
+
+      # Take a given cvss scrore and map it to a severity string
+      def cvss_to_severity(score)
+        return Dev::Audit::Report::Level::LOW if score <= 3.9
+        return Dev::Audit::Report::Level::MODERATE if score <= 6.9
+        return Dev::Audit::Report::Level::HIGH if score <= 8.9
+
+        Dev::Audit::Report::Level::CRITICAL
+      end
+    end
+  end
+end

data/lib/firespring_dev_commands/php.rb

@@ -0,0 +1,109 @@
+module Dev
+  # Class containing methods related to php applicatio
+  class Php
+    # The default path of the application inside the container
+    DEFAULT_PATH = '/usr/src/app'.freeze
+
+    # The default name of the php package file
+    DEFAULT_PACKAGE_FILE = 'composer.json'.freeze
+
+    # Config object for setting top level git config options
+    Config = Struct.new(:container_path, :local_path, :package_file) do
+      def initialize
+        self.container_path = DEFAULT_PATH
+        self.local_path = DEV_COMMANDS_ROOT_DIR
+        self.package_file = DEFAULT_PACKAGE_FILE
+      end
+    end
+
+    class << self
+      # Instantiates a new top level config object if one hasn't already been created
+      # Yields that config object to any given block
+      # Returns the resulting config object
+      def config
+        @config ||= Config.new
+        yield(@config) if block_given?
+        @config
+      end
+
+      # Alias the config method to configure for a slightly clearer access syntax
+      alias_method :configure, :config
+    end
+
+    attr_accessor :container_path, :local_path, :package_file
+
+    def initialize(container_path: nil, local_path: nil, package_file: nil)
+      @container_path = container_path || self.class.config.container_path
+      @local_path = local_path || self.class.config.local_path
+      @package_file = package_file || self.class.config.package_file
+    end
+
+    # The base npm command that is the starting point for all subsequent commands
+    def base_command
+      ['composer', '--working-dir', container_path]
+    end
+
+    # Build the command which can be use to perform a security audit report
+    def audit_command
+      audit = base_command
+      audit << 'audit'
+      audit << '--no-interaction'
+      audit << '--no-cache'
+      audit << '--format' << 'json'
+      audit.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      audit << '2>&1' << '||' << 'true'
+
+      # Run the command as part of a shell script
+      ['sh', '-c', audit.join(' ')]
+    end
+
+    # Build the command to fix any security vulnerabilities that were found
+    # def audit_fix_command
+    #  audit_fix = base_command
+    #  audit_fix << 'audit' << 'fix'
+    #  audit_fix.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+    #  audit_fix
+    # end
+
+    # Build the php install command
+    def install_command
+      install = base_command
+      install << 'install'
+      install.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      install
+    end
+
+    # Build the php lint command
+    def lint_command
+      lint = base_command
+      lint << 'lint'
+      lint.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      lint
+    end
+
+    # Build the php lint fix command
+    def lint_fix_command
+      lint_fix = base_command
+      lint_fix << 'lint-fix'
+      lint_fix.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      lint_fix
+    end
+
+    # Build the php test command
+    def test_command
+      test = []
+      test << './vendor/bin/phpunit'
+      test.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      test
+    end
+
+    # Build the php fast test command
+    def test_fast_command(processes = 4)
+      test = []
+      test << './vendor/bin/paratest'
+      test.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      test << "-p#{processes}" << '--runner=WrapperRunner'
+      test
+    end
+  end
+end

data/lib/firespring_dev_commands/rake.rb

@@ -0,0 +1,24 @@
+require 'colorize'
+require 'rake'
+
+# Base rake module
+module ::Rake
+  # Class override for the execute method
+  # This has been added to allow the user to configure whether they want to see a stacktrace
+  # when an error has been raised to the top level by rake
+  class Task
+    # Create an alias method called orig_execute which is a copy of the original execute method
+    alias_method :orig_execute, :execute
+
+    # Create a new execute method which runs the original execute and catches any errors it raises
+    # Specify STACKTRACE=true or TRACE=true to print the full stack trace of the error
+    def execute(args = nil)
+      orig_execute(args)
+    rescue => e
+      # Exception notification stuff
+      puts "\n  #{e}\n".light_red
+      puts "\n#{e.backtrace.join("\n")}\n" if ENV['STACKTRACE'].to_s.strip == 'true' || ENV['TRACE'].to_s.strip == 'true'
+      exit 1
+    end
+  end
+end

data/lib/firespring_dev_commands/ruby/audit.rb

@@ -0,0 +1,30 @@
+require 'json'
+
+module Dev
+  class Ruby
+    # Class which contains commands and customizations for security audit reports
+    class Audit
+      attr_accessor :data
+
+      def initialize(data)
+        @data = JSON.parse(Dev::Common.new.strip_non_json(data))
+      end
+
+      # Convert the php audit data to the standardized audit report object
+      def to_report
+        Dev::Audit::Report.new(
+          data['results'].map do |it|
+            Dev::Audit::Report::Item.new(
+              id: it['advisory']['id'],
+              name: it['gem']['name'],
+              severity: it['advisory']['criticality'] || Dev::Audit::Report::Level::UNKNOWN,
+              title: it['advisory']['title'],
+              url: it['advisory']['url'],
+              version: it['gem']['version']
+            )
+          end
+        )
+      end
+    end
+  end
+end

data/lib/firespring_dev_commands/ruby.rb

@@ -0,0 +1,113 @@
+module Dev
+  # Class containing methods related to ruby application
+  class Ruby
+    # The default path of the application inside the container
+    DEFAULT_PATH = '/usr/src/app'.freeze
+
+    # The default name of the ruby package file
+    DEFAULT_PACKAGE_FILE = 'Gemfile'.freeze
+
+    # Config object for setting top level git config options
+    Config = Struct.new(:container_path, :local_path, :package_file, :min_version, :max_version) do
+      def initialize
+        self.container_path = DEFAULT_PATH
+        self.local_path = DEV_COMMANDS_ROOT_DIR
+        self.package_file = DEFAULT_PACKAGE_FILE
+        self.min_version = nil
+        self.max_version = nil
+      end
+    end
+
+    class << self
+      # Instantiates a new top level config object if one hasn't already been created
+      # Yields that config object to any given block
+      # Returns the resulting config object
+      def config
+        @config ||= Config.new
+        yield(@config) if block_given?
+        @config
+      end
+
+      # Alias the config method to configure for a slightly clearer access syntax
+      alias_method :configure, :config
+
+      # Returns the version of the ruby executable running on the system
+      def version
+        @version ||= RUBY_VERSION
+      end
+    end
+
+    attr_accessor :container_path, :local_path, :package_file
+
+    def initialize(container_path: nil, local_path: nil, package_file: nil)
+      @container_path = container_path || self.class.config.container_path
+      @local_path = local_path || self.class.config.local_path
+      @package_file = package_file || self.class.config.package_file
+      check_version
+    end
+
+    # Checks the min and max version against the current ruby version if they have been configured
+    def check_version
+      min_version = self.class.config.min_version
+      raise "requires ruby version >= #{min_version} (found #{self.class.version})" if min_version && !Dev::Common.new.version_greater_than(min_version, self.class.version)
+
+      max_version = self.class.config.max_version
+      raise "requires ruby version < #{max_version} (found #{self.class.version})" if max_version && Dev::Common.new.version_greater_than(max_version, self.class.version)
+    end
+
+    # The base npm command that is the starting point for all subsequent commands
+    def base_command
+      ['bundle']
+    end
+
+    # Build the command which can be use to perform a security audit report
+    def audit_command
+      audit = base_command
+      audit << 'audit' << 'check'
+      audit << '--format' << 'json'
+      audit.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      audit << '2>&1' << '||' << 'true'
+
+      # Run the command as part of a shell script
+      ['sh', '-c', audit.join(' ')]
+    end
+
+    # Build the command to fix any security vulnerabilities that were found
+    # def audit_fix_command
+    #  audit_fix = base_command
+    #  audit_fix << 'audit' << 'fix'
+    #  audit_fix.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+    #  audit_fix
+    # end
+
+    # Build the bundle install command
+    def install_command
+      install = base_command
+      install << 'install'
+      install.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      install
+    end
+
+    # Build the bundle lint command
+    def lint_command
+      lint = ['rubocop']
+      lint.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      lint
+    end
+
+    # Build the bundle lint fix command
+    def lint_fix_command
+      lint_fix = ['rubocop']
+      lint_fix << '-A'
+      lint_fix.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      lint_fix
+    end
+
+    # Build the bundle test command
+    def test_command
+      test = ['rspec']
+      test.concat(Dev::Common.new.tokenize(ENV['OPTS'].to_s))
+      test
+    end
+  end
+end

data/lib/firespring_dev_commands/second.rb

@@ -0,0 +1,22 @@
+module Dev
+  # Class containing constants defining the number of seconds in other frames of time
+  class Second
+    # Number of seconds in a minute
+    PER_MINUTE = 60
+
+    # Number of seconds in an hour
+    PER_HOUR = PER_MINUTE * 60
+
+    # Number of seconds in a day
+    PER_DAY = PER_HOUR * 24
+
+    # Number of seconds in a week
+    PER_WEEK = PER_DAY * 7
+
+    # Number of seconds in a month
+    PER_MONTH = PER_DAY * 30
+
+    # Number of seconds in a year
+    PER_YEAR = PER_DAY * 365
+  end
+end

data/lib/firespring_dev_commands/tar/pax_header.rb

@@ -0,0 +1,49 @@
+module Dev
+  class Tar
+    # Contains different available pax headers
+    # From https://golang.org/src/archive/tar/common.go?s=5701:5766
+    module PaxHeader
+      # pax atime
+      PAX_ATIME = 'atime'.freeze
+
+      # pax charset
+      PAX_CHARSET = 'charset'.freeze
+
+      # pax comment
+      PAX_COMMENT = 'comment'.freeze
+
+      # pax ctime
+      PAX_CTIME = 'ctime'.freeze # please note that ctime is not a valid pax header.
+
+      # pax gid
+      PAX_GID = 'gid'.freeze
+
+      # pax gname
+      PAX_GNAME = 'gname'.freeze
+
+      # pax linkpath
+      PAX_LINKPATH = 'linkpath'.freeze
+
+      # pax mtime
+      PAX_MTIME = 'mtime'.freeze
+
+      # pax path
+      PAX_PATH = 'path'.freeze
+
+      # pax size
+      PAX_SIZE = 'size'.freeze
+
+      # pax uid
+      PAX_UID = 'uid'.freeze
+
+      # pax uname
+      PAX_UNAME = 'uname'.freeze
+
+      # pax xattr
+      PAX_XATTR = 'SCHILY.xattr.'.freeze
+
+      # pax none
+      PAX_NONE = ''.freeze
+    end
+  end
+end

data/lib/firespring_dev_commands/tar/type_flag.rb

@@ -0,0 +1,49 @@
+module Dev
+  class Tar
+    # Contains different available file types
+    # From https://golang.org/src/archive/tar/common.go?s=5701:5766
+    module TypeFlag
+      # regular file
+      TYPE_REG = '0'.freeze
+
+      # regular file
+      TYPE_REG_A = '\x00'.freeze
+
+      # hard link
+      TYPE_LINK = '1'.freeze
+
+      # symbolic link
+      TYPE_SYMLINK = '2'.freeze
+
+      # character device node
+      TYPE_CHAR = '3'.freeze
+
+      # block device node
+      TYPE_BLOCK = '4'.freeze
+
+      # directory
+      TYPE_DIR = '5'.freeze
+
+      # fifo node
+      TYPE_FIFO = '6'.freeze
+
+      # reserved
+      TYPE_CONT = '7'.freeze
+
+      # extended header
+      TYPE_X_HEADER = 'x'.freeze
+
+      # global extended header
+      TYPE_X_GLOBAL_HEADER = 'g'.freeze
+
+      # Next file has a long name
+      TYPE_GNU_LONG_NAME = 'L'.freeze
+
+      # Next file symlinks to a file w/ a long name
+      TYPE_GNU_LONG_LINK = 'K'.freeze
+
+      # sparse file
+      TYPE_GNU_SPARSE = 'S'.freeze
+    end
+  end
+end