gemsurance_slack 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +15 -0
- data/CHANGELOG.md +9 -0
- data/Gemfile +5 -0
- data/LICENSE.txt +22 -0
- data/README.md +77 -0
- data/Rakefile +2 -0
- data/gemsurance_slack.gemspec +26 -0
- data/images/notifications.png +0 -0
- data/lib/gemsurance_slack.rb +68 -0
- data/lib/gemsurance_slack/version.rb +3 -0
- data/lib/tasks/gemsurance_slack.rake +8 -0
- metadata +111 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: da24429d52890c1dee0761ec2926b495dabdd972
|
4
|
+
data.tar.gz: dcdfb0025ef4c0e7b4cd9f88be777eb561b98b87
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 17ac1326a15ba8a6f2ac3e55207b417a58ed233b5babfb4189d3579d9ae6d7a00a537805d9363f9b06e82b918889643b90f08d28ea2b2f62723cc4fa6d7d5a8e
|
7
|
+
data.tar.gz: 7d0a3058024a76569bb7e168e39dcfc0163bc8d45eca55cb68cf674a7fcd59466daf8a24585ae70a6105d4a37e384fa59359aefc14f40de49d8735b1e3f61e5d
|
data/.gitignore
ADDED
data/CHANGELOG.md
ADDED
@@ -0,0 +1,9 @@
|
|
1
|
+
# Change Log
|
2
|
+
|
3
|
+
All notable changes to this project will be documented in this file.
|
4
|
+
|
5
|
+
This project adheres to [Keep a Changelog](http://keepachangelog.com/) and [Semantic Versioning](http://semver.org/).
|
6
|
+
|
7
|
+
## [1.0.0] - 2015-03-20
|
8
|
+
# Added
|
9
|
+
- Initial version
|
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2015 Ben Colon
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,77 @@
|
|
1
|
+
# GemsuranceSlack
|
2
|
+
|
3
|
+
Rake task to run [Gemsurance](https://github.com/appfolio/gemsurance) and send gems alerts/warnings to [Slack](https://slack.com/)
|
4
|
+
|
5
|
+
## Installation
|
6
|
+
|
7
|
+
Add this line to your application's Gemfile:
|
8
|
+
|
9
|
+
```ruby
|
10
|
+
gem 'gemsurance_slack'
|
11
|
+
```
|
12
|
+
|
13
|
+
And then execute:
|
14
|
+
|
15
|
+
$ bundle
|
16
|
+
|
17
|
+
Or install it yourself as:
|
18
|
+
|
19
|
+
$ gem install gemsurance_slack
|
20
|
+
|
21
|
+
Don't forget to set Slack settings environment variables into your project
|
22
|
+
|
23
|
+
```bash
|
24
|
+
SLACK_WEBHOOK_URL="https://hooks.slack.com/services/..."
|
25
|
+
SLACK_CHANNEL="#mychannel"
|
26
|
+
SLACK_APP_NAME="My application name"
|
27
|
+
```
|
28
|
+
|
29
|
+
## Usage
|
30
|
+
|
31
|
+
You can manually run `rake gemsurance_slack:check` in your project.
|
32
|
+
|
33
|
+
If everything is well setup, you should receive Gemsurance warnings/alerts in your Slack channel.
|
34
|
+
|
35
|
+
## Slack notifications example
|
36
|
+
|
37
|
+
![Slack notifications example](https://raw.github.com/gatemedia/gemsurance_slack/master/images/notifications.png)
|
38
|
+
|
39
|
+
## Heroku scheduler setup
|
40
|
+
|
41
|
+
To be daily inform about your project gems status running on Heroku,
|
42
|
+
|
43
|
+
1. set Slack config variables
|
44
|
+
|
45
|
+
```bash
|
46
|
+
heroku config:set SLACK_WEBHOOK_URL="https://hooks.slack.com/services/..."
|
47
|
+
heroku config:set SLACK_CHANNEL="#mychannel"
|
48
|
+
heroku config:set SLACK_APP_NAME="My application name"
|
49
|
+
```
|
50
|
+
|
51
|
+
2. add the Heroku scheduler addon and open it
|
52
|
+
|
53
|
+
```bash
|
54
|
+
heroku addons:add scheduler:standard
|
55
|
+
heroku addons:open scheduler
|
56
|
+
```
|
57
|
+
|
58
|
+
3. add a job, set the task with `rake gemsurance_slack:check`, select the frequency and save.
|
59
|
+
|
60
|
+
Now you'll be periodically inform in your Slack channel about your project gems status.
|
61
|
+
|
62
|
+
## Clockwork setup
|
63
|
+
|
64
|
+
If you're using the scheduling gem [Clockwork](https://github.com/tomykaira/clockwork), you just have to add this line in your clockwork config file.
|
65
|
+
|
66
|
+
```ruby
|
67
|
+
every(1.day, 'Check gems status', :at => '00:30') { GemsuranceSlack.check_and_notify }
|
68
|
+
```
|
69
|
+
|
70
|
+
## Contributing
|
71
|
+
|
72
|
+
1. Fork it ( https://github.com/gatemedia/gemsurance_slack/fork )
|
73
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
74
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
75
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
76
|
+
5. Create a new Pull Request
|
77
|
+
|
data/Rakefile
ADDED
@@ -0,0 +1,26 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'gemsurance_slack/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "gemsurance_slack"
|
8
|
+
spec.version = GemsuranceSlack::VERSION
|
9
|
+
spec.authors = ["Ben Colon"]
|
10
|
+
spec.email = ["ben@colon.com.fr"]
|
11
|
+
spec.summary = %q{Rake task to run Gemsurance and send gems alerts/warnings to Slack}
|
12
|
+
spec.description = %q{Rake task to run Gemsurance and send gems alerts/warnings to Slack}
|
13
|
+
spec.homepage = "https://github.com/gatemedia/gemsurance_slack"
|
14
|
+
spec.license = "MIT"
|
15
|
+
|
16
|
+
spec.files = `git ls-files -z`.split("\x0")
|
17
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
18
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
|
+
spec.require_paths = ["lib"]
|
20
|
+
|
21
|
+
spec.add_dependency("gemsurance", "0.4.0")
|
22
|
+
spec.add_dependency("slack-notifier", "1.1.0")
|
23
|
+
|
24
|
+
spec.add_development_dependency "bundler", "~> 1.7"
|
25
|
+
spec.add_development_dependency "rake", "~> 10.0"
|
26
|
+
end
|
Binary file
|
@@ -0,0 +1,68 @@
|
|
1
|
+
require "slack-notifier"
|
2
|
+
require "gemsurance"
|
3
|
+
|
4
|
+
require "gemsurance_slack/version"
|
5
|
+
|
6
|
+
module GemsuranceSlack
|
7
|
+
class Engine < ::Rails::Engine
|
8
|
+
end
|
9
|
+
|
10
|
+
def self.check_and_notify
|
11
|
+
abort "Error: environment variables SLACK_WEBHOOK_URL or SLACK_CHANNEL empty." unless initialize_slack_notifier
|
12
|
+
|
13
|
+
@gems_infos = Gemsurance::Runner.new.build_gems_infos
|
14
|
+
|
15
|
+
vulnerables_notification
|
16
|
+
outdated_notification
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
|
21
|
+
def self.initialize_slack_notifier
|
22
|
+
webhook_url = ENV["SLACK_WEBHOOK_URL"]
|
23
|
+
channel = ENV["SLACK_CHANNEL"]
|
24
|
+
return false unless webhook_url && channel
|
25
|
+
|
26
|
+
@notifier = Slack::Notifier.new webhook_url, :channel => channel
|
27
|
+
end
|
28
|
+
|
29
|
+
def self.vulnerables_notification
|
30
|
+
vulnerables = @gems_infos.select(&:vulnerable?)
|
31
|
+
return if vulnerables.empty?
|
32
|
+
|
33
|
+
@notifier.ping "", :icon_emoji => ":rotating_light:", :username => "Gemsurance Alert", :attachments => [{
|
34
|
+
:fallback => "#{project_name}, #{gems_count_string(vulnerables.count)} vulnerable.",
|
35
|
+
:pretext => "#{project_name}, #{gems_count_string(vulnerables.count)} vulnerable.",
|
36
|
+
:color => "danger",
|
37
|
+
:fields => vulnerables.map do |gm|
|
38
|
+
{
|
39
|
+
:title => gm.name,
|
40
|
+
:value => "Update v#{gm.current_version} to v#{gm.newest_version} (#{gm.vulnerabilities.map(&:title).join(", ")})",
|
41
|
+
:short => false
|
42
|
+
}
|
43
|
+
end
|
44
|
+
}]
|
45
|
+
end
|
46
|
+
|
47
|
+
def self.outdated_notification
|
48
|
+
outdated = @gems_infos.select(&:outdated?)
|
49
|
+
return if outdated.empty?
|
50
|
+
|
51
|
+
@notifier.ping "", :icon_emoji => ":warning:", :username => "Gemsurance Warning", :attachments => [{
|
52
|
+
:fallback => "#{project_name}, #{gems_count_string(outdated.count)} out of date.",
|
53
|
+
:pretext => "#{project_name}, #{gems_count_string(outdated.count)} out of date.",
|
54
|
+
:color => "warning",
|
55
|
+
:fields => [{
|
56
|
+
:title => outdated.map(&:name).join(", ")
|
57
|
+
}]
|
58
|
+
}]
|
59
|
+
end
|
60
|
+
|
61
|
+
def self.project_name
|
62
|
+
ENV["SLACK_APP_NAME"] || ""
|
63
|
+
end
|
64
|
+
|
65
|
+
def self.gems_count_string(count)
|
66
|
+
count == 1 ? "1 gem is" : "#{count} gems are"
|
67
|
+
end
|
68
|
+
end
|
metadata
ADDED
@@ -0,0 +1,111 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: gemsurance_slack
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Ben Colon
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2015-03-20 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: gemsurance
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - '='
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 0.4.0
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - '='
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: 0.4.0
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: slack-notifier
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - '='
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: 1.1.0
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - '='
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: 1.1.0
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: bundler
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '1.7'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '1.7'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rake
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - "~>"
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '10.0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - "~>"
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '10.0'
|
69
|
+
description: Rake task to run Gemsurance and send gems alerts/warnings to Slack
|
70
|
+
email:
|
71
|
+
- ben@colon.com.fr
|
72
|
+
executables: []
|
73
|
+
extensions: []
|
74
|
+
extra_rdoc_files: []
|
75
|
+
files:
|
76
|
+
- ".gitignore"
|
77
|
+
- CHANGELOG.md
|
78
|
+
- Gemfile
|
79
|
+
- LICENSE.txt
|
80
|
+
- README.md
|
81
|
+
- Rakefile
|
82
|
+
- gemsurance_slack.gemspec
|
83
|
+
- images/notifications.png
|
84
|
+
- lib/gemsurance_slack.rb
|
85
|
+
- lib/gemsurance_slack/version.rb
|
86
|
+
- lib/tasks/gemsurance_slack.rake
|
87
|
+
homepage: https://github.com/gatemedia/gemsurance_slack
|
88
|
+
licenses:
|
89
|
+
- MIT
|
90
|
+
metadata: {}
|
91
|
+
post_install_message:
|
92
|
+
rdoc_options: []
|
93
|
+
require_paths:
|
94
|
+
- lib
|
95
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
96
|
+
requirements:
|
97
|
+
- - ">="
|
98
|
+
- !ruby/object:Gem::Version
|
99
|
+
version: '0'
|
100
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - ">="
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '0'
|
105
|
+
requirements: []
|
106
|
+
rubyforge_project:
|
107
|
+
rubygems_version: 2.4.5
|
108
|
+
signing_key:
|
109
|
+
specification_version: 4
|
110
|
+
summary: Rake task to run Gemsurance and send gems alerts/warnings to Slack
|
111
|
+
test_files: []
|