hakiri 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile +1 -4
- data/Gemfile.lock +14 -4
- data/README.md +31 -0
- data/bin/hakiri +25 -59
- data/hakiri.gemspec +2 -2
- data/lib/hakiri.rb +12 -1
- data/lib/hakiri/cli/cli.rb +11 -0
- data/lib/hakiri/cli/system_scan.rb +60 -0
- data/lib/hakiri/cli/system_steps.rb +90 -0
- data/lib/hakiri/cli/system_sync.rb +86 -0
- data/lib/hakiri/http_client.rb +76 -0
- data/lib/hakiri/stack.rb +34 -29
- data/lib/hakiri/technologies/apache.rb +6 -0
- data/lib/hakiri/technologies/apache_tomcat.rb +6 -0
- data/lib/hakiri/technologies/java.rb +6 -0
- data/lib/hakiri/technologies/jruby.rb +6 -0
- data/lib/hakiri/technologies/linux_kernel.rb +6 -0
- data/lib/hakiri/technologies/memcached.rb +6 -0
- data/lib/hakiri/technologies/mongodb.rb +6 -0
- data/lib/hakiri/technologies/mysql.rb +6 -0
- data/lib/hakiri/technologies/nginx.rb +6 -0
- data/lib/hakiri/technologies/phusion_passenger.rb +6 -0
- data/lib/hakiri/technologies/postgres.rb +6 -0
- data/lib/hakiri/technologies/redis.rb +6 -0
- data/lib/hakiri/technologies/ruby.rb +6 -0
- data/lib/hakiri/technologies/ruby_on_rails.rb +6 -0
- data/lib/hakiri/technologies/technology.rb +12 -7
- data/lib/hakiri/technologies/thin.rb +6 -0
- data/lib/hakiri/technologies/trinidad.rb +6 -0
- data/lib/hakiri/technologies/unicorn.rb +6 -0
- data/lib/hakiri/version.rb +1 -1
- metadata +26 -4
- data/lib/hakiri/cli_output.rb +0 -11
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,3 +1,13 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
hakiri (0.1.0)
|
5
|
+
active_support
|
6
|
+
commander
|
7
|
+
i18n
|
8
|
+
rest-client
|
9
|
+
terminal-table
|
10
|
+
|
1
11
|
GEM
|
2
12
|
remote: https://rubygems.org/
|
3
13
|
specs:
|
@@ -8,6 +18,9 @@ GEM
|
|
8
18
|
highline (~> 1.6.11)
|
9
19
|
highline (1.6.19)
|
10
20
|
i18n (0.6.4)
|
21
|
+
mime-types (1.23)
|
22
|
+
rest-client (1.6.7)
|
23
|
+
mime-types (>= 1.16)
|
11
24
|
terminal-table (1.4.5)
|
12
25
|
|
13
26
|
PLATFORMS
|
@@ -15,7 +28,4 @@ PLATFORMS
|
|
15
28
|
ruby
|
16
29
|
|
17
30
|
DEPENDENCIES
|
18
|
-
|
19
|
-
commander
|
20
|
-
i18n
|
21
|
-
terminal-table
|
31
|
+
hakiri!
|
data/README.md
ADDED
@@ -0,0 +1,31 @@
|
|
1
|
+
# Hakiri
|
2
|
+
Hakiri is a command line interface for the Hakiri platform. It allows Ruby on Rails developers to collect versions of servers, databases and other technologies that they use in their stacks. It also shows CVE vulnerabilities found in their system software versions.
|
3
|
+
|
4
|
+
## Installation
|
5
|
+
```
|
6
|
+
gem install hakiri
|
7
|
+
```
|
8
|
+
|
9
|
+
## Authentication Token
|
10
|
+
For some extra functionality, you'll have to get an authentication token from Hakiri.
|
11
|
+
|
12
|
+
TBD
|
13
|
+
|
14
|
+
## Getting Started
|
15
|
+
### System Scan
|
16
|
+
You can scan your system for vulnerabilities. Supply a JSON file with technologies that you are interested in and run this command.
|
17
|
+
```
|
18
|
+
$ hakiri system:scan -s my_stack.json
|
19
|
+
```
|
20
|
+
|
21
|
+
### Step by Step
|
22
|
+
TBD
|
23
|
+
|
24
|
+
### Sync Stack
|
25
|
+
TBD
|
26
|
+
|
27
|
+
## Contribute
|
28
|
+
- Fork the project.
|
29
|
+
- Write code for a feature or bug fix.
|
30
|
+
- Commit, do not make changes to version.
|
31
|
+
- Submit a pull request.
|
data/bin/hakiri
CHANGED
@@ -5,81 +5,47 @@ require 'commander/import'
|
|
5
5
|
require 'hakiri'
|
6
6
|
require 'terminal-table'
|
7
7
|
|
8
|
-
separator = "+#{ '-' * 78 }+"
|
9
|
-
|
10
8
|
program :name, 'hakiri'
|
11
9
|
program :version, Hakiri::VERSION
|
12
10
|
program :description, 'Hakiri CLI'
|
13
11
|
|
14
|
-
command :
|
15
|
-
c.syntax = 'hakiri
|
12
|
+
command 'system:scan' do |c|
|
13
|
+
c.syntax = 'hakiri system:scan [options]'
|
16
14
|
c.summary = 'Configure your stack with a JSON file.'
|
17
|
-
c.description = 'This command
|
18
|
-
c.option '--
|
15
|
+
c.description = 'This command grabs your custom stack JSON file and shows vulnerabilities in your project.'
|
16
|
+
c.option '--stack STRING', String, 'Path to your JSON file'
|
19
17
|
|
20
18
|
c.action do |args, options|
|
21
|
-
options.default
|
19
|
+
options.default stack: './technologies.json'
|
20
|
+
|
21
|
+
cli = Hakiri::SystemScan.new(args, options)
|
22
|
+
cli.command
|
23
|
+
end
|
24
|
+
end
|
22
25
|
|
23
|
-
|
24
|
-
|
26
|
+
command 'system:sync' do |c|
|
27
|
+
c.syntax = 'hakiri system:sync [options]'
|
28
|
+
c.summary = 'Sync your system\'s software versions with the server.'
|
29
|
+
c.description = 'This command grabs your custom stack JSON file, and syncs it with your project on www.hakiriup.com.'
|
30
|
+
c.option '--stack STRING', String, 'Path to your JSON file stack'
|
31
|
+
c.option '--project INTEGER', Integer, 'Your project ID.'
|
25
32
|
|
26
|
-
|
27
|
-
stack.
|
28
|
-
|
33
|
+
c.action do |args, options|
|
34
|
+
options.default stack: './technologies.json'
|
35
|
+
options.default project: nil
|
29
36
|
|
30
|
-
|
31
|
-
|
32
|
-
puts cli_output.fancy_technologies_table(stack.technologies)
|
37
|
+
cli = Hakiri::SystemSync.new(args, options)
|
38
|
+
cli.command
|
33
39
|
end
|
34
40
|
end
|
35
41
|
|
36
|
-
command :steps do |c|
|
37
|
-
c.syntax = 'hakiri steps [options]'
|
42
|
+
command 'system:steps' do |c|
|
43
|
+
c.syntax = 'hakiri system:steps [options]'
|
38
44
|
c.summary = 'Configure your stack in the simple walkthrough.'
|
39
45
|
c.description = 'This command launches a step by step walkthrough that will help you customize your stack.'
|
40
46
|
|
41
47
|
c.action do |args, options|
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
say 'Hakiri Walkthrough will help you configure your stack step by step and show you '
|
46
|
-
say 'vulnerabilities at the end.'
|
47
|
-
say separator
|
48
|
-
say 'Step 1 of 5: Rails Server'
|
49
|
-
say '1. Unicorn'
|
50
|
-
say '2. Phusion Passenger'
|
51
|
-
say '3. Thin'
|
52
|
-
say '4. Trinidad'
|
53
|
-
say '5. None of the above'
|
54
|
-
server = ask('What do you use as your Rails server? (1, 2, 3, 4 or 5) ', Integer) { |q| q.in = 1..5 }
|
55
|
-
say separator
|
56
|
-
say 'Step 2 of 5: Secondary Server'
|
57
|
-
say '1. Apache'
|
58
|
-
say '2. nginx'
|
59
|
-
say '3. Both'
|
60
|
-
say '4. Neither'
|
61
|
-
extra_server = ask('Do you use Apache or nginx? (1, 2, 3 or 4) ', Integer) { |q| q.in = 1..4 }
|
62
|
-
say separator
|
63
|
-
say 'Step 3 of 5: Database'
|
64
|
-
say '1. MySQL'
|
65
|
-
say '2. Postgres'
|
66
|
-
say '3. MongoDB'
|
67
|
-
say '4. None of the above'
|
68
|
-
db = ask('What database do you use? (1, 2, 3 or 4) ', Integer) { |q| q.in = 1..4 }
|
69
|
-
say separator
|
70
|
-
redis = agree 'Step 4 of 5: do you use Redis? (yes or no) '
|
71
|
-
say separator
|
72
|
-
memcached = agree 'Step 5 of 5: do you use Memcached? (yes or no) '
|
73
|
-
say separator
|
74
|
-
say 'Fetching versions on your system...'
|
75
|
-
say separator
|
76
|
-
|
77
|
-
stack = Hakiri::Stack.new()
|
78
|
-
stack.build_from_input(server, extra_server, db, redis, memcached)
|
79
|
-
stack.fetch_versions
|
80
|
-
|
81
|
-
cli_output = Hakiri::CliOutput.new
|
82
|
-
say 'Here are versions that Hakiri found:'
|
83
|
-
puts cli_output.fancy_technologies_table(stack.technologies)
|
48
|
+
cli = Hakiri::SystemSteps.new(args, options)
|
49
|
+
cli.command
|
84
50
|
end
|
85
51
|
end
|
data/hakiri.gemspec
CHANGED
@@ -4,9 +4,8 @@ require 'hakiri/version'
|
|
4
4
|
Gem::Specification.new do |s|
|
5
5
|
s.name = 'hakiri'
|
6
6
|
s.version = Hakiri::VERSION
|
7
|
-
s.date = '2013-06-04'
|
8
7
|
s.summary = 'CLI for Hakiri'
|
9
|
-
s.description = '
|
8
|
+
s.description = 'Hakiri is a CLI for www.hakiriup.com—a cloud security platform for Ruby on rails apps.'
|
10
9
|
s.authors = ['Vasily Vasinov']
|
11
10
|
s.email = 'vasinov@me.com'
|
12
11
|
s.files = `git ls-files`.split("\n")
|
@@ -19,4 +18,5 @@ Gem::Specification.new do |s|
|
|
19
18
|
s.add_dependency 'terminal-table'
|
20
19
|
s.add_dependency 'active_support'
|
21
20
|
s.add_dependency 'i18n'
|
21
|
+
s.add_dependency 'rest-client'
|
22
22
|
end
|
data/lib/hakiri.rb
CHANGED
@@ -1,9 +1,20 @@
|
|
1
1
|
module Hakiri
|
2
2
|
|
3
3
|
end
|
4
|
+
|
5
|
+
require 'terminal-table'
|
6
|
+
require 'http'
|
7
|
+
require 'open-uri'
|
8
|
+
|
9
|
+
require 'hakiri/cli/cli'
|
10
|
+
require 'hakiri/cli/system_sync'
|
11
|
+
require 'hakiri/cli/system_scan'
|
12
|
+
require 'hakiri/cli/system_steps'
|
13
|
+
|
4
14
|
require 'hakiri/stack'
|
5
15
|
require 'hakiri/version'
|
6
|
-
require 'hakiri/
|
16
|
+
require 'hakiri/http_client'
|
17
|
+
|
7
18
|
require 'hakiri/technologies/technology'
|
8
19
|
require 'hakiri/technologies/apache'
|
9
20
|
require 'hakiri/technologies/apache_tomcat'
|
@@ -0,0 +1,60 @@
|
|
1
|
+
class Hakiri::SystemScan < Hakiri::Cli
|
2
|
+
#
|
3
|
+
# Walks the user through system scanning process.
|
4
|
+
#
|
5
|
+
def command
|
6
|
+
@stack.build_from_json_file(@options.stack)
|
7
|
+
@stack.fetch_versions
|
8
|
+
|
9
|
+
# GETTING VERSIONS
|
10
|
+
say '-----> Scanning system for software versions...'
|
11
|
+
|
12
|
+
if @stack.technologies.empty?
|
13
|
+
say '-----> No versions were found...'
|
14
|
+
else
|
15
|
+
@stack.technologies.each do |technology_slug, payload|
|
16
|
+
say "-----> Found #{payload[:name]} #{payload[:version]}"
|
17
|
+
end
|
18
|
+
|
19
|
+
# GETTING VULNERABILITIES
|
20
|
+
say '-----> Searching for vulnerabilities...'
|
21
|
+
params = ({ technologies: @stack.technologies }.to_param)
|
22
|
+
response = @http_client.get_issues(params)
|
23
|
+
|
24
|
+
if response[:errors]
|
25
|
+
response[:errors].each do |error|
|
26
|
+
say "! Server Error: #{error}"
|
27
|
+
end
|
28
|
+
else
|
29
|
+
authenticated = response[:meta][:authenticated]
|
30
|
+
|
31
|
+
if response[:technologies].empty?
|
32
|
+
say '-----> No vulnerabilities found. Keep it up!'
|
33
|
+
else
|
34
|
+
response[:technologies].each do |technology|
|
35
|
+
unless technology[:issues_count] == 0
|
36
|
+
say "-----> Found #{technology[:issues_count].to_i} #{'vulnerability'.pluralize if technology[:issues_count].to_i != 1} in #{technology[:technology][:name]} #{technology[:version]}"
|
37
|
+
puts ' '
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
if authenticated
|
42
|
+
if agree 'Show all of them? (yes or no) '
|
43
|
+
puts ' '
|
44
|
+
response[:technologies].each do |technology|
|
45
|
+
technology[:issues].each do |issue|
|
46
|
+
say issue[:name]
|
47
|
+
say issue[:description]
|
48
|
+
puts ' '
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
else
|
53
|
+
say '****** Signup on www.hakiriup.com and make your command line requests with an auth_token, so you can see issues that your technologies have.'
|
54
|
+
say '****** You will also receive notifications via email whenever new issues are found.'
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
@@ -0,0 +1,90 @@
|
|
1
|
+
class Hakiri::SystemSteps < Hakiri::Cli
|
2
|
+
#
|
3
|
+
# Walks the user through manual technologies selection.
|
4
|
+
#
|
5
|
+
def command
|
6
|
+
say 'Hakiri Walkthrough will help you configure your @stack step by step and show '
|
7
|
+
say 'you vulnerabilities at the end.'
|
8
|
+
puts ' '
|
9
|
+
say 'Step 1 of 5: Rails Server'
|
10
|
+
say '1. Unicorn'
|
11
|
+
say '2. Phusion Passenger'
|
12
|
+
say '3. Thin'
|
13
|
+
say '4. Trinidad'
|
14
|
+
say '5. None of the above'
|
15
|
+
|
16
|
+
server = ask('What do you use as your Rails server? (1, 2, 3, 4 or 5) ', Integer) { |q| q.in = 1..5 }
|
17
|
+
puts ' '
|
18
|
+
say 'Step 2 of 5: Secondary Server'
|
19
|
+
say '1. Apache'
|
20
|
+
say '2. nginx'
|
21
|
+
say '3. Both'
|
22
|
+
say '4. Neither'
|
23
|
+
|
24
|
+
extra_server = ask('Do you use Apache or nginx? (1, 2, 3 or 4) ', Integer) { |q| q.in = 1..4 }
|
25
|
+
puts ' '
|
26
|
+
say 'Step 3 of 5: Database'
|
27
|
+
say '1. MySQL'
|
28
|
+
say '2. Postgres'
|
29
|
+
say '3. MongoDB'
|
30
|
+
say '4. None of the above'
|
31
|
+
|
32
|
+
db = ask('What database do you use? (1, 2, 3 or 4) ', Integer) { |q| q.in = 1..4 }
|
33
|
+
puts ' '
|
34
|
+
redis = agree 'Step 4 of 5: do you use Redis? (yes or no) '
|
35
|
+
puts ' '
|
36
|
+
memcached = agree 'Step 5 of 5: do you use Memcached? (yes or no) '
|
37
|
+
|
38
|
+
say '-----> Retrieving software versions versions on your system...'
|
39
|
+
|
40
|
+
@stack.build_from_input(server, extra_server, db, redis, memcached)
|
41
|
+
@stack.fetch_versions
|
42
|
+
|
43
|
+
if @stack.technologies.empty?
|
44
|
+
say '-----> No versions were found...'
|
45
|
+
else
|
46
|
+
@stack.technologies.each do |technology_slug, payload|
|
47
|
+
say "-----> Found #{payload[:name]} #{payload[:version]}"
|
48
|
+
end
|
49
|
+
|
50
|
+
say '-----> Searching for vulnerabilities...'
|
51
|
+
params = ({ technologies: @stack.technologies }.to_param)
|
52
|
+
response = @http_client.get_issues(params)
|
53
|
+
|
54
|
+
if response[:errors]
|
55
|
+
response[:errors].each do |error|
|
56
|
+
say "! Server Error: #{error}"
|
57
|
+
end
|
58
|
+
else
|
59
|
+
authenticated = response[:meta][:authenticated]
|
60
|
+
|
61
|
+
if response[:technologies].empty?
|
62
|
+
say '-----> No vulnerabilities found. Keep it up!'
|
63
|
+
else
|
64
|
+
response[:technologies].each do |technology|
|
65
|
+
unless technology[:issues_count] == 0
|
66
|
+
say "-----> Found #{technology[:issues_count].to_i} #{'vulnerability'.pluralize if technology[:issues_count].to_i != 1} in #{technology[:name]} #{technology[:version]}"
|
67
|
+
puts ' '
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
71
|
+
if authenticated
|
72
|
+
if agree 'Show all of them? (yes or no) '
|
73
|
+
puts ' '
|
74
|
+
response[:technologies].each do |technology|
|
75
|
+
technology[:issues].each do |issue|
|
76
|
+
say issue[:name]
|
77
|
+
say issue[:description]
|
78
|
+
puts ' '
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
82
|
+
else
|
83
|
+
say '****** Signup on www.hakiriup.com and make your command line requests with an auth_token, so you can see issues that your technologies have.'
|
84
|
+
say '****** You will also receive notifications via email whenever new issues are found.'
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|
88
|
+
end
|
89
|
+
end
|
90
|
+
end
|
@@ -0,0 +1,86 @@
|
|
1
|
+
class Hakiri::SystemSync < Hakiri::Cli
|
2
|
+
#
|
3
|
+
# Walks the user through the version syncing process.
|
4
|
+
#
|
5
|
+
def command
|
6
|
+
@stack.build_from_json_file(@options.stack)
|
7
|
+
@stack.fetch_versions
|
8
|
+
|
9
|
+
if @http_client.auth_token
|
10
|
+
# GETTING VERSIONS
|
11
|
+
say '-----> Scanning system for software versions...'
|
12
|
+
|
13
|
+
if @stack.technologies.empty?
|
14
|
+
say '-----> No versions were found...'
|
15
|
+
else
|
16
|
+
@stack.technologies.each do |technology_name, payload|
|
17
|
+
say "-----> Found #{technology_name} #{payload[:version]}"
|
18
|
+
end
|
19
|
+
|
20
|
+
# CHECK VERSIONS ON THE SERVER
|
21
|
+
params = ({ project_id: @options.project, technologies: @stack.technologies }.to_param)
|
22
|
+
say '-----> Checking software versions on www.hakiriup.com...'
|
23
|
+
response = @http_client.check_versions_diff(params)
|
24
|
+
|
25
|
+
if response[:errors]
|
26
|
+
response[:errors].each do |error|
|
27
|
+
say "! Server Error: #{error}"
|
28
|
+
end
|
29
|
+
else
|
30
|
+
if response[:diffs].any?
|
31
|
+
@stack.technologies = {}
|
32
|
+
response[:diffs].each do |diff|
|
33
|
+
if diff[:success]
|
34
|
+
if diff[:hakiri_version]
|
35
|
+
@stack.technologies[diff[:technology][:slug]] = { version: diff[:system_version] }
|
36
|
+
|
37
|
+
if diff[:system_version_newer]
|
38
|
+
say "-----> System version of #{diff[:technology][:name]} is newer (#{diff[:system_version]} > #{diff[:hakiri_version]})"
|
39
|
+
else
|
40
|
+
say "-----> System version of #{diff[:technology][:name]} is older (#{diff[:system_version]} < #{diff[:hakiri_version]})"
|
41
|
+
end
|
42
|
+
else
|
43
|
+
say "-----> New technology detected: #{diff[:technology][:name]} #{diff[:system_version]}"
|
44
|
+
end
|
45
|
+
else
|
46
|
+
say "! Error in #{diff[:technology][:name]}: #{diff[:errors][:value][0]}"
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
# UPDATE VERSIONS ON THE SERVER
|
51
|
+
if @stack.technologies.any?
|
52
|
+
update = agree "Do you want to update \"#{response[:project][:name]}\" with system versions? (yes or no) "
|
53
|
+
else
|
54
|
+
say '-----> Nothing to update.'
|
55
|
+
end
|
56
|
+
|
57
|
+
if update
|
58
|
+
params = ({ project_id: @options.project, technologies: @stack.technologies }.to_param)
|
59
|
+
response = @http_client.sync_project_versions(response[:project][:id], params)
|
60
|
+
|
61
|
+
if response[:errors]
|
62
|
+
response[:errors].each do |error|
|
63
|
+
say "! Server Error: #{error}"
|
64
|
+
end
|
65
|
+
else
|
66
|
+
if response[:updated].any?
|
67
|
+
response[:updated].each do |update|
|
68
|
+
if update[:success]
|
69
|
+
say "-----> #{update[:technology][:name]} was updated to #{update[:new_version]}"
|
70
|
+
else
|
71
|
+
say "! Error syncing #{update[:technology][:name]}: #{update[:errors][:value][0]}"
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
else
|
78
|
+
say '-----> No differences were found. Everything is up to date.'
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
82
|
+
else
|
83
|
+
say '! You have to setup HAKIRI_AUTH_TOKEN environmental variable with your Hakiri authentication token.'
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
@@ -0,0 +1,76 @@
|
|
1
|
+
require 'rest_client'
|
2
|
+
|
3
|
+
class Hakiri::HttpClient
|
4
|
+
attr_accessor :auth_token, :api_url
|
5
|
+
|
6
|
+
#
|
7
|
+
# Initializes an http client.
|
8
|
+
#
|
9
|
+
def initialize
|
10
|
+
@auth_token = (ENV['HAKIRI_AUTH_TOKEN'] or nil)
|
11
|
+
@api_url = (ENV['HAKIRI_API_URL'] or 'http://www.hakiriup.com/api/v1')
|
12
|
+
end
|
13
|
+
|
14
|
+
#
|
15
|
+
# Gets vulnerabilities from the server based on the supplied versions.
|
16
|
+
#
|
17
|
+
# @param [String] params
|
18
|
+
# Hash of technologies with versions converted to a string.
|
19
|
+
#
|
20
|
+
# @return [Hash]
|
21
|
+
# Returns a hash of technologies with vulnerabilities.
|
22
|
+
#
|
23
|
+
def get_issues(params)
|
24
|
+
# { |response, request, result, &block|
|
25
|
+
# JSON.parse(.to_str, symbolize_names: true)
|
26
|
+
# "! Server Error: #{response.code}"
|
27
|
+
RestClient.get "#{@api_url}/issues.json?auth_token=#{@auth_token}&#{params}" do |response, request, result, &block|
|
28
|
+
case response.code
|
29
|
+
when 200
|
30
|
+
JSON.parse(response.to_str, symbolize_names: true)
|
31
|
+
else
|
32
|
+
{ errors: [response.code] }
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
#
|
38
|
+
# Checks system and server version differences.
|
39
|
+
#
|
40
|
+
# @param [String] params
|
41
|
+
# Hash of technologies with versions converted to a string.
|
42
|
+
#
|
43
|
+
# @return [Hash]
|
44
|
+
# Returns a hash of differences between technologies.
|
45
|
+
#
|
46
|
+
def check_versions_diff(params)
|
47
|
+
RestClient.get "#{@api_url}/versions/diffs.json?auth_token=#{@auth_token}&#{params}" do |response, request, result, &block|
|
48
|
+
case response.code
|
49
|
+
when 200
|
50
|
+
JSON.parse(response.to_str, symbolize_names: true)
|
51
|
+
else
|
52
|
+
{ errors: [response.code] }
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
#
|
58
|
+
# Checks system and server version differences.
|
59
|
+
#
|
60
|
+
# @param [String] params
|
61
|
+
# Hash of technologies with versions converted to a string.
|
62
|
+
#
|
63
|
+
# @return [Hash]
|
64
|
+
# Returns a hash of updated versions.
|
65
|
+
#
|
66
|
+
def sync_project_versions(project_id, params)
|
67
|
+
RestClient.put "#{@api_url}/projects/#{project_id}.json?auth_token=#{@auth_token}", params do |response, request, result, &block|
|
68
|
+
case response.code
|
69
|
+
when 200
|
70
|
+
JSON.parse(response.to_str, symbolize_names: true)
|
71
|
+
else
|
72
|
+
{ errors: [response.code] }
|
73
|
+
end
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
data/lib/hakiri/stack.rb
CHANGED
@@ -3,35 +3,47 @@ require 'active_support/all'
|
|
3
3
|
class Hakiri::Stack
|
4
4
|
attr_accessor :technologies, :default_path
|
5
5
|
|
6
|
-
#
|
6
|
+
#
|
7
|
+
# Initializes a stack.
|
7
8
|
#
|
8
9
|
def initialize()
|
9
10
|
@default_path = ''
|
10
11
|
@technologies = {}
|
12
|
+
@errors = []
|
11
13
|
end
|
12
14
|
|
13
|
-
# This method parses a supplied JSON file and sets stack technologies.
|
14
15
|
#
|
15
|
-
#
|
16
|
-
#
|
16
|
+
# Parses a supplied JSON file and sets stack technologies.
|
17
|
+
#
|
18
|
+
# @param [String] json_file
|
19
|
+
# JSON file with technologies in the Hakiri format.
|
17
20
|
#
|
18
21
|
def build_from_json_file(json_file)
|
19
22
|
@technologies = JSON.parse(IO.read(json_file))
|
20
23
|
end
|
21
24
|
|
25
|
+
#
|
22
26
|
# This method analyzes user input from the Hakiri gem and sets up
|
23
27
|
# default paths to retrieve versions.
|
24
28
|
#
|
25
|
-
#
|
26
|
-
#
|
27
|
-
#
|
28
|
-
#
|
29
|
-
#
|
30
|
-
#
|
29
|
+
# @param [String] server
|
30
|
+
# Rails server selection.
|
31
|
+
#
|
32
|
+
# @param [String] extra_server
|
33
|
+
# Apache, nginx, both or neither.
|
34
|
+
#
|
35
|
+
# @param [String] db
|
36
|
+
# DB selection.
|
37
|
+
#
|
38
|
+
# @param [String] redis
|
39
|
+
# Is Redis present?
|
40
|
+
#
|
41
|
+
# @param [String] memcached
|
42
|
+
# Is Memcached present?
|
31
43
|
#
|
32
44
|
def build_from_input(server, extra_server, db, redis, memcached)
|
33
45
|
@technologies['ruby'] = { path: @default_path }
|
34
|
-
@technologies['
|
46
|
+
@technologies['ruby-on-rails'] = { path: @default_path }
|
35
47
|
|
36
48
|
case server
|
37
49
|
when 1
|
@@ -77,30 +89,23 @@ class Hakiri::Stack
|
|
77
89
|
@technologies['memcached'] = { path: @default_path } if memcached
|
78
90
|
end
|
79
91
|
|
80
|
-
#
|
92
|
+
#
|
93
|
+
# Attempts to get versions of technologies in the @technologies
|
81
94
|
# instance variable. If a version is part of a technology hash then it doesn't
|
82
95
|
# get overwritten by this method.
|
83
96
|
#
|
84
97
|
def fetch_versions
|
85
|
-
@technologies.each do |
|
86
|
-
|
87
|
-
if @technologies[technology_name]['version'] and @technologies[technology_name]['version'] != ''
|
88
|
-
@technologies[technology_name][:version] = @technologies[technology_name]['version']
|
89
|
-
else
|
90
|
-
technology_class = Hakiri.const_get(technology_name.gsub('-', '_').camelcase)
|
91
|
-
technology_object = technology_class.new(value[:path])
|
98
|
+
@technologies.each do |technology_slug, value|
|
99
|
+
@technologies[technology_slug].symbolize_keys!
|
92
100
|
|
93
|
-
|
94
|
-
|
95
|
-
else
|
96
|
-
@technologies.delete(technology_name)
|
97
|
-
end
|
98
|
-
end
|
101
|
+
technology_class = Hakiri.const_get(technology_slug.gsub('-', '_').camelcase)
|
102
|
+
technology_object = technology_class.new(value[:path])
|
99
103
|
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
+
if technology_object.version
|
105
|
+
@technologies[technology_slug][:version] = technology_object.version unless @technologies[technology_slug][:version] and @technologies[technology_slug][:version] != ''
|
106
|
+
@technologies[technology_slug][:name] = technology_object.name
|
107
|
+
else
|
108
|
+
@technologies.delete(technology_slug)
|
104
109
|
end
|
105
110
|
end
|
106
111
|
end
|
@@ -1,19 +1,24 @@
|
|
1
1
|
class Hakiri::Technology
|
2
|
-
|
3
|
-
#
|
2
|
+
attr_accessor :name
|
3
|
+
#
|
4
|
+
# Initializes a technology.
|
4
5
|
#
|
5
6
|
def initialize(path = '')
|
6
7
|
@default_regexp = /\d+(\.\d+)(\.\d+)/
|
7
8
|
@path = path
|
9
|
+
@name = 'Technology'
|
8
10
|
end
|
9
11
|
|
10
|
-
# This method outputs a default error in the command line.
|
11
12
|
#
|
12
|
-
#
|
13
|
-
#
|
14
|
-
#
|
13
|
+
# Prints an error if can't find version
|
14
|
+
#
|
15
|
+
# @param [Exception] e
|
16
|
+
# Exception returned by Ruby.
|
17
|
+
#
|
18
|
+
# @param [String] output
|
19
|
+
# System output from attempted version query.
|
15
20
|
#
|
16
21
|
def puts_error(e, output)
|
17
|
-
|
22
|
+
say "! Can't find #{self.class.name.demodulize}: #{output.lines.first}"
|
18
23
|
end
|
19
24
|
end
|
data/lib/hakiri/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hakiri
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2013-06-
|
12
|
+
date: 2013-06-21 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: commander
|
@@ -75,7 +75,24 @@ dependencies:
|
|
75
75
|
- - ! '>='
|
76
76
|
- !ruby/object:Gem::Version
|
77
77
|
version: '0'
|
78
|
-
|
78
|
+
- !ruby/object:Gem::Dependency
|
79
|
+
name: rest-client
|
80
|
+
requirement: !ruby/object:Gem::Requirement
|
81
|
+
none: false
|
82
|
+
requirements:
|
83
|
+
- - ! '>='
|
84
|
+
- !ruby/object:Gem::Version
|
85
|
+
version: '0'
|
86
|
+
type: :runtime
|
87
|
+
prerelease: false
|
88
|
+
version_requirements: !ruby/object:Gem::Requirement
|
89
|
+
none: false
|
90
|
+
requirements:
|
91
|
+
- - ! '>='
|
92
|
+
- !ruby/object:Gem::Version
|
93
|
+
version: '0'
|
94
|
+
description: Hakiri is a CLI for www.hakiriup.com—a cloud security platform for Ruby
|
95
|
+
on rails apps.
|
79
96
|
email: vasinov@me.com
|
80
97
|
executables:
|
81
98
|
- hakiri
|
@@ -85,10 +102,15 @@ files:
|
|
85
102
|
- .gitignore
|
86
103
|
- Gemfile
|
87
104
|
- Gemfile.lock
|
105
|
+
- README.md
|
88
106
|
- bin/hakiri
|
89
107
|
- hakiri.gemspec
|
90
108
|
- lib/hakiri.rb
|
91
|
-
- lib/hakiri/
|
109
|
+
- lib/hakiri/cli/cli.rb
|
110
|
+
- lib/hakiri/cli/system_scan.rb
|
111
|
+
- lib/hakiri/cli/system_steps.rb
|
112
|
+
- lib/hakiri/cli/system_sync.rb
|
113
|
+
- lib/hakiri/http_client.rb
|
92
114
|
- lib/hakiri/stack.rb
|
93
115
|
- lib/hakiri/technologies/apache.rb
|
94
116
|
- lib/hakiri/technologies/apache_tomcat.rb
|
data/lib/hakiri/cli_output.rb
DELETED
@@ -1,11 +0,0 @@
|
|
1
|
-
class Hakiri::CliOutput
|
2
|
-
def initialize
|
3
|
-
@technologies_table = []
|
4
|
-
end
|
5
|
-
|
6
|
-
def fancy_technologies_table(technologies)
|
7
|
-
technologies.each { |key, value| @technologies_table << [key, value[:version]] }
|
8
|
-
|
9
|
-
Terminal::Table.new rows: @technologies_table
|
10
|
-
end
|
11
|
-
end
|