neetob 0.5.29 → 0.5.31
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/neetob/cli/code/audit.rb +3 -1
- data/lib/neetob/cli/heroku/autoscaling_config.rb +10 -35
- data/lib/neetob/cli/heroku/certs.rb +39 -0
- data/lib/neetob/cli/heroku/commands.rb +7 -0
- data/lib/neetob/cli/heroku/config_vars/list.rb +13 -4
- data/lib/neetob/cli/monthly_audit/instances_and_addons/main.rb +3 -3
- data/lib/neetob/cli/monthly_audit/instances_and_addons/{neeto_deploy → neeto_deploy_or_heroku}/auto_scaling_enabled.rb +12 -1
- data/lib/neetob/cli/monthly_audit/instances_and_addons/{neeto_deploy → neeto_deploy_or_heroku}/cloudfront_cdn_enabled.rb +18 -1
- data/lib/neetob/cli/monthly_audit/instances_and_addons/{neeto_deploy → neeto_deploy_or_heroku}/essential_environment_variables_set.rb +11 -1
- data/lib/neetob/cli/monthly_audit/instances_and_addons/{neeto_deploy → neeto_deploy_or_heroku}/main.rb +1 -1
- data/lib/neetob/cli/monthly_audit/instances_and_addons/{neeto_deploy → neeto_deploy_or_heroku}/scheduled_exports_enabled.rb +1 -1
- data/lib/neetob/cli/monthly_audit/instances_and_addons/{neeto_deploy → neeto_deploy_or_heroku}/ssl_certificates_over_thirty_days_from_expiry.rb +16 -1
- data/lib/neetob/version.rb +1 -1
- metadata +9 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f8882c4e2293a3dc0c4eb58244d1ec1ad3361e402e892c2b171b0f351fa7e6bf
|
|
4
|
+
data.tar.gz: 60214f801b4a0c0d5b1f44b87a2b9fa6de2dbe0ba395539494d2b75611332a0d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e6230b2c8aac65c478dfa6795c06fd85ddc7f18d4b4f3134b8fe1f2f43bce5f5e3aa8fc4bc9beb4c5ea169fbcb8553f2f4aa809c2081eafbcae7e42df963269d
|
|
7
|
+
data.tar.gz: 890f6afa8d41ceb454cf3e947a6e794df153f29eda9abbbfb206fd11d002ca332e1f07156812872564f0d8d1d355ecadbadbe7b2f7c44d7e032fef42c297cc92
|
data/Gemfile.lock
CHANGED
|
@@ -51,7 +51,9 @@ module Neetob
|
|
|
51
51
|
def find_tables_without_uuid_as_primary_key(db_schema)
|
|
52
52
|
create_table_regex = /create_table.*?,\s*force:\s*:cascade\s*do\s*\|t\|/
|
|
53
53
|
db_schema.scan(create_table_regex).map do |create_table_line|
|
|
54
|
-
!create_table_line.include?("id: :uuid")
|
|
54
|
+
!(create_table_line.include?("id: :uuid") || create_table_line.include?("id: false")) ?
|
|
55
|
+
create_table_line.scan(/"([^"]+)"/).flatten.first :
|
|
56
|
+
nil
|
|
55
57
|
end
|
|
56
58
|
end
|
|
57
59
|
|
|
@@ -17,47 +17,22 @@ module Neetob
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def run
|
|
20
|
-
|
|
20
|
+
addons_list_heroku_output = `heroku addons -a #{app}`
|
|
21
21
|
|
|
22
|
-
|
|
23
|
-
response = get(url)
|
|
24
|
-
if response.any? { |addon| addon[:addon_service][:name] == "judoscale" }
|
|
25
|
-
ui.success("Judoscale addon is #{print_success('enabled')} for #{app}")
|
|
26
|
-
else
|
|
27
|
-
ui.error("Judoscale #{print_failure('not present')} for #{app}")
|
|
28
|
-
end
|
|
29
|
-
end
|
|
22
|
+
judoscale_addon = addons_list_heroku_output.lines.select { |line| line.include?("judoscale") }.first
|
|
30
23
|
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
def create_url(app)
|
|
34
|
-
"https://api.heroku.com/apps/#{app}/addons"
|
|
35
|
-
end
|
|
24
|
+
judoscale_addon_enabled = judoscale_addon && judoscale_addon.include?("created")
|
|
36
25
|
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
response = Zlib::GzipReader.new(compressed_string).read
|
|
42
|
-
JSON.parse(response, symbolize_names: true)
|
|
43
|
-
else
|
|
44
|
-
error_message = JSON.parse(http_result.body)["message"]
|
|
45
|
-
raise(StandardError, "Request failed with status code #{http_result.code}: #{error_message}")
|
|
46
|
-
end
|
|
26
|
+
if judoscale_addon_enabled
|
|
27
|
+
ui.success("Judoscale addon is enabled for #{app}.", print_to_audit_log: false)
|
|
28
|
+
else
|
|
29
|
+
ui.error("Judoscale addon is not enabled for #{app}.", print_to_audit_log: false)
|
|
47
30
|
end
|
|
48
31
|
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
uri = URI(url)
|
|
52
|
-
request = Net::HTTP::Get.new(uri)
|
|
53
|
-
headers.each { |key, value| request[key] = value }
|
|
54
|
-
|
|
55
|
-
response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") do |http|
|
|
56
|
-
http.request(request)
|
|
57
|
-
end
|
|
58
|
-
|
|
59
|
-
parse_response(response)
|
|
32
|
+
if Thread.current[:audit_mode]
|
|
33
|
+
{ judoscale_addon_enabled: }
|
|
60
34
|
end
|
|
35
|
+
end
|
|
61
36
|
end
|
|
62
37
|
end
|
|
63
38
|
end
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require_relative "../base"
|
|
4
|
+
|
|
5
|
+
module Neetob
|
|
6
|
+
class CLI
|
|
7
|
+
module Heroku
|
|
8
|
+
class Certs < Base
|
|
9
|
+
attr_accessor :app
|
|
10
|
+
|
|
11
|
+
def initialize(app)
|
|
12
|
+
super()
|
|
13
|
+
@app = app
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def run
|
|
17
|
+
certificates_list_heroku_output = `heroku certs -a #{app}`
|
|
18
|
+
ui.success("Certificates of #{app}", print_to_audit_log: false)
|
|
19
|
+
ui.info(certificates_list_heroku_output, print_to_audit_log: false)
|
|
20
|
+
|
|
21
|
+
if Thread.current[:audit_mode]
|
|
22
|
+
certificates_list_heroku_output.lines[2..].map do |line|
|
|
23
|
+
match = line.match(
|
|
24
|
+
/^\s*(\S+)\s+([^\d]+?)(?=\s+(\d{4}-\d{2}-\d{2} \d{2}:\d{2} UTC))/
|
|
25
|
+
)
|
|
26
|
+
next unless match
|
|
27
|
+
|
|
28
|
+
{
|
|
29
|
+
name: match[1],
|
|
30
|
+
common_names: match[2],
|
|
31
|
+
expires: match[3]
|
|
32
|
+
}
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
end
|
|
@@ -7,6 +7,7 @@ require_relative "execute"
|
|
|
7
7
|
require_relative "stack"
|
|
8
8
|
require_relative "autoscaling_config"
|
|
9
9
|
require_relative "maintenance_window"
|
|
10
|
+
require_relative "certs"
|
|
10
11
|
|
|
11
12
|
module Neetob
|
|
12
13
|
class CLI
|
|
@@ -43,6 +44,12 @@ module Neetob
|
|
|
43
44
|
def maintenance_window
|
|
44
45
|
MaintenanceWindow.new(options[:app]).process
|
|
45
46
|
end
|
|
47
|
+
|
|
48
|
+
desc "certs", "Check the certificates of the app on Heroku"
|
|
49
|
+
option :app, type: :string, aliases: "-a", required: "true", desc: "Name of your app in Heroku"
|
|
50
|
+
def certs
|
|
51
|
+
Certs.new(options[:app]).process
|
|
52
|
+
end
|
|
46
53
|
end
|
|
47
54
|
end
|
|
48
55
|
end
|
|
@@ -19,16 +19,25 @@ module Neetob
|
|
|
19
19
|
|
|
20
20
|
def run
|
|
21
21
|
matching_apps = find_all_matching_apps_or_repos(apps, :heroku, sandbox)
|
|
22
|
+
final_data = []
|
|
22
23
|
matching_apps.each do |app|
|
|
23
|
-
ui.info("\n Config of #{app}\n")
|
|
24
|
+
ui.info("\n Config of #{app}\n", print_to_audit_log: false)
|
|
24
25
|
config = `heroku config -a #{app} --json`
|
|
25
26
|
unless $?.success?
|
|
26
|
-
ui.error(
|
|
27
|
-
|
|
27
|
+
ui.error(
|
|
28
|
+
"There is a problem in accessing the app with name \"#{app}\" in your account.",
|
|
29
|
+
print_to_audit_log: false)
|
|
30
|
+
ui.error(
|
|
31
|
+
"Please check the specified app name and ensure you're authorized to view that app.",
|
|
32
|
+
print_to_audit_log: false)
|
|
28
33
|
next
|
|
29
34
|
end
|
|
30
35
|
table = Terminal::Table.new headings: table_columns, rows: filter_config(config)
|
|
31
|
-
ui.success(table)
|
|
36
|
+
ui.success(table, print_to_audit_log: false)
|
|
37
|
+
final_data << JSON.parse(config)
|
|
38
|
+
end
|
|
39
|
+
if Thread.current[:audit_mode]
|
|
40
|
+
final_data
|
|
32
41
|
end
|
|
33
42
|
end
|
|
34
43
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
require_relative "
|
|
3
|
+
require_relative "neeto_deploy_or_heroku/main"
|
|
4
4
|
require_relative "cloudflare/main"
|
|
5
5
|
require_relative "cronitor/main"
|
|
6
6
|
require_relative "honeybadger/main"
|
|
@@ -17,9 +17,9 @@ module Neetob
|
|
|
17
17
|
def run
|
|
18
18
|
ui.success("# 3. Running audit for application instances and add-ons")
|
|
19
19
|
ui.info "\n"
|
|
20
|
-
ui.success("## 3.1. Checking NeetoDeploy related configurations")
|
|
20
|
+
ui.success("## 3.1. Checking NeetoDeploy/Heroku related configurations")
|
|
21
21
|
ui.info "\n"
|
|
22
|
-
|
|
22
|
+
NeetoDeployOrHeroku::Main.new.run
|
|
23
23
|
ui.info "\n"
|
|
24
24
|
ui.success("## 3.2. Checking Cloudflare related configurations")
|
|
25
25
|
ui.info "\n"
|
|
@@ -4,7 +4,7 @@ module Neetob
|
|
|
4
4
|
class CLI
|
|
5
5
|
module MonthlyAudit
|
|
6
6
|
module InstancesAndAddons
|
|
7
|
-
module
|
|
7
|
+
module NeetoDeployOrHeroku
|
|
8
8
|
class AutoScalingEnabled < CLI::Base
|
|
9
9
|
def initialize
|
|
10
10
|
super()
|
|
@@ -40,6 +40,17 @@ module Neetob
|
|
|
40
40
|
end
|
|
41
41
|
apps_data << [app, autoscaling_config, comments, audit_passed]
|
|
42
42
|
end
|
|
43
|
+
Neetob::CLI::Sre::Base::APPS_LIST[:heroku].select { |app| app.include?("production") }.each do |app|
|
|
44
|
+
ui.info("Checking auto_scaling config for #{app}", print_to_audit_log: false)
|
|
45
|
+
autoscaling_config_result = Neetob::CLI::Heroku::AutoscalingConfig.new(app).run
|
|
46
|
+
comments = nil
|
|
47
|
+
|
|
48
|
+
audit_passed = autoscaling_config_result[:judoscale_addon_enabled] ? "Yes" : "No"
|
|
49
|
+
if audit_passed == "No"
|
|
50
|
+
comments = "Judoscale addon is not enabled"
|
|
51
|
+
end
|
|
52
|
+
apps_data << [app, autoscaling_config_result, comments, audit_passed]
|
|
53
|
+
end
|
|
43
54
|
ui.print_table(apps_data)
|
|
44
55
|
end
|
|
45
56
|
end
|
|
@@ -4,7 +4,7 @@ module Neetob
|
|
|
4
4
|
class CLI
|
|
5
5
|
module MonthlyAudit
|
|
6
6
|
module InstancesAndAddons
|
|
7
|
-
module
|
|
7
|
+
module NeetoDeployOrHeroku
|
|
8
8
|
class CloudfrontCdnEnabled < CLI::Base
|
|
9
9
|
def initialize
|
|
10
10
|
super()
|
|
@@ -46,6 +46,23 @@ module Neetob
|
|
|
46
46
|
end
|
|
47
47
|
apps_data << [app, asset_host_value, comments, audit_passed]
|
|
48
48
|
end
|
|
49
|
+
Neetob::CLI::Sre::Base::APPS_LIST[:heroku].select { |app| app.include?("production") }.each do |app|
|
|
50
|
+
ui.info("Checking ASSET_HOST value for #{app}", print_to_audit_log: false)
|
|
51
|
+
config_vars_result = Neetob::CLI::Heroku::ConfigVars::List.new([app]).run[0]
|
|
52
|
+
asset_host_value = config_vars_result["ASSET_HOST"]
|
|
53
|
+
if asset_host_value.nil?
|
|
54
|
+
audit_passed = "No"
|
|
55
|
+
comments = "ASSET_HOST value not found."
|
|
56
|
+
else
|
|
57
|
+
is_direct_cloudfront_asset_host = asset_host_value.include?("cloudfront.net")
|
|
58
|
+
is_cdn_subdomain_asset_host = asset_host_value == "cdn.#{app.gsub("-web-production", "").gsub("-", "")}.com"
|
|
59
|
+
audit_passed = is_direct_cloudfront_asset_host || is_cdn_subdomain_asset_host ? "Yes" : "No"
|
|
60
|
+
if audit_passed == "No"
|
|
61
|
+
comments = "ASSET_HOST value is not a Cloudfront CDN URL or a CDN subdomain URL."
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
apps_data << [app, asset_host_value, comments, audit_passed]
|
|
65
|
+
end
|
|
49
66
|
ui.print_table(apps_data)
|
|
50
67
|
end
|
|
51
68
|
end
|
|
@@ -4,7 +4,7 @@ module Neetob
|
|
|
4
4
|
class CLI
|
|
5
5
|
module MonthlyAudit
|
|
6
6
|
module InstancesAndAddons
|
|
7
|
-
module
|
|
7
|
+
module NeetoDeployOrHeroku
|
|
8
8
|
class EssentialEnvironmentVariablesSet < CLI::Base
|
|
9
9
|
def initialize
|
|
10
10
|
super()
|
|
@@ -33,6 +33,16 @@ module Neetob
|
|
|
33
33
|
end
|
|
34
34
|
apps_data << [app, all_essential_env_variables_set, comments, audit_passed]
|
|
35
35
|
end
|
|
36
|
+
Neetob::CLI::Sre::Base::APPS_LIST[:heroku].select { |app| app.include?("production") }.each do |app|
|
|
37
|
+
ui.info("Checking essential env variables for #{app}", print_to_audit_log: false)
|
|
38
|
+
essential_env_variables_result = Neetob::CLI::Sre::CheckEssentialEnv.new(app).run
|
|
39
|
+
all_essential_env_variables_set = essential_env_variables_result[:all_keys_present]
|
|
40
|
+
audit_passed = all_essential_env_variables_set ? "Yes" : "No"
|
|
41
|
+
if audit_passed == "No"
|
|
42
|
+
comments = "Missing keys: #{essential_env_variables_result[:missing_keys].join(", ")}"
|
|
43
|
+
end
|
|
44
|
+
apps_data << [app, all_essential_env_variables_set, comments, audit_passed]
|
|
45
|
+
end
|
|
36
46
|
ui.print_table(apps_data)
|
|
37
47
|
end
|
|
38
48
|
end
|
|
@@ -4,7 +4,7 @@ module Neetob
|
|
|
4
4
|
class CLI
|
|
5
5
|
module MonthlyAudit
|
|
6
6
|
module InstancesAndAddons
|
|
7
|
-
module
|
|
7
|
+
module NeetoDeployOrHeroku
|
|
8
8
|
class SslCertificatesOverThirtyDaysFromExpiry < CLI::Base
|
|
9
9
|
def initialize
|
|
10
10
|
super()
|
|
@@ -33,6 +33,21 @@ module Neetob
|
|
|
33
33
|
end
|
|
34
34
|
apps_data << [app, certificates_expiring_in_less_than_30_days, comments, audit_passed]
|
|
35
35
|
end
|
|
36
|
+
Neetob::CLI::Sre::Base::APPS_LIST[:heroku].select { |app| app.include?("production") }.each do |app|
|
|
37
|
+
ui.info("Checking Certificates status for #{app}", print_to_audit_log: false)
|
|
38
|
+
certificates_status = Neetob::CLI::Heroku::Certs.new(app).run
|
|
39
|
+
certificates_expiring_in_less_than_30_days = certificates_status.select { |certificate| DateTime.parse(certificate[:expires]) <= 32.days.from_now }
|
|
40
|
+
comments = nil
|
|
41
|
+
audit_passed = "No"
|
|
42
|
+
certificates_expiring_in_less_than_30_days_present = "No"
|
|
43
|
+
if certificates_expiring_in_less_than_30_days.empty?
|
|
44
|
+
audit_passed = "Yes"
|
|
45
|
+
else
|
|
46
|
+
comments = "Certificates #{certificates_expiring_in_less_than_30_days.map { |certificate| certificate[:name] }.join(", ")} are expiring in less than 30 days."
|
|
47
|
+
certificates_expiring_in_less_than_30_days_present = "Yes"
|
|
48
|
+
end
|
|
49
|
+
apps_data << [app, certificates_expiring_in_less_than_30_days_present, comments, audit_passed]
|
|
50
|
+
end
|
|
36
51
|
ui.print_table(apps_data)
|
|
37
52
|
end
|
|
38
53
|
end
|
data/lib/neetob/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: neetob
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.31
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Udai Gupta
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-01-
|
|
11
|
+
date: 2025-01-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: thor
|
|
@@ -218,6 +218,7 @@ files:
|
|
|
218
218
|
- lib/neetob/cli/heroku/access/remove.rb
|
|
219
219
|
- lib/neetob/cli/heroku/autoscaling_config.rb
|
|
220
220
|
- lib/neetob/cli/heroku/base.rb
|
|
221
|
+
- lib/neetob/cli/heroku/certs.rb
|
|
221
222
|
- lib/neetob/cli/heroku/commands.rb
|
|
222
223
|
- lib/neetob/cli/heroku/config_vars/audit.rb
|
|
223
224
|
- lib/neetob/cli/heroku/config_vars/base.rb
|
|
@@ -248,12 +249,12 @@ files:
|
|
|
248
249
|
- lib/neetob/cli/monthly_audit/instances_and_addons/honeybadger/main.rb
|
|
249
250
|
- lib/neetob/cli/monthly_audit/instances_and_addons/honeybadger/setup_correctly_for_apps.rb
|
|
250
251
|
- lib/neetob/cli/monthly_audit/instances_and_addons/main.rb
|
|
251
|
-
- lib/neetob/cli/monthly_audit/instances_and_addons/
|
|
252
|
-
- lib/neetob/cli/monthly_audit/instances_and_addons/
|
|
253
|
-
- lib/neetob/cli/monthly_audit/instances_and_addons/
|
|
254
|
-
- lib/neetob/cli/monthly_audit/instances_and_addons/
|
|
255
|
-
- lib/neetob/cli/monthly_audit/instances_and_addons/
|
|
256
|
-
- lib/neetob/cli/monthly_audit/instances_and_addons/
|
|
252
|
+
- lib/neetob/cli/monthly_audit/instances_and_addons/neeto_deploy_or_heroku/auto_scaling_enabled.rb
|
|
253
|
+
- lib/neetob/cli/monthly_audit/instances_and_addons/neeto_deploy_or_heroku/cloudfront_cdn_enabled.rb
|
|
254
|
+
- lib/neetob/cli/monthly_audit/instances_and_addons/neeto_deploy_or_heroku/essential_environment_variables_set.rb
|
|
255
|
+
- lib/neetob/cli/monthly_audit/instances_and_addons/neeto_deploy_or_heroku/main.rb
|
|
256
|
+
- lib/neetob/cli/monthly_audit/instances_and_addons/neeto_deploy_or_heroku/scheduled_exports_enabled.rb
|
|
257
|
+
- lib/neetob/cli/monthly_audit/instances_and_addons/neeto_deploy_or_heroku/ssl_certificates_over_thirty_days_from_expiry.rb
|
|
257
258
|
- lib/neetob/cli/monthly_audit/misc/main.rb
|
|
258
259
|
- lib/neetob/cli/monthly_audit/misc/redirections_working_correctly.rb
|
|
259
260
|
- lib/neetob/cli/monthly_audit/misc/sparkpost_sub_account_used_for_all_apps.rb
|