neetob 0.5.68 → 0.5.77

data/lib/neetob/cli/monthly_audit/instances_and_addons/neeto_deploy_or_heroku/ssl_certificates_over_thirty_days_from_expiry.rb

@@ -1,5 +1,8 @@
 # frozen_string_literal: true
 
+require_relative "../../github_issue_creation"
+require "httparty"
+
 module Neetob
   class CLI
     module MonthlyAudit
@@ -24,6 +27,7 @@ module Neetob
             def initialize
               super()
               @resolver = Resolv::DNS.new
+              @all_flagged_certificates = []
             end
 
             def run
@@ -36,51 +40,80 @@ module Neetob
                 audit_passed = nil
                 comments = nil
                 certificates_expiring_in_less_than_30_days = "No"
+
                 if certificates_status.is_a?(Hash) && certificates_status["error"] == "Forbidden"
                   audit_passed = "No"
                   comments = "You do not have permission to access the certificates for this app."
                 else
-                  certificates_to_be_flagged = certificates_status.select { |certificate|
+                  current_app_flagged_certificates = certificates_status.select { |certificate|
                     certificate["expires_before_30_days"] &&
-                    (certificate["domains"] || []).map {
-                      |domain| domain["hostname"]
-                    }.any? { |domain| should_flag_domain?(domain) }
+                      (certificate["domains"] || []).map { |domain| domain["hostname"] }
+                        .any? { |domain| should_flag_domain?(domain) }
                   }
-                  audit_passed = certificates_to_be_flagged.empty? ? "Yes" : "No"
+                  audit_passed = current_app_flagged_certificates.empty? ? "Yes" : "No"
                   certificates_expiring_in_less_than_30_days = "Yes" if audit_passed == "No"
+
                   if audit_passed == "No"
-                    certificates_failing_audit = certificates_to_be_flagged.map { |certificate|
+                    @all_flagged_certificates.concat(current_app_flagged_certificates)
+                    current_app_failing_certificates = current_app_flagged_certificates.map { |certificate|
                       "#{certificate["name"]}(#{certificate["domains"].map { |domain| domain["hostname"] }.join(", ")})"
                     }
-                    comments = "Certificates #{certificates_failing_audit.join(", ")} are expiring in less than 30 days."
+                    comments = "Certificates #{current_app_failing_certificates.join(", ")} are expiring in less than 30 days."
                   end
                 end
+
                 apps_data << [app, certificates_expiring_in_less_than_30_days, comments, audit_passed]
               end
-              Neetob::CLI::Sre::Base::APPS_LIST[:heroku].select { |app| app.include?("production") }.each do |app|
-                ui.info("Checking Certificates status for #{app}", print_to_audit_log: false)
-                certificates_status = Neetob::CLI::Heroku::Certs.new(app).run
-                certificates_expiring_in_less_than_30_days = certificates_status.select { |certificate| DateTime.parse(certificate[:expires]) <= 32.days.from_now }
-                comments = nil
-                audit_passed = "No"
-                certificates_expiring_in_less_than_30_days_present = "No"
-                if certificates_expiring_in_less_than_30_days.empty?
-                  audit_passed = "Yes"
-                else
-                  comments = "Certificates #{certificates_expiring_in_less_than_30_days.map { |certificate| certificate[:name] }.join(", ")} are expiring in less than 30 days."
-                  certificates_expiring_in_less_than_30_days_present = "Yes"
+
+              if @all_flagged_certificates.any?
+                # categorize the certificates into bigbinary domains and custom domains
+                custom_domains = fetch_custom_domains.map { |domain| domain["hostname"] }
+                bigbinary_domains = Neetob::CLI::Cloudflare::Base::ZONE_IDS.keys.select { |domain| domain.to_s.include?(".com") }
+
+                flagged_by_category = {
+                  bigbinary: select_flagged_by_domains(bigbinary_domains),
+                  custom: select_flagged_by_domains(custom_domains)
+                }
+
+                issue_urls = []
+
+                unless flagged_by_category[:bigbinary].empty?
+                  repo = "neeto-deploy-web"
+                  comments = "Bigbinary domains SSL #{failing_comments(flagged_by_category[:bigbinary])}"
+                  issue_urls << GithubIssueCreation.new.create_issue(
+                    repo:,
+                    title: "SSL certificates over 30 days from expiry",
+                    description: comments
+                  )
                 end
-                apps_data << [app, certificates_expiring_in_less_than_30_days_present, comments, audit_passed]
+
+                unless flagged_by_category[:custom].empty?
+                  repo = "neeto-custom-domains-nano"
+                  comments = failing_comments(flagged_by_category[:custom])
+                  issue_urls << GithubIssueCreation.new.create_issue(
+                    repo:,
+                    title: "Custom domains SSL certificates over 30 days from expiry",
+                    description: comments
+                  )
+                end
+
+                ui.info("Issue created: #{issue_urls.join('<br>')}") if issue_urls.any?
               end
               ui.print_table(apps_data)
             end
 
             private
 
+              def fetch_custom_domains
+                headers = { "Authorization" => "Bearer #{ENV["NEETO_TOWER_AUTH_TOKEN"]}" }
+                response = HTTParty.get("https://ops.neetotower.com/api/v1/public/custom_domains", headers:)
+                response.parsed_response["domains"] || []
+              end
+
               def should_flag_domain?(hostname)
                 valid_dns_configuration?(hostname) &&
-                !points_to_heroku?(hostname) &&
-                !DOMAINS_AUTO_RENEWED.include?(hostname)
+                  !points_to_heroku?(hostname) &&
+                  !DOMAINS_AUTO_RENEWED.include?(hostname)
               end
 
               def points_to_heroku?(hostname)
@@ -89,7 +122,7 @@ module Neetob
                   cname_records.any? { |record| record.name.to_s.include?(HEROKU_DNS_TARGET) }
                 end
               rescue Resolv::ResolvError, Timeout::Error => e
-                ui.error("Heroku DNS resolution failed for #{hostname}: #{e.message}")
+                ui.error("Heroku DNS resolution failed for #{hostname}: #{e.message}", print_to_audit_log: false)
                 false
               end
 
@@ -109,13 +142,25 @@ module Neetob
                   false
                 end
               rescue Resolv::ResolvError, Timeout::Error => e
-                ui.error("Neetodeploy DNS resolution failed for #{hostname}: #{e.message}")
+                ui.error("Neetodeploy DNS resolution failed for #{hostname}: #{e.message}", print_to_audit_log: false)
                 false
               end
 
               def root_level_domain?(hostname)
                 hostname.split(".").length == 2
               end
+
+              def select_flagged_by_domains(domains)
+                @all_flagged_certificates.select do |cert|
+                  cert["domains"].any? { |d| domains.include?(d["hostname"]) }
+                end
+              end
+
+              def failing_comments(certificates)
+                "Certificates #{certificates.map { |certificate|
+                  "#{certificate["name"]}(#{certificate["domains"].map { |domain| domain["hostname"] }.join(", ")})"
+                }.join(", ")} are expiring in less than 30 days."
+              end
           end
         end
       end

data/lib/neetob/cli/monthly_audit/misc/main.rb

@@ -15,7 +15,7 @@ module Neetob
           def run
             ui.success("# 4. Running miscellaneous checks")
             ui.info "\n"
-            ui.success("## 4.1. [Manual] Checking whether we are using Sparkpost sub-account for all the apps")
+            ui.success("## 4.1. Checking whether we are using Sparkpost sub-account for all the apps")
             SparkpostSubAccountUsedForAllApps.new.run
             ui.info "\n"
             ui.success("## 4.2. Checking whether redirections are set correctly")

data/lib/neetob/cli/monthly_audit/misc/redirections_working_correctly.rb

@@ -1,12 +1,17 @@
 # frozen_string_literal: true
 
+require_relative "../github_issue_creation"
+
 module Neetob
   class CLI
     module MonthlyAudit
       module Misc
         class RedirectionsWorkingCorrectly < CLI::Base
           REDIRECTIONS_LIST = [
-            { source: "https://academy.bigbinary.com", destination: "https://bigbinaryacademy.com" }
+            {
+              source: "https://academy.bigbinary.com", destination: "https://bigbinaryacademy.com",
+              repo: "bigbinary-website"
+            },
           ]
           def initialize
             super()
@@ -19,6 +24,14 @@ module Neetob
               status = check.run ? "Working" : "Not working"
               audit_passed = status == "Working" ? "Yes" : "No"
 
+              if audit_passed == "No"
+                issue_url = GithubIssueCreation.new.create_issue(
+                  repo: redirection[:repo], title: "Fix broken redirection",
+                  description: "Redirection from #{redirection[:source]} to #{redirection[:destination]} is not working."
+                  )
+                audit_passed += " #{issue_url}"
+              end
+
               table_data << [redirection[:source], redirection[:destination], status, audit_passed]
             end
             ui.print_table(table_data)

data/lib/neetob/cli/monthly_audit/misc/sparkpost_sub_account_used_for_all_apps.rb

@@ -12,25 +12,31 @@ module Neetob
           end
 
           def run
-            repo_data = [["App",
-"SPARKPOST_PASSWORD env variable first 4 characters same as corresponding sub-account in Sparkpost dashboard", "Comments", "Audit Passed"]]
-            ui.info "\n"
-            ui.info "#### Please manually check and add Yes/No for all the following checks:"
-            ui.info "- Get the first 4 characters of the SPARKPOST_PASSWORD environment variable for the app"
-            ui.info "- Go to https://app.sparkpost.com/account/api-keys"
-            ui.info "- Match the first 4 characters against the API keys values"
-            ui.info "- Verify that the API key belongs to the subaccount for same app. Accordingly add Yes/No in the 2nd column"
-            ui.info "- Finally, set Audit Passed as Yes only if the last check passed, otherwise set it as No and add a comment in the Comments column"
-            ui.info "\n"
-            NeetoCompliance::NeetoRepos.products.keys.each do |repo|
-              repo_data << (
-                APPS_TO_IGNORE.include?(repo) ?
-                [repo, "No", "App ignored from this check", "Ignored"] :
-                [repo, nil, nil, nil]
-              )
-            end
-            ui.print_table(repo_data)
+            result = run_sparkpost_check
+            formatted_result = extract_json_array_from_output(result)
+            create_issue(formatted_result)
+            ui.print_table(formatted_result)
           end
+
+          private
+
+            def run_sparkpost_check
+              `yarn audit:sparkpost`
+            end
+
+            def create_issue(formatted_result)
+              formatted_result.drop(1).each do |result|
+                repo = result[0]
+                audit_passed = result.last == "Yes"
+                if !audit_passed
+                  comment = result[2]
+                  issue_url = GithubIssueCreation.new.create_issue(
+                    repo:, title: "Fix Sparkpost sub-account",
+                    description: comment)
+                  result[-1] += " #{issue_url}" if issue_url
+                end
+              end
+            end
         end
       end
     end

data/lib/neetob/cli/monthly_audit/perform.rb

@@ -9,20 +9,25 @@ module Neetob
   class CLI
     module MonthlyAudit
       class Perform < CLI::Base
-        attr_accessor :sandbox, :month
+        attr_accessor :sandbox, :month, :skip_issue
 
-        def initialize(month, sandbox = false)
+        def initialize(month, sandbox = false, skip_issue = false)
           super()
           @month = month
           @sandbox = sandbox
+          @skip_issue = skip_issue
         end
 
         def run
+          Thread.current[:month] = month
+          Thread.current[:skip_issue] = skip_issue
           Thread.current[:audit_mode] = true
           markdown_file_name = "audit-report-#{DateTime.now.to_i}.md"
           Thread.current[:markdown_file_name] = markdown_file_name
           ui.success("## Starting the audit for #{month}")
           ui.info "\n"
+          ui.say("## Issue creation is #{skip_issue ? 'disabled' : 'enabled'}")
+          ui.info "\n"
           Security::Main.new.run
           ui.info "\n"
           Databases::Main.new.run

data/lib/neetob/cli/monthly_audit/security/code/active_record_doctor.rb

@@ -16,18 +16,23 @@ module Neetob
               ui.success("### 1.1.4. Checking whether running `rake active_record_doctor` throws any vulnerabilities")
               repo_data = [["Repository", "Issues Found", "Comments", "Audit Passed"]]
               ui.info "\n"
-              NeetoCompliance::NeetoRepos.products.keys.take(5).each do |repo|
+              NeetoCompliance::NeetoRepos.products.keys.each do |repo|
                 ui.info("Checking ActiveRecordDoctor run results for #{repo}", print_to_audit_log: false)
                 active_record_doctor_run_result = Neetob::CLI::Github::ActiveRecordDoctor.new([repo]).run
-
+                audit_passed = "No"
                 if active_record_doctor_run_result.blank?
-                  issues_found = "No"
+                  audit_passed = "Yes"
                   comments = nil
                 else
                   issues_found = "Yes"
-                  comments = "#{active_record_doctor_run_result.lines.first.strip} ..."
+                  preview = active_record_doctor_run_result.lines.first(5).map(&:strip).reject(&:empty?).join("<br>")
+                  comments = "#{preview} ... <br> (run `bundle exec rake active_record_doctor` in #{repo} to see all issues)"
+                  issue_url = GithubIssueCreation.new.create_issue(
+                    repo:, title: "Fix issues reported by active_record_doctor",
+                    description: comments)
+                  audit_passed += " #{issue_url}"
                 end
-                audit_passed = issues_found == "No" ? "Yes" : "No"
+
                 repo_data << [repo, issues_found, comments, audit_passed]
               end
               ui.print_table(repo_data)

data/lib/neetob/cli/monthly_audit/security/code/brakeman.rb

@@ -14,17 +14,25 @@ module Neetob
               ui.success("### 1.1.3. Checking whether running `bundle exec brakeman` throws any vulnerabilities")
               repo_data = [["Repository", "Vulnerabilities Found", "Comments", "Audit Passed"]]
               ui.info "\n"
-              NeetoCompliance::NeetoRepos.products.keys.each do |repo|
+              products_and_nanos_repos(:backend).each do |repo|
                 ui.info("Checking Brakeman run results for #{repo}", print_to_audit_log: false)
                 brakeman_run_result = Neetob::CLI::Github::Brakeman.new([repo]).run
                 vulnerabilities_found = "No"
                 audit_passed = "No"
                 comments = nil
-                if brakeman_run_result && brakeman_run_result.include?("No warnings found")
+                if brakeman_run_result.nil? || brakeman_run_result.include?("No warnings found")
                   audit_passed = "Yes"
                 else
                   vulnerabilities_found = "Yes"
                   comments = brakeman_run_result.gsub("\n", "<br>")
+                  issue_description = comments.split("== Warnings ==").last + " ... <br><br> (run `bundle exec brakeman` in #{repo} to see all issues)"
+                  issue_url = GithubIssueCreation.new.create_issue(
+                    repo:, title: "Fix vulnerabilities reported by Brakeman",
+                    description: issue_description)
+                  audit_passed += " #{issue_url}"
+                end
+                unless comments.nil?
+                  comments = comments.split("<br>").last(7).join("<br>") + " ..."
                 end
                 repo_data << [repo, vulnerabilities_found, comments, audit_passed]
               end

data/lib/neetob/cli/monthly_audit/security/code/bundle_audit.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 require_relative "../../../github/bundle_audit"
-
+require_relative "../../github_issue_creation"
 module Neetob
   class CLI
     module MonthlyAudit
@@ -17,28 +17,41 @@ module Neetob
               repo_data = [["Repository", "Vulnerabilities Found", "Comments", "Audit Passed"]]
               ui.info "\n"
               last_comment = nil
-              NeetoCompliance::NeetoRepos.products.keys.each do |repo|
+              products_and_nanos_repos(:backend).each do |repo|
                 ui.info("Checking bundle audit run results for #{repo}", print_to_audit_log: false)
                 bundle_audit_result = Neetob::CLI::Github::BundleAudit.new([repo]).run
                 vulnerabilities_found = "No"
                 audit_passed = "No"
                 comments = nil
-                if bundle_audit_result && bundle_audit_result.include?("No vulnerabilities found")
+                if bundle_audit_result.nil? || bundle_audit_result.include?("No vulnerabilities found")
                   audit_passed = "Yes"
                 else
-                  vulnerabilities_found = "Yes"
-                  comments = bundle_audit_result.gsub("\n", "<br>").gsub("~", "\\~")
 
+                  vulnerabilities_found = "Yes"
+                  formatted_result = bundle_audit_result.gsub("\n", "<br>").gsub("~", "\\~")
+                  comments = formatted_result.split("<br><br>").first(3).map { |comment| parse_advisory_block(comment) }.join("<br><br>") + " ... <br><br> (run `bundle-audit check` in #{repo} to see all issues)"
+                  issue_url = GithubIssueCreation.new.create_issue(
+                    repo:, title: "Fix vulnerabilities reported by bundle-audit",
+                    description: comments)
+                  audit_passed += " #{issue_url}"
                   same_as_last_vulnerabilities = comments == last_comment
                   last_comment = comments
                   if same_as_last_vulnerabilities
                     comments = "''"
                   end
                 end
-                repo_data << [repo, vulnerabilities_found, comments, audit_passed]
+                table_comments = comments.nil? ? nil : comments.split("<br>").first(3).join("<br>") + " ..."
+                repo_data << [repo, vulnerabilities_found, table_comments, audit_passed]
               end
               ui.print_table(repo_data)
             end
+
+            private
+
+              def parse_advisory_block(block)
+                keys = ["Name:", "Version:", "CVE:", "Title:", "Solution:"]
+                block.split("<br>").select { |line| keys.any? { |key| line.strip.start_with?(key) } }.join("<br>")
+              end
           end
         end
       end

data/lib/neetob/cli/monthly_audit/security/code/checks_for_unused_assets.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require_relative "../../../github/unused_assets_audit"
+require_relative "../../github_issue_creation"
 
 module Neetob
   class CLI
@@ -24,6 +25,10 @@ module Neetob
                   unused_assets_found = "Yes"
                   audit_passed = "No"
                   comments = unused_files.join("<br>")
+                  issue_url = GithubIssueCreation.new.create_issue(
+                    repo:, title: "Remove unused assets",
+                    description: comments)
+                  audit_passed += " #{issue_url}"
                 else
                   unused_assets_found = "No"
                   audit_passed = "Yes"

data/lib/neetob/cli/monthly_audit/security/code/fasterer.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require_relative "../../../github/fasterer_audit"
+require_relative "../../github_issue_creation"
 
 module Neetob
   class CLI
@@ -16,17 +17,24 @@ module Neetob
               ui.success("### 1.1.6. Checking whether running `bundle exec fasterer` give any suggestions")
               repo_data = [["Repository", "Optimizations needed", "Comments", "Audit Passed"]]
               ui.info "\n"
-              NeetoCompliance::NeetoRepos.products.keys.each do |repo|
+              products_and_nanos_repos(:backend).each do |repo|
                 ui.info("Checking Fasterer run results for #{repo}", print_to_audit_log: false)
                 fasterer_exec_result = Neetob::CLI::Github::FastererAudit.new([repo]).run
                 optimizations_needed = "No"
                 audit_passed = "No"
                 comments = nil
-                if fasterer_exec_result.include?("0 offenses detected")
+                if fasterer_exec_result.nil? || fasterer_exec_result.include?("0 offenses detected")
                   audit_passed = "Yes"
                   comments = "Vulnerabilities not detected"
                 else
                   optimizations_needed = "Yes"
+                  comments = strip_ansi_codes(fasterer_exec_result).gsub("\n", "<br>")
+
+                  issue_url = GithubIssueCreation.new.create_issue(
+                    repo:, title: "Fasterer suggestions to improve performance",
+                    description: comments)
+                  audit_passed += " #{issue_url}"
+
                   comments = "Vulnerabilities detected"
                 end
                 repo_data << [repo, optimizations_needed, comments, audit_passed]

data/lib/neetob/cli/monthly_audit/security/code/yarn_audit.rb

@@ -16,7 +16,7 @@ module Neetob
               ui.success("### 1.1.2. Checking whether running `yarn audit` throws any vulnerabilities")
               repo_data = [["Repository", "Vulnerabilities Found", "Comments", "Audit Passed"]]
               ui.info "\n"
-              NeetoCompliance::NeetoRepos.products.keys.each do |repo|
+              products_and_nanos_repos(:frontend).each do |repo|
                 ui.info("Checking yarn audit run results for #{repo}", print_to_audit_log: false)
                 yarn_audit_result = Neetob::CLI::Github::YarnAudit.new([repo]).run
                 vulnerabilities_found = "No"
@@ -31,6 +31,11 @@ line.include?("Severity:") }.first&.strip&.gsub("|", ",")
                   vulnerabilities = yarn_audit_result.split("\n").select { |line|
  line.include?("vulnerabilities found") }.first&.strip
                   comments = "#{vulnerabilities}<br>#{severity}"
+
+                  issue_url = GithubIssueCreation.new.create_issue(
+                    repo:, title: "Yarn audit: High/Critical vulnerabilities found",
+                    description: comments)
+                  audit_passed += " #{issue_url}"
                 end
                 repo_data << [repo, vulnerabilities_found, comments, audit_passed]
               end

data/lib/neetob/cli/monthly_audit/security/github/dependabot_prs_merged.rb

@@ -31,10 +31,30 @@ module Neetob
                 dependabot_prs_older_than_2_days_merged = "No"
                 audit_passed = "No"
                 comments = nil
+                pr_urls = []
+
                 if dependabot_prs_older_than_2_days.empty?
                   audit_passed = dependabot_prs_older_than_2_days_merged = "Yes"
                 else
                   comments = "PRs older than 2 days: #{dependabot_prs_older_than_2_days.map { |pr| pr[:number] }.join(', ')}"
+
+                  # Add comments to each Dependabot PR and collect URLs
+                  pull_requests_client = Neetob::CLI::Github::Repositories::PullRequests.new([repo])
+                  dependabot_prs_older_than_2_days.each do |pr|
+                    comment_body = "⚠️ **Monthly Audit Alert** ⚠️\n\n" \
+                                  "This Dependabot PR has been open for more than 2 days. " \
+                                  "Please review and merge this PR to keep dependencies up to date.\n\n" \
+                                  "*This comment was automatically added by the monthly security audit.*"
+
+                    assignees = [Neetob::CLI::Github::Repositories::TeamLeads.team_lead_for(repo)]
+
+                    pr_url = pull_requests_client.add_comment_to_pr(
+                      prefix_org_name([repo]).first, pr[:number],
+                      comment_body, assignees)
+                    pr_urls << pr_url if pr_url
+                  end
+
+                  audit_passed = "No #{pr_urls.join(', ')}"
                 end
                 repo_data << [repo, dependabot_prs_older_than_2_days_merged, comments, audit_passed]
               end

data/lib/neetob/cli/monthly_audit/security/github/dependabot_turned_on.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require_relative "../../../github/repositories/get_security_details.rb"
+require "json"
 
 module Neetob
   class CLI
@@ -13,29 +14,32 @@ module Neetob
             end
 
             def run
-              ui.success("### 1.2.1. [Manual] Checking whether dependabot is turned on for the repository")
-              ui.info "\n"
-              ui.info "#### Please manually check and add Yes/No for all the following checks on the Honeybadger dashboard for the apps listed in the table below:"
-              ui.info "- Repository > Settings > Code security > Dependabot alerts are enabled"
-              ui.info "- Repository > Settings > Code security > Dependabot security updates are enabled"
-              ui.info "- Repository > Settings > Actions > Dependabot on Actions runners is enabled"
-              ui.info "- Finally, set Audit Passed as Yes only if all the checks are passed for the app, otherwise set it as No, and add a comment in the Comments column"
-              ui.info "\n"
+              ui.success("### 1.2.1. Checking whether dependabot is turned on for the repository")
+              result = run_dependabot_check
+              formatted_result = extract_json_array_from_output(result)
+              create_issue(formatted_result)
+              ui.print_table(formatted_result)
+            end
+
+            private
 
-              repo_data = [[
-                "Repository",
-                "Dependabot alerts enabled",
-                "Dependabot security updates enabled",
-                "Dependabot on Actions runners",
-                "Comments",
-                "Audit Passed"
-                ]
-              ]
-              NeetoCompliance::NeetoRepos.products.keys.each do |repo|
-                repo_data << [repo, nil, nil, nil, nil]
+              def run_dependabot_check
+                `yarn audit:dependabot`
+              end
+
+              def create_issue(formatted_result)
+                formatted_result.drop(1).each do |result|
+                  repo = result[0].split("]")[0].gsub("[", "")
+                  audit_passed = result.last == "Yes"
+                  if !audit_passed
+                    comment = "Dependabot alerts or security updates are not enabled for this repository."
+                    issue_url = GithubIssueCreation.new.create_issue(
+                      repo:, title: "Fix Dependabot settings",
+                      description: comment)
+                    result[-1] += " #{issue_url}" if issue_url
+                  end
+                end
               end
-              ui.print_table(repo_data)
-            end
           end
         end
       end

data/lib/neetob/cli/neeto_deploy/autoscaling_config.rb

@@ -12,7 +12,7 @@ module Neetob
         end
 
         def run
-          result = `neetodeploy autoscaling_config list -a #{app}`
+          result = `bundle exec neetodeploy autoscaling_config list -a #{app}`
           if Thread.current[:audit_mode]
             JSON.parse(result) rescue result
           else

data/lib/neetob/cli/neeto_deploy/certificates.rb

@@ -14,7 +14,7 @@ module Neetob
         end
 
         def run
-          certificates_command_result = `neetodeploy certificates list -a #{app}`
+          certificates_command_result = `bundle exec neetodeploy certificates list -a #{app}`
           parseable_result = certificates_command_result.strip.gsub("=>", ":")
 
           parsed_certificates_result = JSON.parse(parseable_result)

data/lib/neetob/cli/neeto_deploy/commands.rb

@@ -5,6 +5,7 @@ require_relative "config_vars/commands"
 require_relative "./autoscaling_config"
 require_relative "./scheduled_exports"
 require_relative "./certificates"
+require_relative "./unique_email_domains"
 
 module Neetob
   class CLI
@@ -30,6 +31,12 @@ module Neetob
         def certificates
           Certificates.new(options[:app]).run
         end
+
+        desc "unique_email_domains", "Get the unique email domains for an app deployed on NeetoDeploy"
+        option :app, type: :string, aliases: :a, desc: "App name"
+        def unique_email_domains
+          UniqueEmailDomains.new(options[:app]).run
+        end
       end
     end
   end

data/lib/neetob/cli/neeto_deploy/config_vars/list.rb

@@ -20,7 +20,7 @@ module Neetob
             results = []
             matching_apps.each do |app|
               ui.info("\nConfig of #{app}\n") unless Thread.current[:audit_mode]
-              result = `neetodeploy env list -a #{app}`
+              result = `bundle exec neetodeploy env list -a #{app}`
               results << result
               ui.success(result) unless Thread.current[:audit_mode]
             end

data/lib/neetob/cli/neeto_deploy/config_vars/remove.rb

@@ -21,7 +21,7 @@ module Neetob
             matching_apps.each do |app|
               ui.info("\nWorking on #{app}")
               keys.each do |key|
-                ui.info(`neetodeploy env unset #{key} -a #{app}`)
+                ui.info(`bundle exec neetodeploy env unset #{key} -a #{app}`)
               end
             end
           end

data/lib/neetob/cli/neeto_deploy/config_vars/upsert.rb

@@ -48,7 +48,7 @@ required_config_vars_with_project_keys_json_file_path, sandbox = false)
             def upsert_config_variables(app, vars)
               ui.info("\nWorking on #{app}")
               vars.each do |key, val|
-                ui.info(`neetodeploy env set #{key}='#{val}' -a #{app}`)
+                ui.info(`bundle exec neetodeploy env set #{key}='#{val}' -a #{app}`)
               end
             end