ninny 0.1.18 → 0.1.19

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ac4912e477ddf25380dd14cbf7dad07184c9b7f002d781e781917112f45cc013
-  data.tar.gz: 6a144e8bd809018812ad9f441aa39db5c7853bb3e0d9224bdc50eef1d6633f78
+  metadata.gz: eb06f88a85ed100c85f035dfd512eab3a653ce976e4fccfcb75972b94b62a941
+  data.tar.gz: 624b6561506f6431afbf5e0b63963c056d028ddfaa4499397a0a943d0cafe221
 SHA512:
-  metadata.gz: 436dd448436ce48fe2658d08b3cc68b1aedbda86796c836131b8f9845af39507ff99c806f276edafeebe57799db7086ff667c17a509466ec83ab38df22d7796a
-  data.tar.gz: dedd4a379d28c591424f2c40e7255d1151a278f9e8d2b1df7269ee5996edeb9d26339bf4f41582907acba0d06733b16b698a12a2364295b237ea33c9e9659273
+  metadata.gz: b984582630919dc9b6ae834d113e3ff3adea6402cacc0051201985021634baf6b7e7aaae0987acd5a03753d29066786fd469356ab4d77f4bdb09deada6aa684c
+  data.tar.gz: 7ca0603113e71a573636d6efe74e9960d8cabbb6cbc43ed9ad25b5bc84c18dcd658098adeee60bd99b5fd81904822049ae647677e76a266fe11bc207f1c7c6a3

data/.github/workflows/gitleaks.toml

@@ -0,0 +1,8 @@
+[allowlist]
+description = 'A list of commits and secrets to skip when scanning for secrets'
+commits = [
+  'ExampleCommit'
+]
+regexes = [
+  'ExampleSecret'
+]

data/.github/workflows/test.yml

@@ -5,6 +5,9 @@ on:
   pull_request:
     branches: [ main ]
 
+env:
+  GITLEAKS_REF: f15b4e408b12fda7e2833f8a32c0d8a045bd48a0
+
 jobs:
   test:
     runs-on: ubuntu-latest
@@ -31,3 +34,32 @@ jobs:
     - uses: HeRoMo/pronto-action@v1.13.0
       with:
         github_token: ${{ secrets.GITHUB_TOKEN }}
+  gitleaks:
+    if: github.EVENT_NAME == 'pull_request'
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+      with:
+        fetch-depth: 0
+    - run: |
+        curl -H "Accept: application/vnd.github.v3.raw" \
+          -L "https://api.github.com/repos/zricethezav/gitleaks/contents/config/gitleaks.toml?ref=${{ env.GITLEAKS_REF }}" \
+          >> ${{ github.WORKSPACE }}/.github/workflows/original.toml
+        sed "/\[allowlist\]/,/^$/d" ${{ github.WORKSPACE }}/.github/workflows/original.toml >> ${{ github.WORKSPACE }}/.github/workflows/official.toml
+        cat .github/workflows/gitleaks.toml >> .github/workflows/official.toml
+        if [[ ${{ github.REF }} == 'refs/heads/main' ]]; then
+          CURRENT_COMMIT="${{ github.SHA }}"
+        else
+          CURRENT_COMMIT="${{ github.EVENT.PULL_REQUEST.HEAD.SHA }}"
+        fi
+        echo "LOG_OPTS='^origin/main $CURRENT_COMMIT'" >> $GITHUB_ENV
+    - name: GitLeaks
+      uses: addnab/docker-run-action@v3
+      with:
+        image: zricethezav/gitleaks:v8.0.4
+        options: -v ${{ github.WORKSPACE }}:/app
+        run: |
+          cd /app
+          gitleaks detect --verbose --source='./' \
+            --config='.github/workflows/official.toml' \
+            --log-opts=${{ env.LOG_OPTS }}

data/lib/ninny/repository/gitlab.rb

@@ -22,7 +22,7 @@ module Ninny
               target_branch: Ninny.project_config.deploy_branch,
               state: 'opened'
             }
-          ).last
+          ).auto_paginate.last
         )
       end
 
@@ -31,7 +31,7 @@ module Ninny
       end
 
       def open_pull_requests
-        gitlab.merge_requests(project_id, { state: 'opened' }).map { |mr| to_pr(mr) }
+        gitlab.merge_requests(project_id, { state: 'opened' }).auto_paginate.map { |mr| to_pr(mr) }
       end
 
       def pull_request(id)

data/lib/ninny/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Ninny
-  VERSION = '0.1.18'
+  VERSION = '0.1.19'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ninny
 version: !ruby/object:Gem::Version
-  version: 0.1.18
+  version: 0.1.19
 platform: ruby
 authors:
 - Dispatch Engineers
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-08-20 00:00:00.000000000 Z
+date: 2021-11-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: git
@@ -272,6 +272,7 @@ extra_rdoc_files: []
 files:
 - ".github/pull_request_template.md"
 - ".github/workflows/build.yml"
+- ".github/workflows/gitleaks.toml"
 - ".github/workflows/scheduled.yml"
 - ".github/workflows/test.yml"
 - ".gitignore"