quayio-scanner 0.2.1 → 0.3.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +0 -1
  3. data/.rubocop.yml +3 -0
  4. data/.ruby-version +1 -0
  5. data/Gemfile.lock +86 -0
  6. data/README.md +4 -0
  7. data/lib/quayio/scanner/image.rb +1 -1
  8. data/lib/quayio/scanner/repository.rb +8 -8
  9. data/lib/quayio/scanner/version.rb +1 -1
  10. data/quayio-scanner.gemspec +4 -4
  11. metadata +18 -16
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 668671ffe57f1e5b1f27d5d6f6ace098e89f5aeb3dc5999d0f091c8f9fa05bb3
4
- data.tar.gz: 5dd2530e763c2807b2dc36355b4787d201512e3d899924232768cd91653ba3bf
3
+ metadata.gz: 1eacf83494b11fb31f062ba8e916628d2477ba13ec76cc83ef8f98091c2b0313
4
+ data.tar.gz: 3bdf57c972fa6e1aa5e500cc3e887e7f4ea33498644dcd7b8a90ed0e93d9d24a
5
5
  SHA512:
6
- metadata.gz: b55a1e1ad424c964f8a29540317dc6f8107e2dcc5f1b7724a45df76f5a40e87fb6405d0d273f58ea3eec3dd0afe29904dfeb3ef77a65950bc6614bb444389f59
7
- data.tar.gz: 920b574586ed4ac4428076a8593aca5914cefbeb6c7909472517905830e01319a4dca816f9038c12c6bb1a6cfbe926dc1f4d1df8631cba34058a81b9f7d46f1f
6
+ metadata.gz: b7ffabd2e0523bce627fd779519c25828546e6591c6cbdbbc536ffcd783b1898f3c88eab366d84bca14b1ed6b51f62cafd258bad6ab83e1cc5364db22c92c5b5
7
+ data.tar.gz: 4dc30215d24326a4494cc06edd31cfb226682060c819d1d972c5bf114e569ca9978871072ab20382bdc7126d84050e027dd2c2bbe9b8e538546fc2d3b5a36484
data/.gitignore CHANGED
@@ -1,6 +1,5 @@
1
1
  /.bundle/
2
2
  /.yardoc
3
- /Gemfile.lock
4
3
  /_yardoc/
5
4
  /coverage/
6
5
  /doc/
data/.rubocop.yml CHANGED
@@ -1,3 +1,6 @@
1
+ AllCops:
2
+ TargetRubyVersion: 2.3
3
+
1
4
  Style/FrozenStringLiteralComment:
2
5
  Enabled: false
3
6
 
data/.ruby-version ADDED
@@ -0,0 +1 @@
1
+ 2.7.0
data/Gemfile.lock ADDED
@@ -0,0 +1,86 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ quayio-scanner (0.3.0)
5
+ docker-api (~> 1.33)
6
+ rest-client (~> 2.1)
7
+ sensu-plugin (~> 4.0)
8
+
9
+ GEM
10
+ remote: https://rubygems.org/
11
+ specs:
12
+ ast (2.4.2)
13
+ diff-lcs (1.5.0)
14
+ docker-api (1.34.2)
15
+ excon (>= 0.47.0)
16
+ multi_json
17
+ domain_name (0.5.20190701)
18
+ unf (>= 0.0.5, < 1.0.0)
19
+ excon (0.92.1)
20
+ http-accept (1.7.0)
21
+ http-cookie (1.0.4)
22
+ domain_name (~> 0.5)
23
+ json (2.6.1)
24
+ mime-types (3.4.1)
25
+ mime-types-data (~> 3.2015)
26
+ mime-types-data (3.2022.0105)
27
+ mixlib-cli (1.7.0)
28
+ multi_json (1.15.0)
29
+ netrc (0.11.0)
30
+ parallel (1.22.1)
31
+ parser (3.1.1.0)
32
+ ast (~> 2.4.1)
33
+ rainbow (3.1.1)
34
+ rake (10.5.0)
35
+ regexp_parser (2.2.1)
36
+ rest-client (2.1.0)
37
+ http-accept (>= 1.7.0, < 2.0)
38
+ http-cookie (>= 1.0.2, < 2.0)
39
+ mime-types (>= 1.16, < 4.0)
40
+ netrc (~> 0.8)
41
+ rexml (3.2.5)
42
+ rspec (3.11.0)
43
+ rspec-core (~> 3.11.0)
44
+ rspec-expectations (~> 3.11.0)
45
+ rspec-mocks (~> 3.11.0)
46
+ rspec-core (3.11.0)
47
+ rspec-support (~> 3.11.0)
48
+ rspec-expectations (3.11.0)
49
+ diff-lcs (>= 1.2.0, < 2.0)
50
+ rspec-support (~> 3.11.0)
51
+ rspec-mocks (3.11.0)
52
+ diff-lcs (>= 1.2.0, < 2.0)
53
+ rspec-support (~> 3.11.0)
54
+ rspec-support (3.11.0)
55
+ rubocop (0.93.1)
56
+ parallel (~> 1.10)
57
+ parser (>= 2.7.1.5)
58
+ rainbow (>= 2.2.2, < 4.0)
59
+ regexp_parser (>= 1.8)
60
+ rexml
61
+ rubocop-ast (>= 0.6.0)
62
+ ruby-progressbar (~> 1.7)
63
+ unicode-display_width (>= 1.4.0, < 2.0)
64
+ rubocop-ast (1.16.0)
65
+ parser (>= 3.1.1.0)
66
+ ruby-progressbar (1.11.0)
67
+ sensu-plugin (4.0.0)
68
+ json (< 3.0.0)
69
+ mixlib-cli (~> 1.5)
70
+ unf (0.1.4)
71
+ unf_ext
72
+ unf_ext (0.0.8.1)
73
+ unicode-display_width (1.8.0)
74
+
75
+ PLATFORMS
76
+ ruby
77
+
78
+ DEPENDENCIES
79
+ bundler (~> 2.1)
80
+ quayio-scanner!
81
+ rake (~> 10.0)
82
+ rspec (~> 3.7)
83
+ rubocop (~> 0.49)
84
+
85
+ BUNDLED WITH
86
+ 2.2.23
data/README.md CHANGED
@@ -26,3 +26,7 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/abouts
26
26
  ## License
27
27
 
28
28
  The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
29
+
30
+ ## Security
31
+
32
+ * [Snyk](https://app.snyk.io/org/about-source/project/6eb2d381-87e7-49c4-a47f-ccad97f33ae3)
data/lib/quayio/scanner/image.rb CHANGED
@@ -2,7 +2,7 @@ module Quayio
2
2
  module Scanner
3
3
  class Image
4
4
  RELEVANT_SEVERITIES = %w[High Critical].freeze
5
- QUAY_IO_REPO_NAME = %r{quay.io\/(?<org>[\w-]+)\/(?<repo>[\w-]+):(?<tag>[\w\.-]+)}.freeze
5
+ QUAY_IO_REPO_NAME = %r{quay.io\/(?<org>[\w-]+)\/(?<repo>[\w-]+):(?<tag>[\w.-]+)}.freeze
6
6
 
7
7
  attr_reader :name, :whitelist, :repository
8
8
 
data/lib/quayio/scanner/repository.rb CHANGED
@@ -6,19 +6,19 @@ module Quayio
6
6
  Repository = Struct.new(:quayio_token, :org, :repo, :tag) do
7
7
  MAX_ATTEMPTS = 5
8
8
 
9
- def id
10
- @id ||= fetch_id
11
- end
12
-
13
9
  def scan
14
- api_call("/image/#{id}/security?vulnerabilities=true")
10
+ api_call("/manifest/#{manifest_ref}/security?vulnerabilities=true")
15
11
  end
16
12
 
17
13
  private
18
14
 
19
- def fetch_id
20
- result = api_call("/tag/#{tag}/images")
21
- (result['images'].first)['id']
15
+ def manifest_ref
16
+ @manifest_ref ||= fetch_manifest_ref
17
+ end
18
+
19
+ def fetch_manifest_ref
20
+ result = api_call("/tag/?specificTag=#{tag}&onlyActiveTags=1")
21
+ (result['tags'].first)['manifest_digest']
22
22
  end
23
23
 
24
24
  def api_call(uri)
data/lib/quayio/scanner/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Quayio
2
2
  module Scanner
3
- VERSION = '0.2.1'.freeze
3
+ VERSION = '0.3.0'.freeze
4
4
  end
5
5
  end
data/quayio-scanner.gemspec CHANGED
@@ -12,7 +12,7 @@ Gem::Specification.new do |spec|
12
12
  spec.homepage = 'https://github.com/aboutsource/quayio-scanner'
13
13
  spec.license = 'MIT'
14
14
 
15
- spec.required_ruby_version = '>= 2.4.0'
15
+ spec.required_ruby_version = '>= 2.3.0'
16
16
 
17
17
  spec.files = `git ls-files -z`.split("\x0").reject do |f|
18
18
  f.match(%r{^(test|spec|features)/})
@@ -21,9 +21,9 @@ Gem::Specification.new do |spec|
21
21
  spec.require_paths = ['lib']
22
22
 
23
23
  spec.add_dependency 'docker-api', '~> 1.33'
24
- spec.add_dependency 'rest-client', '~> 2.0'
25
- spec.add_dependency 'sensu-plugin', '~> 2.1'
26
- spec.add_development_dependency 'bundler'
24
+ spec.add_dependency 'rest-client', '~> 2.1'
25
+ spec.add_dependency 'sensu-plugin', '~> 4.0'
26
+ spec.add_development_dependency 'bundler', '~> 2.1'
27
27
  spec.add_development_dependency 'rake', '~> 10.0'
28
28
  spec.add_development_dependency 'rspec', '~> 3.7'
29
29
  spec.add_development_dependency 'rubocop', '~> 0.49'
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: quayio-scanner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.1
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Benjamin Meichsner
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-27 00:00:00.000000000 Z
11
+ date: 2022-03-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: docker-api
@@ -30,42 +30,42 @@ dependencies:
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: '2.0'
33
+ version: '2.1'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: '2.0'
40
+ version: '2.1'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: sensu-plugin
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
45
  - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: '2.1'
47
+ version: '4.0'
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: '2.1'
54
+ version: '4.0'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: bundler
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - ">="
59
+ - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: '0'
61
+ version: '2.1'
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
- - - ">="
66
+ - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: '0'
68
+ version: '2.1'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: rake
71
71
  requirement: !ruby/object:Gem::Requirement
@@ -108,7 +108,7 @@ dependencies:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
110
  version: '0.49'
111
- description:
111
+ description:
112
112
  email:
113
113
  - benjamin.meichsner@aboutsource.net
114
114
  executables:
@@ -118,7 +118,9 @@ extra_rdoc_files: []
118
118
  files:
119
119
  - ".gitignore"
120
120
  - ".rubocop.yml"
121
+ - ".ruby-version"
121
122
  - Gemfile
123
+ - Gemfile.lock
122
124
  - LICENSE.txt
123
125
  - README.md
124
126
  - Rakefile
@@ -133,7 +135,7 @@ homepage: https://github.com/aboutsource/quayio-scanner
133
135
  licenses:
134
136
  - MIT
135
137
  metadata: {}
136
- post_install_message:
138
+ post_install_message:
137
139
  rdoc_options: []
138
140
  require_paths:
139
141
  - lib
@@ -141,15 +143,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
141
143
  requirements:
142
144
  - - ">="
143
145
  - !ruby/object:Gem::Version
144
- version: 2.4.0
146
+ version: 2.3.0
145
147
  required_rubygems_version: !ruby/object:Gem::Requirement
146
148
  requirements:
147
149
  - - ">="
148
150
  - !ruby/object:Gem::Version
149
151
  version: '0'
150
152
  requirements: []
151
- rubygems_version: 3.1.4
152
- signing_key:
153
+ rubygems_version: 3.1.2
154
+ signing_key:
153
155
  specification_version: 4
154
156
  summary: Scan quay.io for vulnerabilties in running docker containers.
155
157
  test_files: []