lula2 0.0.5 → 0.0.6

package/dist/controls/index.d.ts

@@ -1,18 +0,0 @@
-export declare const controls: {
-    "123e4567-e89b-12d3-a456-426614174001": {
-        id: string;
-        description: string;
-        remarks: string;
-    };
-    "123e4567-e89b-12d3-a456-426614174002": {
-        id: string;
-        description: string;
-        remarks: string;
-    };
-    "123e4567-e89b-12d3-a456-426614174003": {
-        id: string;
-        description: string;
-        remarks: string;
-    };
-};
-//# sourceMappingURL=index.d.ts.map

package/dist/controls/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/controls/index.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,QAAQ;;;;;;;;;;;;;;;;CAgBnB,CAAC"}

package/dist/controls/index.js

@@ -1,18 +0,0 @@
-import { registerControls } from "compliance-reporter";
-export const controls = registerControls({
-    "123e4567-e89b-12d3-a456-426614174001": {
-        id: "AC-1",
-        description: "Restrict Pods running as root",
-        remarks: "This control ensures that no Pods are allowed to run as the root user.",
-    },
-    "123e4567-e89b-12d3-a456-426614174002": {
-        id: "AC-2",
-        description: "Restrict Pods running privileged containers",
-        remarks: "This control ensures that no Pods are allowed to run as privileged containers.",
-    },
-    "123e4567-e89b-12d3-a456-426614174003": {
-        id: "AC-3",
-        description: "Restrict Pods running as root",
-        remarks: "This control ensures that no Pods are allowed to run as the root user.",
-    },
-});

package/dist/crawl.d.ts

@@ -1,62 +0,0 @@
-import { Octokit } from "@octokit/rest";
-import { Command } from "commander";
-/**
- * Get the pull request context from the environment or GitHub event payload.
- *
- * @returns The pull request context containing the owner, repo, and pull number.
- */
-export declare function getPRContext(): {
-    owner: string;
-    repo: string;
-    pull_number: number;
-};
-/**
- * Fetch a raw file from a GitHub repository via the GitHub API.
- *
- * @param params - The parameters.
- * @param params.octokit - An authenticated Octokit instance.
- * @param params.owner - The owner of the repository.
- * @param params.repo - The name of the repository.
- * @param params.path - The path to the file in the repository.
- * @param params.ref - The git reference (branch, tag, or commit SHA).
- * @returns The content of the file as a string.
- */
-export declare function fetchRawFileViaAPI({ octokit, owner, repo, path, ref, }: {
-    octokit: Octokit;
-    owner: string;
-    repo: string;
-    path: string;
-    ref: string;
-}): Promise<string>;
-/**
- * Extracts all @lulaStart and @lulaEnd blocks from the given content.
- *
- * @param content - The content to extract blocks from.
- *
- * @returns An array of objects containing the UUID, start line, and end line of each block.
- */
-export declare function extractMapBlocks(content: string): {
-    uuid: string;
-    startLine: number;
-    endLine: number;
-}[];
-/**
- * Get the changed blocks between two versions of text.
- *
- * @param oldText The original text.
- * @param newText The modified text.
- *
- * @returns An array of objects representing the changed blocks.
- */
-export declare function getChangedBlocks(oldText: string, newText: string): {
-    uuid: string;
-    startLine: number;
-    endLine: number;
-}[];
-/**
- * Defines the "crawl" command for the CLI.
- *
- * @returns The configured Command instance.
- */
-export default function (): Command;
-//# sourceMappingURL=crawl.d.ts.map

package/dist/crawl.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"crawl.d.ts","sourceRoot":"","sources":["../src/crawl.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACxC,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAQpC;;;;GAIG;AACH,wBAAgB,YAAY,IAAI;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAA;CAAE,CAsBnF;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,kBAAkB,CAAC,EACvC,OAAO,EACP,KAAK,EACL,IAAI,EACJ,IAAI,EACJ,GAAG,GACJ,EAAE;IACD,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,MAAM,CAAC;CACb,GAAG,OAAO,CAAC,MAAM,CAAC,CA0BlB;AAED;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG;IACjD,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB,EAAE,CA0BF;AAED;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAC9B,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,GACd;IACD,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB,EAAE,CAkBF;AACD;;;;GAIG;AACH,MAAM,CAAC,OAAO,cAAc,OAAO,CAuDlC"}

package/dist/crawl.js

@@ -1,172 +0,0 @@
-// SPDX-License-Identifier: Apache-2.0
-// SPDX-FileCopyrightText: 2025-Present The Lula2 Authors
-import fs from "fs";
-import { Octokit } from "@octokit/rest";
-import { Command } from "commander";
-import { createHash } from "crypto";
-/**
- * Get the pull request context from the environment or GitHub event payload.
- *
- * @returns The pull request context containing the owner, repo, and pull number.
- */
-export function getPRContext() {
-    const fallbackOwner = process.env.OWNER;
-    const fallbackRepo = process.env.REPO;
-    const fallbackNumber = process.env.PULL_NUMBER;
-    if (process.env.GITHUB_EVENT_PATH && process.env.GITHUB_REPOSITORY) {
-        const event = JSON.parse(fs.readFileSync(process.env.GITHUB_EVENT_PATH, "utf8"));
-        const [owner, repo] = process.env.GITHUB_REPOSITORY.split("/");
-        const pull_number = event.pull_request?.number;
-        if (!pull_number)
-            throw new Error("PR number not found in GitHub event payload.");
-        return { owner, repo, pull_number };
-    }
-    if (!fallbackOwner || !fallbackRepo || !fallbackNumber) {
-        throw new Error("Set OWNER, REPO, and PULL_NUMBER in the environment for local use.");
-    }
-    return {
-        owner: fallbackOwner,
-        repo: fallbackRepo,
-        pull_number: parseInt(fallbackNumber, 10),
-    };
-}
-/**
- * Fetch a raw file from a GitHub repository via the GitHub API.
- *
- * @param params - The parameters.
- * @param params.octokit - An authenticated Octokit instance.
- * @param params.owner - The owner of the repository.
- * @param params.repo - The name of the repository.
- * @param params.path - The path to the file in the repository.
- * @param params.ref - The git reference (branch, tag, or commit SHA).
- * @returns The content of the file as a string.
- */
-export async function fetchRawFileViaAPI({ octokit, owner, repo, path, ref, }) {
-    const res = await octokit.repos.getContent({
-        owner,
-        repo,
-        path,
-        ref,
-        headers: {
-            accept: "application/vnd.github.v3.raw",
-        },
-    });
-    if (typeof res.data === "string") {
-        return res.data;
-    }
-    if (typeof res.data === "object" &&
-        res.data !== null &&
-        "content" in res.data &&
-        typeof res.data.content === "string") {
-        const { content } = res.data;
-        return Buffer.from(content, "base64").toString("utf-8");
-    }
-    throw new Error("Unexpected GitHub API response shape");
-}
-/**
- * Extracts all @lulaStart and @lulaEnd blocks from the given content.
- *
- * @param content - The content to extract blocks from.
- *
- * @returns An array of objects containing the UUID, start line, and end line of each block.
- */
-export function extractMapBlocks(content) {
-    const lines = content.split("\n");
-    const blocks = [];
-    const stack = [];
-    lines.forEach((line, idx) => {
-        const start = line.match(/@lulaStart\s+([a-f0-9-]+)/);
-        const end = line.match(/@lulaEnd\s+([a-f0-9-]+)/);
-        if (start) {
-            stack.push({ uuid: start[1], line: idx });
-        }
-        else if (end) {
-            const last = stack.find(s => s.uuid === end[1]);
-            if (last) {
-                blocks.push({ uuid: last.uuid, startLine: last.line, endLine: idx + 1 });
-                stack.splice(stack.indexOf(last), 1);
-            }
-        }
-    });
-    return blocks;
-}
-/**
- * Get the changed blocks between two versions of text.
- *
- * @param oldText The original text.
- * @param newText The modified text.
- *
- * @returns An array of objects representing the changed blocks.
- */
-export function getChangedBlocks(oldText, newText) {
-    const oldBlocks = extractMapBlocks(oldText);
-    const newBlocks = extractMapBlocks(newText);
-    const changed = [];
-    for (const newBlock of newBlocks) {
-        const oldMatch = oldBlocks.find(b => b.uuid === newBlock.uuid);
-        if (!oldMatch)
-            continue;
-        const oldSegment = oldText.split("\n").slice(oldMatch.startLine, oldMatch.endLine).join("\n");
-        const newSegment = newText.split("\n").slice(newBlock.startLine, newBlock.endLine).join("\n");
-        if (oldSegment !== newSegment) {
-            changed.push(newBlock);
-        }
-    }
-    return changed;
-}
-/**
- * Defines the "crawl" command for the CLI.
- *
- * @returns The configured Command instance.
- */
-export default function () {
-    return new Command()
-        .command("crawl")
-        .description("Detect compliance-related changes between @lulaStart and @lulaEnd in PR files")
-        .action(async () => {
-        const { owner, repo, pull_number } = getPRContext();
-        const octokit = new Octokit({ auth: process.env.GITHUB_TOKEN });
-        const pr = await octokit.pulls.get({ owner, repo, pull_number });
-        const prBranch = pr.data.head.ref;
-        const { data: files } = await octokit.pulls.listFiles({ owner, repo, pull_number });
-        for (const file of files) {
-            if (file.status === "added")
-                continue;
-            try {
-                const [oldText, newText] = await Promise.all([
-                    fetchRawFileViaAPI({ octokit, owner, repo, path: file.filename, ref: "main" }),
-                    fetchRawFileViaAPI({ octokit, owner, repo, path: file.filename, ref: prBranch }),
-                ]);
-                const changedBlocks = getChangedBlocks(oldText, newText);
-                for (const block of changedBlocks) {
-                    const newBlockText = newText
-                        .split("\n")
-                        .slice(block.startLine, block.endLine)
-                        .join("\n");
-                    const blockSha256 = createHash("sha256").update(newBlockText).digest("hex");
-                    const commentBody = `**Compliance Alert**:\`${file.filename}\` changed between lines ${block.startLine + 1}–${block.endLine}.` +
-                        `\nUUID \`${block.uuid}\` may be out of compliance.` +
-                        `\nSHA-256 of block contents: \`${blockSha256}\`.` +
-                        `\n\n Please review the changes to ensure they meet compliance standards.`;
-                    console.log(`Commenting on ${file.filename}: ${commentBody}`);
-                    await octokit.issues.createComment({
-                        owner,
-                        repo,
-                        issue_number: pull_number,
-                        body: commentBody,
-                    });
-                    //   await octokit.pulls.createReview({
-                    //   owner,
-                    //   repo,
-                    //   pull_number,
-                    //   body: commentBody,
-                    //   event: "REQUEST_CHANGES",
-                    // })
-                }
-            }
-            catch (err) {
-                console.error(`Error processing ${file.filename}: ${err}`);
-            }
-        }
-    });
-}

package/dist/index.d.ts

@@ -1,8 +0,0 @@
-#!/usr/bin/env node
-/**
- * Get the current version from package.json
- *
- * @returns The current version
- */
-export declare function getVersion(): any;
-//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAYA;;;;GAIG;AACH,wBAAgB,UAAU,QAKzB"}

package/src/controls/index.ts

@@ -1,19 +0,0 @@
-import { registerControls } from "compliance-reporter";
-
-export const controls = registerControls({
-  "123e4567-e89b-12d3-a456-426614174001": {
-    id: "AC-1",
-    description: "Restrict Pods running as root",
-    remarks: "This control ensures that no Pods are allowed to run as the root user.",
-  },
-  "123e4567-e89b-12d3-a456-426614174002": {
-    id: "AC-2",
-    description: "Restrict Pods running privileged containers",
-    remarks: "This control ensures that no Pods are allowed to run as privileged containers.",
-  },
-  "123e4567-e89b-12d3-a456-426614174003": {
-    id: "AC-3",
-    description: "Restrict Pods running as root",
-    remarks: "This control ensures that no Pods are allowed to run as the root user.",
-  },
-});

package/src/crawl.ts

@@ -1,227 +0,0 @@
-// SPDX-License-Identifier: Apache-2.0
-// SPDX-FileCopyrightText: 2025-Present The Lula2 Authors
-
-import fs from "fs";
-import { Octokit } from "@octokit/rest";
-import { Command } from "commander";
-import { createHash } from "crypto";
-
-type FileContentResponse = {
-  content: string;
-  encoding: "base64" | string;
-};
-
-/**
- * Get the pull request context from the environment or GitHub event payload.
- *
- * @returns The pull request context containing the owner, repo, and pull number.
- */
-export function getPRContext(): { owner: string; repo: string; pull_number: number } {
-  const fallbackOwner = process.env.OWNER;
-  const fallbackRepo = process.env.REPO;
-  const fallbackNumber = process.env.PULL_NUMBER;
-
-  if (process.env.GITHUB_EVENT_PATH && process.env.GITHUB_REPOSITORY) {
-    const event = JSON.parse(fs.readFileSync(process.env.GITHUB_EVENT_PATH, "utf8"));
-    const [owner, repo] = process.env.GITHUB_REPOSITORY.split("/");
-    const pull_number = event.pull_request?.number;
-    if (!pull_number) throw new Error("PR number not found in GitHub event payload.");
-    return { owner, repo, pull_number };
-  }
-
-  if (!fallbackOwner || !fallbackRepo || !fallbackNumber) {
-    throw new Error("Set OWNER, REPO, and PULL_NUMBER in the environment for local use.");
-  }
-
-  return {
-    owner: fallbackOwner,
-    repo: fallbackRepo,
-    pull_number: parseInt(fallbackNumber, 10),
-  };
-}
-
-/**
- * Fetch a raw file from a GitHub repository via the GitHub API.
- *
- * @param params - The parameters.
- * @param params.octokit - An authenticated Octokit instance.
- * @param params.owner - The owner of the repository.
- * @param params.repo - The name of the repository.
- * @param params.path - The path to the file in the repository.
- * @param params.ref - The git reference (branch, tag, or commit SHA).
- * @returns The content of the file as a string.
- */
-export async function fetchRawFileViaAPI({
-  octokit,
-  owner,
-  repo,
-  path,
-  ref,
-}: {
-  octokit: Octokit;
-  owner: string;
-  repo: string;
-  path: string;
-  ref: string;
-}): Promise<string> {
-  const res = await octokit.repos.getContent({
-    owner,
-    repo,
-    path,
-    ref,
-    headers: {
-      accept: "application/vnd.github.v3.raw",
-    },
-  });
-
-  if (typeof res.data === "string") {
-    return res.data;
-  }
-
-  if (
-    typeof res.data === "object" &&
-    res.data !== null &&
-    "content" in res.data &&
-    typeof (res.data as { content: unknown }).content === "string"
-  ) {
-    const { content } = res.data as FileContentResponse;
-    return Buffer.from(content, "base64").toString("utf-8");
-  }
-
-  throw new Error("Unexpected GitHub API response shape");
-}
-
-/**
- * Extracts all @lulaStart and @lulaEnd blocks from the given content.
- *
- * @param content - The content to extract blocks from.
- *
- * @returns An array of objects containing the UUID, start line, and end line of each block.
- */
-export function extractMapBlocks(content: string): {
-  uuid: string;
-  startLine: number;
-  endLine: number;
-}[] {
-  const lines = content.split("\n");
-  interface MapBlock {
-    uuid: string;
-    startLine: number;
-    endLine: number;
-  }
-  const blocks: MapBlock[] = [];
-  const stack: { uuid: string; line: number }[] = [];
-
-  lines.forEach((line, idx) => {
-    const start = line.match(/@lulaStart\s+([a-f0-9-]+)/);
-    const end = line.match(/@lulaEnd\s+([a-f0-9-]+)/);
-
-    if (start) {
-      stack.push({ uuid: start[1], line: idx });
-    } else if (end) {
-      const last = stack.find(s => s.uuid === end[1]);
-      if (last) {
-        blocks.push({ uuid: last.uuid, startLine: last.line, endLine: idx + 1 });
-        stack.splice(stack.indexOf(last), 1);
-      }
-    }
-  });
-
-  return blocks;
-}
-
-/**
- * Get the changed blocks between two versions of text.
- *
- * @param oldText The original text.
- * @param newText The modified text.
- *
- * @returns An array of objects representing the changed blocks.
- */
-export function getChangedBlocks(
-  oldText: string,
-  newText: string,
-): {
-  uuid: string;
-  startLine: number;
-  endLine: number;
-}[] {
-  const oldBlocks = extractMapBlocks(oldText);
-  const newBlocks = extractMapBlocks(newText);
-  const changed = [];
-
-  for (const newBlock of newBlocks) {
-    const oldMatch = oldBlocks.find(b => b.uuid === newBlock.uuid);
-    if (!oldMatch) continue;
-
-    const oldSegment = oldText.split("\n").slice(oldMatch.startLine, oldMatch.endLine).join("\n");
-    const newSegment = newText.split("\n").slice(newBlock.startLine, newBlock.endLine).join("\n");
-
-    if (oldSegment !== newSegment) {
-      changed.push(newBlock);
-    }
-  }
-
-  return changed;
-}
-/**
- * Defines the "crawl" command for the CLI.
- *
- * @returns The configured Command instance.
- */
-export default function (): Command {
-  return new Command()
-    .command("crawl")
-    .description("Detect compliance-related changes between @lulaStart and @lulaEnd in PR files")
-    .action(async () => {
-      const { owner, repo, pull_number } = getPRContext();
-      const octokit = new Octokit({ auth: process.env.GITHUB_TOKEN });
-
-      const pr = await octokit.pulls.get({ owner, repo, pull_number });
-      const prBranch = pr.data.head.ref;
-
-      const { data: files } = await octokit.pulls.listFiles({ owner, repo, pull_number });
-
-      for (const file of files) {
-        if (file.status === "added") continue;
-        try {
-          const [oldText, newText] = await Promise.all([
-            fetchRawFileViaAPI({ octokit, owner, repo, path: file.filename, ref: "main" }),
-            fetchRawFileViaAPI({ octokit, owner, repo, path: file.filename, ref: prBranch }),
-          ]);
-
-          const changedBlocks = getChangedBlocks(oldText, newText);
-
-          for (const block of changedBlocks) {
-            const newBlockText = newText
-              .split("\n")
-              .slice(block.startLine, block.endLine)
-              .join("\n");
-
-            const blockSha256 = createHash("sha256").update(newBlockText).digest("hex");
-            const commentBody =
-              `**Compliance Alert**:\`${file.filename}\` changed between lines ${block.startLine + 1}–${block.endLine}.` +
-              `\nUUID \`${block.uuid}\` may be out of compliance.` +
-              `\nSHA-256 of block contents: \`${blockSha256}\`.` +
-              `\n\n Please review the changes to ensure they meet compliance standards.`;
-            console.log(`Commenting on ${file.filename}: ${commentBody}`);
-            await octokit.issues.createComment({
-              owner,
-              repo,
-              issue_number: pull_number,
-              body: commentBody,
-            });
-            //   await octokit.pulls.createReview({
-            //   owner,
-            //   repo,
-            //   pull_number,
-            //   body: commentBody,
-            //   event: "REQUEST_CHANGES",
-            // })
-          }
-        } catch (err) {
-          console.error(`Error processing ${file.filename}: ${err}`);
-        }
-      }
-    });
-}

package/src/index.ts

@@ -1,46 +0,0 @@
-#!/usr/bin/env node
-
-import { Command } from "commander";
-import crawl from "./crawl.js";
-import fs from "fs";
-import path from "path";
-
-const program = new Command();
-import { fileURLToPath } from "url";
-
-const __dirname = path.dirname(fileURLToPath(import.meta.url));
-
-/**
- * Get the current version from package.json
- *
- * @returns The current version
- */
-export function getVersion() {
-  const pkgPath = path.resolve(__dirname, "../package.json"); // adjust path if index.ts is in src/
-  const packageJson = fs.readFileSync(pkgPath, "utf8");
-  const { version } = JSON.parse(packageJson);
-  return version;
-}
-
-program
-  .name("lula2")
-  .description("Reports and exports compliance status for defined controls")
-  .version(getVersion(), "-v, --version", "output the current version")
-  .option("-c, --config <path>", "path to config file", "compliance.json")
-  .addCommand(crawl())
-  .action(options => {
-    console.log("Checking compliance status...");
-    if (options.config) {
-      console.log(`Using config file: ${options.config}`);
-    } else {
-      console.log("Using default configuration");
-    }
-    console.log("Compliance check completed!");
-  });
-
-program.parse(process.argv);
-
-// If no command is provided, show help
-if (!process.argv.slice(1).length) {
-  program.help();
-}