UNPKG

@catladder/cli

Version:

Panter cli tool for cloud CI/CD and DevOps

83 lines (82 loc) 2.83 kB
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.commandSecurityAuditCiJob = void 0; const defineCommand_1 = require("../../core/defineCommand"); const rest_1 = require("@gitbeaker/rest"); const evaluateSecurityAudit_1 = require("../../security/evaluateSecurityAudit"); const createSecurityAuditMergeRequest_1 = require("../../security/createSecurityAuditMergeRequest"); const GITLAB_HOST = "https://git.panter.ch"; exports.commandSecurityAuditCiJob = (0, defineCommand_1.defineCommand)({ name: "security audit ci-job", description: "Evaluates security audit document. Creates MR with template if missing.", group: "security", inputs: { path: { type: "string", message: "path to project root", positional: true }, token: { type: "string", message: "GitLab token (api scope)", positional: true }, mainBranch: { type: "string", message: "main branch name", positional: true }, projectId: { type: "string", message: "GitLab project ID", positional: true }, userId: { type: "string", message: "GitLab user ID (assignee)", positional: true } }, execute: async ctx => { const path = await ctx.get("path"); const evaluation = await (0, evaluateSecurityAudit_1.evaluateSecurityAudit)({ path }); if (evaluation.isErr()) { ctx.log("could not evaluate security audit document"); ctx.log("creating new merge request with security audit template..."); const token = await ctx.get("token"); const mainBranch = await ctx.get("mainBranch"); const projectId = await ctx.get("projectId"); const userId = await ctx.get("userId"); const api = new rest_1.Gitlab({ host: GITLAB_HOST, token }); const mr = await (0, createSecurityAuditMergeRequest_1.createSecurityAuditMergeRequest)({ api, mainBranch, projectId, userId: parseInt(userId) }); if (mr.isErr()) { ctx.log(`could not create merge request with security audit template: ${mr.error}`); process.exitCode = 1; return; } ctx.log("security audit merge request created successfully"); ctx.log(`please finish the MR by updating SECURITY.md document: ${mr.value.web_url}`); process.exitCode = 1; return; } if (evaluation.value.score.answeredTopics === 0) { ctx.log("audit document has no answered topics"); ctx.log(`please answer security topics in ${createSecurityAuditMergeRequest_1.SECURITY_AUDIT_FILE_NAME} by adding responsible people and check/cross in the table`); process.exitCode = 1; return; } ctx.log((0, evaluateSecurityAudit_1.makeSecurityAuditOverview)(evaluation.value)); } });