@catladder/cli
Version:
Panter cli tool for cloud CI/CD and DevOps
83 lines (82 loc) • 2.83 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", {
value: true
});
exports.commandSecurityAuditCiJob = void 0;
const defineCommand_1 = require("../../core/defineCommand");
const rest_1 = require("@gitbeaker/rest");
const evaluateSecurityAudit_1 = require("../../security/evaluateSecurityAudit");
const createSecurityAuditMergeRequest_1 = require("../../security/createSecurityAuditMergeRequest");
const GITLAB_HOST = "https://git.panter.ch";
exports.commandSecurityAuditCiJob = (0, defineCommand_1.defineCommand)({
name: "security audit ci-job",
description: "Evaluates security audit document. Creates MR with template if missing.",
group: "security",
inputs: {
path: {
type: "string",
message: "path to project root",
positional: true
},
token: {
type: "string",
message: "GitLab token (api scope)",
positional: true
},
mainBranch: {
type: "string",
message: "main branch name",
positional: true
},
projectId: {
type: "string",
message: "GitLab project ID",
positional: true
},
userId: {
type: "string",
message: "GitLab user ID (assignee)",
positional: true
}
},
execute: async ctx => {
const path = await ctx.get("path");
const evaluation = await (0, evaluateSecurityAudit_1.evaluateSecurityAudit)({
path
});
if (evaluation.isErr()) {
ctx.log("could not evaluate security audit document");
ctx.log("creating new merge request with security audit template...");
const token = await ctx.get("token");
const mainBranch = await ctx.get("mainBranch");
const projectId = await ctx.get("projectId");
const userId = await ctx.get("userId");
const api = new rest_1.Gitlab({
host: GITLAB_HOST,
token
});
const mr = await (0, createSecurityAuditMergeRequest_1.createSecurityAuditMergeRequest)({
api,
mainBranch,
projectId,
userId: parseInt(userId)
});
if (mr.isErr()) {
ctx.log(`could not create merge request with security audit template: ${mr.error}`);
process.exitCode = 1;
return;
}
ctx.log("security audit merge request created successfully");
ctx.log(`please finish the MR by updating SECURITY.md document: ${mr.value.web_url}`);
process.exitCode = 1;
return;
}
if (evaluation.value.score.answeredTopics === 0) {
ctx.log("audit document has no answered topics");
ctx.log(`please answer security topics in ${createSecurityAuditMergeRequest_1.SECURITY_AUDIT_FILE_NAME} by adding responsible people and check/cross in the table`);
process.exitCode = 1;
return;
}
ctx.log((0, evaluateSecurityAudit_1.makeSecurityAuditOverview)(evaluation.value));
}
});