Skip to content

Commit

Permalink
Initial commit
Browse files Browse the repository at this point in the history
  • Loading branch information
@kunalnagar
kunalnagar committed Aug 5, 2024
1 parent 308c6db commit 827c7ba
Show file tree
Hide file tree
Showing 9 changed files with 58 additions and 49 deletions.
8 changes: 4 additions & 4 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,10 +37,10 @@ jobs:
# zenduty_api_key: ${{ secrets.ZENDUTY_API_KEY }}
# zenduty_service_id: ${{ secrets.ZENDUTY_SERVICE_ID }}
# zenduty_escalation_policy_id: ${{ secrets.ZENDUTY_ESCALATION_POLICY_ID }}
# email_from: ${{ secrets.EMAIL_FROM }}
# email_list: ${{ secrets.EMAIL_BCC_LIST }}
# email_transport_smtp_user: ${{ secrets.EMAIL_TRANSPORT_SMTP_USER }}
# email_transport_smtp_password: ${{ secrets.EMAIL_TRANSPORT_SMTP_PASSWORD }}
email_from: ${{ secrets.EMAIL_FROM }}
email_list: ${{ secrets.EMAIL_BCC_LIST }}
email_transport_smtp_user: ${{ secrets.EMAIL_TRANSPORT_SMTP_USER }}
email_transport_smtp_password: ${{ secrets.EMAIL_TRANSPORT_SMTP_PASSWORD }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Release (dry-run)
Expand Down
35 changes: 0 additions & 35 deletions src/entities/alert.ts
View file

This file was deleted.

9 changes: 9 additions & 0 deletions src/entities/base-alert/BaseAlert.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
import { Advisory } from '../advisory'
import { Vulnerability } from '../vulnerability'

export interface BaseAlert {
packageName: string
advisory?: Advisory
vulnerability?: Vulnerability
createdAt: string
}
1 change: 1 addition & 0 deletions src/entities/base-alert/index.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
export * from './BaseAlert'
2 changes: 1 addition & 1 deletion src/entities/index.ts
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
export * from './repository'
export * from './advisory'
export * from './alert'
export * from './repository-alert'
export * from './vulnerability'
33 changes: 33 additions & 0 deletions src/entities/repository-alert/RepositoryAlert.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
import { Endpoints } from '@octokit/types'

import { BaseAlert } from '../base-alert'
import { Repository } from '../repository'
import { toAdvisory } from '../advisory'
import { toVulnerability } from '../vulnerability'

export type DependabotRepositoryAlert =
Endpoints['GET /repos/{owner}/{repo}/dependabot/alerts']['response']['data'][0]

export interface RepositoryAlert extends BaseAlert {
repository: Repository
}

export const toRepositoryAlert = (
dependabotRepositoryAlert: DependabotRepositoryAlert,
repositoryName: string,
repositoryOwner: string,
): RepositoryAlert => ({
repository: {
name: repositoryName,
owner: repositoryOwner,
},
packageName:
dependabotRepositoryAlert.security_vulnerability.package.name || '',
advisory: dependabotRepositoryAlert.security_advisory
? toAdvisory(dependabotRepositoryAlert.security_advisory)
: undefined,
vulnerability: dependabotRepositoryAlert.security_vulnerability
? toVulnerability(dependabotRepositoryAlert.security_vulnerability)
: undefined,
createdAt: dependabotRepositoryAlert.created_at,
})
10 changes: 5 additions & 5 deletions src/fetch-alerts.ts → ...pository-alert/fetch-repository-alerts.ts
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
import { Octokit } from '@octokit/rest'

import { Alert, toAlert } from './entities'
import { RepositoryAlert, toRepositoryAlert } from './RepositoryAlert'

export const fetchAlerts = async (
export const fetchRepositoryAlerts = async (
gitHubPersonalAccessToken: string,
repositoryName: string,
repositoryOwner: string,
severity: string,
ecosystem: string,
count: number,
): Promise<Alert[] | []> => {
): Promise<RepositoryAlert[] | []> => {
const octokit = new Octokit({
auth: gitHubPersonalAccessToken,
request: {
Expand All @@ -24,8 +24,8 @@ export const fetchAlerts = async (
ecosystem: ecosystem.length > 0 ? ecosystem : undefined,
per_page: count,
})
const alerts: Alert[] = response.data.map((dependabotAlert) =>
toAlert(dependabotAlert, repositoryName, repositoryOwner),
const alerts: RepositoryAlert[] = response.data.map((dependabotAlert) =>
toRepositoryAlert(dependabotAlert, repositoryName, repositoryOwner),
)
return alerts
}
2 changes: 2 additions & 0 deletions src/entities/repository-alert/index.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
export * from './RepositoryAlert'
export * from './fetch-repository-alerts'
7 changes: 3 additions & 4 deletions src/main.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import {
sendAlertsToEmailSmtp,
validateSlackWebhookUrl,
} from './destinations'
import { fetchAlerts } from './fetch-alerts'
import { fetchRepositoryAlerts } from './entities'

async function run(): Promise<void> {
try {
Expand All @@ -32,9 +32,8 @@ async function run(): Promise<void> {
const count = parseInt(getInput('count'))
const severity = getInput('severity')
const ecosystem = getInput('ecosystem')
const { owner } = context.repo
const { repo } = context.repo
const alerts = await fetchAlerts(
const { owner = 'kunalnagar', repo = 'cve-base' } = context.repo
const alerts = await fetchRepositoryAlerts(
token,
repo,
owner,
Expand Down

0 comments on commit 827c7ba

Please sign in to comment.