From 3775fbf6adcf6894b04b6806e50629775d389844 Mon Sep 17 00:00:00 2001 From: Zachary Sanders Date: Thu, 3 Jun 2021 07:45:49 -0600 Subject: [PATCH] change back to debug for yaml load --- dist/manager/ironbank/extract.js | 2 +- dist/manager/ironbank/extract.js.map | 2 +- lib/manager/ironbank/extract.ts | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/dist/manager/ironbank/extract.js b/dist/manager/ironbank/extract.js index ffb5e3f..5c63efa 100644 --- a/dist/manager/ironbank/extract.js +++ b/dist/manager/ironbank/extract.js @@ -80,7 +80,7 @@ function extractPackageFile(content) { manifest = js_yaml_1.default.load(content, { json: true }); } catch (err) { - logger_1.logger.error('Failed to parse hardening_manifest.yaml'); + logger_1.logger.debug('Failed to parse hardening_manifest.yaml'); return null; } if (!(manifest && is_1.default.array(manifest.resources))) { diff --git a/dist/manager/ironbank/extract.js.map b/dist/manager/ironbank/extract.js.map index 8e0c74b..ee38c11 100644 --- a/dist/manager/ironbank/extract.js.map +++ b/dist/manager/ironbank/extract.js.map @@ -1 +1 @@ -{"version":3,"file":"extract.js","sourceRoot":"","sources":["../../../lib/manager/ironbank/extract.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6BAAsC;AACtC,0DAAkC;AAClC,sDAA2B;AAC3B,0EAA4D;AAC5D,2FAA6E;AAC7E,mFAAqE;AACrE,sEAAwD;AACxD,sEAAwD;AACxD,8EAAgE;AAChE,yCAAsC;AACtC,0EAA4D;AAuD5D,SAAS,eAAe,CAAC,UAAkB,EAAE,GAAW;IACtD,IAAI,UAAU,KAAK,eAAe,EAAE;QAClC,OAAO,oBAAoB,CAAC,EAAE,CAAC;KAChC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE;QAC3B,OAAO,oBAAoB,CAAC,EAAE,CAAC;KAChC;IAED,OAAO,wBAAwB,CAAC,EAAE,CAAC;AACrC,CAAC;AAED,SAAS,QAAQ,CAAC,SAAiB;IACjC,qBAAqB;IACrB,IAAI,CAAC,SAAS,EAAE;QACd,OAAO,IAAI,CAAC;KACb;IACD,MAAM,GAAG,GAAG,WAAM,CAAC,SAAS,CAAC,CAAC;IAC9B,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE;QAC7B,OAAO,IAAI,CAAC;KACb;IACD,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACrC,IAAI,YAAY,GAAW,IAAI,CAAC;IAChC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;QACpD,YAAY,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;KACxB;IACD,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE;QACzB,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,MAAM,EAAE;YACtB,YAAY,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAA;SACjD;aAAM;YACL,YAAY,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;SAClD;KACF;IACD,IAAI,YAAY,EAAE;QAChB,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC;KAC/B;IACD,uBAAuB;IACvB,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAgB,kBAAkB,CAAC,OAAe;IAChD,MAAM,IAAI,GAAwB,EAAE,CAAC;IACrC,8BAA8B;IAE9B,IAAI,QAA2B,CAAC;IAEhC,IAAI;QACF,QAAQ,GAAG,iBAAI,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAC,CAAuB,CAAA;KACnE;IAAC,OAAO,GAAG,EAAE;QACZ,eAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC;KACb;IAED,IAAI,CAAC,CAAC,QAAQ,IAAI,YAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE;QAC/C,eAAM,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAC5D,OAAO,IAAI,CAAC;KACb;IAED,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,SAAS,EAAE;QACrC,MAAM,GAAG,GAAsB,EAAE,WAAW,EAAE,EAAE,IAAI,EAAE,EAAE,CAAC;QACzD,IAAI,IAAI,CAAC,GAAG,EAAE;YACZ,SAAS;YACT,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE;gBACpC,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC7C,MAAM,CAAC,UAAU,EAAE,YAAY,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACvD,GAAG,CAAC,OAAO,GAAG,iBAAiB,CAAC;gBAChC,GAAG,CAAC,OAAO,GAAG,UAAU,CAAC;gBACzB,GAAG,CAAC,UAAU,GAAG,gBAAgB,CAAC,EAAE,CAAC;gBACrC,GAAG,CAAC,UAAU,GAAG,gBAAgB,CAAC,EAAE,CAAC;gBACrC,GAAG,CAAC,UAAU,GAAG,UAAU,CAAC;gBAC5B,GAAG,CAAC,aAAa,GAAG,aAAa,CAAC;gBAClC,GAAG,CAAC,YAAY,GAAG,YAAY,CAAC;gBAChC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;aAChB;YACD,kBAAkB;iBACb,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,oBAAoB,CAAC,EAAE;gBAClD,MAAM,SAAS,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrC,GAAG,CAAC,OAAO,GAAG,iBAAiB,CAAC;gBAChC,GAAG,CAAC,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC;gBAC7B,GAAG,CAAC,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC;gBAC1B,GAAG,CAAC,YAAY,GAAG,SAAS,CAAC,YAAY,CAAC;gBAC1C,GAAG,CAAC,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrD,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC,IAAI,CAAC;gBAC1B,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;aAChB;YACD,OAAO;iBACF,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE;gBACvC,MAAM,KAAK,GAAG,IAAI,MAAM,CACtB,uEAAuE,CACxE,CAAC;gBACF,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;gBAC3C,IAAI,CAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,WAAW,KAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,YAAY,EAAE;oBACnE,eAAM,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;oBAChC,GAAG,CAAC,OAAO,GAAG,eAAe,CAAC;oBAC9B,GAAG,CAAC,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC;oBACxB,GAAG,CAAC,UAAU,GAAG,cAAc,CAAC,EAAE,CAAC;oBACnC,GAAG,CAAC,YAAY,GAAG;wBACjB,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE;qBACrD,CAAC;oBACF,GAAG,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;oBACnC,GAAG,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;oBACvC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;iBAChB;aACF;YACD,WAAW;iBACN,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,sBAAsB,CAAC,EAAE;gBACpD,MAAM,KAAK,GAAG,IAAI,MAAM,CACtB,8EAA8E,CAC/E,CAAC;gBACF,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;gBAC3C,IAAI,CAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,WAAW,KAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,YAAY,EAAE;oBACnE,GAAG,CAAC,OAAO,GAAG,mBAAmB,CAAC;oBAClC,GAAG,CAAC,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC;oBAChC,GAAG,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;oBACnC,GAAG,CAAC,UAAU,GAAG,kBAAkB,CAAC,EAAE,CAAC;oBACvC,GAAG,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;oBACvC,GAAG,CAAC,YAAY,GAAG;wBACjB,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE;qBACrD,CAAC;oBACF,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;iBAChB;aACF;iBAAM,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,gCAAgC,CAAC,EAAE;gBAChE,MAAM,KAAK,GAAG,IAAI,MAAM,CACtB,0EAA0E,CAC3E,CAAC;gBACF,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;gBAE1C,IAAI,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,OAAO,EAAE;oBACrC,GAAG,CAAC,OAAO,GAAG,eAAe,CAAC;oBAC9B,GAAG,CAAC,aAAa,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC;oBAC1C,GAAG,CAAC,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC;oBACjC,GAAG,CAAC,OAAO,GAAG,KAAK,CAAC,UAAU,CAAC;oBAC/B,GAAG,CAAC,UAAU,GAAG,cAAc,CAAC,EAAE,CAAC;oBACnC,GAAG,CAAC,UAAU,GAAG,KAAK,CAAC,UAAU,CAAC;oBAElC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;iBAChB;aACF;SACF;KACF;IAGD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;QAChB,OAAO,IAAI,CAAC;KACb;IACD,OAAO,EAAE,IAAI,EAAE,CAAC;AAClB,CAAC;AA1GD,gDA0GC","sourcesContent":["import { parse as _parse } from 'url';\nimport is from '@sindresorhus/is';\nimport yaml from 'js-yaml';\nimport * as datasourceDocker from '../../datasource/docker';\nimport * as datasourceGithubReleases from '../../datasource/github-releases';\nimport * as datasourceGithubTags from '../../datasource/github-tags';\nimport * as datasourceHelm from '../../datasource/helm';\nimport * as datasourcePypi from '../../datasource/pypi';\nimport * as datasourceRubyGems from '../../datasource/rubygems';\nimport { logger } from '../../logger';\nimport * as dockerVersioning from '../../versioning/docker';\nimport { PackageDependency, PackageFile } from '../types';\n\nexport interface HardeningManifest {\n apiVersion: string;\n name: string;\n tags: string[];\n args: Args;\n labels: Labels;\n resources: Resource[];\n maintainers: Maintainer[];\n}\n\nexport interface Args {\n BASE_IMAGE: string;\n BASE_TAG: string;\n}\n\nexport interface Labels {\n 'org.opencontainers.image.title': string;\n 'org.opencontainers.image.description': string;\n 'org.opencontainers.image.licenses': string;\n 'org.opencontainers.image.url': string;\n 'org.opencontainers.image.vendor': string;\n 'org.opencontainers.image.version': string;\n 'mil.dso.ironbank.image.keywords': string;\n 'mil.dso.ironbank.image.type': string;\n 'mil.dso.ironbank.product.name': string;\n}\n\nexport interface Maintainer {\n name: string;\n username: string;\n email: string;\n cht_member: boolean;\n}\n\nexport interface Resource {\n tag?: string;\n url: string;\n name?: string;\n filename?: string;\n validation?: Validation;\n}\n\nexport interface Validation {\n type: string;\n value: string;\n}\n\ninterface UrlParsedResult {\n repo: string;\n currentValue: string;\n}\n\nfunction getDatasourceId(lookupName: string, url: string): string {\n if (lookupName === 'antirez/redis') {\n return datasourceGithubTags.id;\n }\n if (url.includes('archive')) {\n return datasourceGithubTags.id;\n }\n\n return datasourceGithubReleases.id;\n}\n\nfunction parseUrl(urlString: string): UrlParsedResult | null {\n // istanbul ignore if\n if (!urlString) {\n return null;\n }\n const url = _parse(urlString);\n if (url.host !== 'github.com') {\n return null;\n }\n const path = url.path.split('/').slice(1);\n const repo = path[0] + '/' + path[1];\n let currentValue: string = null;\n if (path[2] === 'releases' && path[3] === 'download') {\n currentValue = path[4];\n }\n if (path[2] === 'archive') {\n if (path[3] === 'refs') {\n currentValue = path[5].replace(/\\.tar\\.gz$/, '')\n } else {\n currentValue = path[3].replace(/\\.tar\\.gz$/, '');\n }\n }\n if (currentValue) {\n return { repo, currentValue };\n }\n // istanbul ignore next\n return null;\n}\n\nexport function extractPackageFile(content: string): PackageFile {\n const deps: PackageDependency[] = [];\n // let man: HardeningManifest;\n\n let manifest: HardeningManifest;\n\n try {\n manifest = yaml.load(content, { json: true} ) as HardeningManifest\n } catch (err) {\n logger.error('Failed to parse hardening_manifest.yaml');\n return null;\n }\n\n if (!(manifest && is.array(manifest.resources))) {\n logger.debug('hardening_manifest.yaml has no dependencies');\n return null;\n }\n\n for (const item of manifest.resources) {\n const dep: PackageDependency = { managerData: { item } };\n if (item.url) {\n // docker\n if (item.url.startsWith('docker://')) {\n const currentDigest = item.url.split('@')[1];\n const [lookupName, currentValue] = item.tag.split(':');\n dep.depType = 'ironbank-docker';\n dep.depName = lookupName;\n dep.datasource = datasourceDocker.id;\n dep.versioning = dockerVersioning.id;\n dep.lookupName = lookupName;\n dep.currentDigest = currentDigest;\n dep.currentValue = currentValue;\n deps.push(dep);\n }\n // github-releases\n else if (item.url.startsWith('https://github.com')) {\n const parsedUrl = parseUrl(item.url);\n dep.depType = 'ironbank-github';\n dep.depName = parsedUrl.repo;\n dep.repo = parsedUrl.repo;\n dep.currentValue = parsedUrl.currentValue;\n dep.datasource = getDatasourceId(dep.repo, item.url);\n dep.lookupName = dep.repo;\n deps.push(dep);\n }\n // helm\n else if (item.url.startsWith('helm://')) {\n const regex = new RegExp(\n 'helm://(?.*/)(?.*?)-(?.*?).tgz'\n );\n const groups = regex.exec(item.url).groups;\n if (groups?.registryUrl && groups.lookupName && groups.currentValue) {\n logger.info(groups.registryUrl);\n dep.depType = 'ironbank-helm';\n dep.depName = item.name;\n dep.datasource = datasourceHelm.id;\n dep.registryUrls = [\n `${String('https://')}${String(groups.registryUrl)}`,\n ];\n dep.lookupName = groups.lookupName;\n dep.currentValue = groups.currentValue;\n deps.push(dep);\n }\n }\n // rubygems\n else if (item.url.startsWith('https://rubygems.org')) {\n const regex = new RegExp(\n 'https://(?.*)/(.*/)(?.*-?)-(?.*?).gem'\n );\n const groups = regex.exec(item.url).groups;\n if (groups?.registryUrl && groups.lookupName && groups.currentValue) {\n dep.depType = 'ironbank-rubygems';\n dep.depName = groups.lookupName;\n dep.lookupName = groups.lookupName;\n dep.datasource = datasourceRubyGems.id;\n dep.currentValue = groups.currentValue;\n dep.registryUrls = [\n `${String('https://')}${String(groups.registryUrl)}`,\n ];\n deps.push(dep);\n }\n } else if (item.url.startsWith('https://files.pythonhosted.org')) {\n const regex = new RegExp(\n 'https://(.*)/(.*)/(.*)/(.*)/(.*)/(?.*?)-(?.*?)-(.*)'\n );\n const group = regex.exec(item.url).groups;\n\n if (group.lookupName && group.version) {\n dep.depType = 'ironbank-pypi';\n dep.currentDigest = item.validation.value;\n dep.currentValue = group.version;\n dep.depName = group.lookupName;\n dep.datasource = datasourcePypi.id;\n dep.lookupName = group.lookupName;\n\n deps.push(dep);\n }\n }\n }\n }\n\n\n if (!deps.length) {\n return null;\n }\n return { deps };\n}\n"]} \ No newline at end of file +{"version":3,"file":"extract.js","sourceRoot":"","sources":["../../../lib/manager/ironbank/extract.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6BAAsC;AACtC,0DAAkC;AAClC,sDAA2B;AAC3B,0EAA4D;AAC5D,2FAA6E;AAC7E,mFAAqE;AACrE,sEAAwD;AACxD,sEAAwD;AACxD,8EAAgE;AAChE,yCAAsC;AACtC,0EAA4D;AAuD5D,SAAS,eAAe,CAAC,UAAkB,EAAE,GAAW;IACtD,IAAI,UAAU,KAAK,eAAe,EAAE;QAClC,OAAO,oBAAoB,CAAC,EAAE,CAAC;KAChC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE;QAC3B,OAAO,oBAAoB,CAAC,EAAE,CAAC;KAChC;IAED,OAAO,wBAAwB,CAAC,EAAE,CAAC;AACrC,CAAC;AAED,SAAS,QAAQ,CAAC,SAAiB;IACjC,qBAAqB;IACrB,IAAI,CAAC,SAAS,EAAE;QACd,OAAO,IAAI,CAAC;KACb;IACD,MAAM,GAAG,GAAG,WAAM,CAAC,SAAS,CAAC,CAAC;IAC9B,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE;QAC7B,OAAO,IAAI,CAAC;KACb;IACD,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACrC,IAAI,YAAY,GAAW,IAAI,CAAC;IAChC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE;QACpD,YAAY,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;KACxB;IACD,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,SAAS,EAAE;QACzB,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,MAAM,EAAE;YACtB,YAAY,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAA;SACjD;aAAM;YACL,YAAY,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;SAClD;KACF;IACD,IAAI,YAAY,EAAE;QAChB,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC;KAC/B;IACD,uBAAuB;IACvB,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAgB,kBAAkB,CAAC,OAAe;IAChD,MAAM,IAAI,GAAwB,EAAE,CAAC;IACrC,8BAA8B;IAE9B,IAAI,QAA2B,CAAC;IAEhC,IAAI;QACF,QAAQ,GAAG,iBAAI,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAC,CAAuB,CAAA;KACnE;IAAC,OAAO,GAAG,EAAE;QACZ,eAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC;KACb;IAED,IAAI,CAAC,CAAC,QAAQ,IAAI,YAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE;QAC/C,eAAM,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAC5D,OAAO,IAAI,CAAC;KACb;IAED,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,SAAS,EAAE;QACrC,MAAM,GAAG,GAAsB,EAAE,WAAW,EAAE,EAAE,IAAI,EAAE,EAAE,CAAC;QACzD,IAAI,IAAI,CAAC,GAAG,EAAE;YACZ,SAAS;YACT,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE;gBACpC,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC7C,MAAM,CAAC,UAAU,EAAE,YAAY,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACvD,GAAG,CAAC,OAAO,GAAG,iBAAiB,CAAC;gBAChC,GAAG,CAAC,OAAO,GAAG,UAAU,CAAC;gBACzB,GAAG,CAAC,UAAU,GAAG,gBAAgB,CAAC,EAAE,CAAC;gBACrC,GAAG,CAAC,UAAU,GAAG,gBAAgB,CAAC,EAAE,CAAC;gBACrC,GAAG,CAAC,UAAU,GAAG,UAAU,CAAC;gBAC5B,GAAG,CAAC,aAAa,GAAG,aAAa,CAAC;gBAClC,GAAG,CAAC,YAAY,GAAG,YAAY,CAAC;gBAChC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;aAChB;YACD,kBAAkB;iBACb,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,oBAAoB,CAAC,EAAE;gBAClD,MAAM,SAAS,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrC,GAAG,CAAC,OAAO,GAAG,iBAAiB,CAAC;gBAChC,GAAG,CAAC,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC;gBAC7B,GAAG,CAAC,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC;gBAC1B,GAAG,CAAC,YAAY,GAAG,SAAS,CAAC,YAAY,CAAC;gBAC1C,GAAG,CAAC,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrD,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC,IAAI,CAAC;gBAC1B,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;aAChB;YACD,OAAO;iBACF,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE;gBACvC,MAAM,KAAK,GAAG,IAAI,MAAM,CACtB,uEAAuE,CACxE,CAAC;gBACF,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;gBAC3C,IAAI,CAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,WAAW,KAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,YAAY,EAAE;oBACnE,eAAM,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;oBAChC,GAAG,CAAC,OAAO,GAAG,eAAe,CAAC;oBAC9B,GAAG,CAAC,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC;oBACxB,GAAG,CAAC,UAAU,GAAG,cAAc,CAAC,EAAE,CAAC;oBACnC,GAAG,CAAC,YAAY,GAAG;wBACjB,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE;qBACrD,CAAC;oBACF,GAAG,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;oBACnC,GAAG,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;oBACvC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;iBAChB;aACF;YACD,WAAW;iBACN,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,sBAAsB,CAAC,EAAE;gBACpD,MAAM,KAAK,GAAG,IAAI,MAAM,CACtB,8EAA8E,CAC/E,CAAC;gBACF,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;gBAC3C,IAAI,CAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,WAAW,KAAI,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,YAAY,EAAE;oBACnE,GAAG,CAAC,OAAO,GAAG,mBAAmB,CAAC;oBAClC,GAAG,CAAC,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC;oBAChC,GAAG,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;oBACnC,GAAG,CAAC,UAAU,GAAG,kBAAkB,CAAC,EAAE,CAAC;oBACvC,GAAG,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;oBACvC,GAAG,CAAC,YAAY,GAAG;wBACjB,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE;qBACrD,CAAC;oBACF,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;iBAChB;aACF;iBAAM,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,gCAAgC,CAAC,EAAE;gBAChE,MAAM,KAAK,GAAG,IAAI,MAAM,CACtB,0EAA0E,CAC3E,CAAC;gBACF,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;gBAE1C,IAAI,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,OAAO,EAAE;oBACrC,GAAG,CAAC,OAAO,GAAG,eAAe,CAAC;oBAC9B,GAAG,CAAC,aAAa,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC;oBAC1C,GAAG,CAAC,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC;oBACjC,GAAG,CAAC,OAAO,GAAG,KAAK,CAAC,UAAU,CAAC;oBAC/B,GAAG,CAAC,UAAU,GAAG,cAAc,CAAC,EAAE,CAAC;oBACnC,GAAG,CAAC,UAAU,GAAG,KAAK,CAAC,UAAU,CAAC;oBAElC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;iBAChB;aACF;SACF;KACF;IAGD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;QAChB,OAAO,IAAI,CAAC;KACb;IACD,OAAO,EAAE,IAAI,EAAE,CAAC;AAClB,CAAC;AA1GD,gDA0GC","sourcesContent":["import { parse as _parse } from 'url';\nimport is from '@sindresorhus/is';\nimport yaml from 'js-yaml';\nimport * as datasourceDocker from '../../datasource/docker';\nimport * as datasourceGithubReleases from '../../datasource/github-releases';\nimport * as datasourceGithubTags from '../../datasource/github-tags';\nimport * as datasourceHelm from '../../datasource/helm';\nimport * as datasourcePypi from '../../datasource/pypi';\nimport * as datasourceRubyGems from '../../datasource/rubygems';\nimport { logger } from '../../logger';\nimport * as dockerVersioning from '../../versioning/docker';\nimport { PackageDependency, PackageFile } from '../types';\n\nexport interface HardeningManifest {\n apiVersion: string;\n name: string;\n tags: string[];\n args: Args;\n labels: Labels;\n resources: Resource[];\n maintainers: Maintainer[];\n}\n\nexport interface Args {\n BASE_IMAGE: string;\n BASE_TAG: string;\n}\n\nexport interface Labels {\n 'org.opencontainers.image.title': string;\n 'org.opencontainers.image.description': string;\n 'org.opencontainers.image.licenses': string;\n 'org.opencontainers.image.url': string;\n 'org.opencontainers.image.vendor': string;\n 'org.opencontainers.image.version': string;\n 'mil.dso.ironbank.image.keywords': string;\n 'mil.dso.ironbank.image.type': string;\n 'mil.dso.ironbank.product.name': string;\n}\n\nexport interface Maintainer {\n name: string;\n username: string;\n email: string;\n cht_member: boolean;\n}\n\nexport interface Resource {\n tag?: string;\n url: string;\n name?: string;\n filename?: string;\n validation?: Validation;\n}\n\nexport interface Validation {\n type: string;\n value: string;\n}\n\ninterface UrlParsedResult {\n repo: string;\n currentValue: string;\n}\n\nfunction getDatasourceId(lookupName: string, url: string): string {\n if (lookupName === 'antirez/redis') {\n return datasourceGithubTags.id;\n }\n if (url.includes('archive')) {\n return datasourceGithubTags.id;\n }\n\n return datasourceGithubReleases.id;\n}\n\nfunction parseUrl(urlString: string): UrlParsedResult | null {\n // istanbul ignore if\n if (!urlString) {\n return null;\n }\n const url = _parse(urlString);\n if (url.host !== 'github.com') {\n return null;\n }\n const path = url.path.split('/').slice(1);\n const repo = path[0] + '/' + path[1];\n let currentValue: string = null;\n if (path[2] === 'releases' && path[3] === 'download') {\n currentValue = path[4];\n }\n if (path[2] === 'archive') {\n if (path[3] === 'refs') {\n currentValue = path[5].replace(/\\.tar\\.gz$/, '')\n } else {\n currentValue = path[3].replace(/\\.tar\\.gz$/, '');\n }\n }\n if (currentValue) {\n return { repo, currentValue };\n }\n // istanbul ignore next\n return null;\n}\n\nexport function extractPackageFile(content: string): PackageFile {\n const deps: PackageDependency[] = [];\n // let man: HardeningManifest;\n\n let manifest: HardeningManifest;\n\n try {\n manifest = yaml.load(content, { json: true} ) as HardeningManifest\n } catch (err) {\n logger.debug('Failed to parse hardening_manifest.yaml');\n return null;\n }\n\n if (!(manifest && is.array(manifest.resources))) {\n logger.debug('hardening_manifest.yaml has no dependencies');\n return null;\n }\n\n for (const item of manifest.resources) {\n const dep: PackageDependency = { managerData: { item } };\n if (item.url) {\n // docker\n if (item.url.startsWith('docker://')) {\n const currentDigest = item.url.split('@')[1];\n const [lookupName, currentValue] = item.tag.split(':');\n dep.depType = 'ironbank-docker';\n dep.depName = lookupName;\n dep.datasource = datasourceDocker.id;\n dep.versioning = dockerVersioning.id;\n dep.lookupName = lookupName;\n dep.currentDigest = currentDigest;\n dep.currentValue = currentValue;\n deps.push(dep);\n }\n // github-releases\n else if (item.url.startsWith('https://github.com')) {\n const parsedUrl = parseUrl(item.url);\n dep.depType = 'ironbank-github';\n dep.depName = parsedUrl.repo;\n dep.repo = parsedUrl.repo;\n dep.currentValue = parsedUrl.currentValue;\n dep.datasource = getDatasourceId(dep.repo, item.url);\n dep.lookupName = dep.repo;\n deps.push(dep);\n }\n // helm\n else if (item.url.startsWith('helm://')) {\n const regex = new RegExp(\n 'helm://(?.*/)(?.*?)-(?.*?).tgz'\n );\n const groups = regex.exec(item.url).groups;\n if (groups?.registryUrl && groups.lookupName && groups.currentValue) {\n logger.info(groups.registryUrl);\n dep.depType = 'ironbank-helm';\n dep.depName = item.name;\n dep.datasource = datasourceHelm.id;\n dep.registryUrls = [\n `${String('https://')}${String(groups.registryUrl)}`,\n ];\n dep.lookupName = groups.lookupName;\n dep.currentValue = groups.currentValue;\n deps.push(dep);\n }\n }\n // rubygems\n else if (item.url.startsWith('https://rubygems.org')) {\n const regex = new RegExp(\n 'https://(?.*)/(.*/)(?.*-?)-(?.*?).gem'\n );\n const groups = regex.exec(item.url).groups;\n if (groups?.registryUrl && groups.lookupName && groups.currentValue) {\n dep.depType = 'ironbank-rubygems';\n dep.depName = groups.lookupName;\n dep.lookupName = groups.lookupName;\n dep.datasource = datasourceRubyGems.id;\n dep.currentValue = groups.currentValue;\n dep.registryUrls = [\n `${String('https://')}${String(groups.registryUrl)}`,\n ];\n deps.push(dep);\n }\n } else if (item.url.startsWith('https://files.pythonhosted.org')) {\n const regex = new RegExp(\n 'https://(.*)/(.*)/(.*)/(.*)/(.*)/(?.*?)-(?.*?)-(.*)'\n );\n const group = regex.exec(item.url).groups;\n\n if (group.lookupName && group.version) {\n dep.depType = 'ironbank-pypi';\n dep.currentDigest = item.validation.value;\n dep.currentValue = group.version;\n dep.depName = group.lookupName;\n dep.datasource = datasourcePypi.id;\n dep.lookupName = group.lookupName;\n\n deps.push(dep);\n }\n }\n }\n }\n\n\n if (!deps.length) {\n return null;\n }\n return { deps };\n}\n"]} \ No newline at end of file diff --git a/lib/manager/ironbank/extract.ts b/lib/manager/ironbank/extract.ts index 8e18d1d..67e4a2d 100644 --- a/lib/manager/ironbank/extract.ts +++ b/lib/manager/ironbank/extract.ts @@ -112,7 +112,7 @@ export function extractPackageFile(content: string): PackageFile { try { manifest = yaml.load(content, { json: true} ) as HardeningManifest } catch (err) { - logger.error('Failed to parse hardening_manifest.yaml'); + logger.debug('Failed to parse hardening_manifest.yaml'); return null; } -- GitLab