added github api client with graphql

2022-04-09 15:49:47 -05:00 · 2022-04-09 15:49:47 -05:00 · c3511bf6b5
commit c3511bf6b5
parent 5b859c6986
6 changed files with 85 additions and 2 deletions
--- a/.gitignore
+++ b/.gitignore
@ -31,7 +31,7 @@
 /config/master.key

 # Any API keys or envars we dont want to commit add here. 
-/twitter_credentials.env
+/credentials.env

 # Ignore our data dir as that gets populated during initial seed/setup
 /data/*
--- a/2
+++ b/2
@ -12,6 +12,8 @@ gem 'rest-client'
 gem 'twitter'
 gem 'tweetkit', github: 'julianfssen/tweetkit' # for twitter v2 api support
 gem 'nokogiri'
+gem 'graphql'
+gem 'graphql-client'

 # Use postgres as the database for Active Record
 gem 'pg'
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -150,6 +150,10 @@ GEM
      rchardet (~> 1.8)
    globalid (1.0.0)
      activesupport (>= 5.0)
+    graphql (1.13.11)
+    graphql-client (0.17.0)
+      activesupport (>= 3.0)
+      graphql (~> 1.10)
    http (4.4.1)
      addressable (~> 2.3)
      http-cookie (~> 1.0)
@ -355,6 +359,8 @@ DEPENDENCIES
  chromedriver-helper
  coffee-rails (~> 4.2)
  git
+  graphql
+  graphql-client
  jbuilder (~> 2.5)
  listen (>= 3.0.5, < 3.2)
  nokogiri
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -9,7 +9,7 @@ services:
  web:
    build: .
    env_file:
-      - twitter_credentials.env
+      - credentials.env
    command: bash -c "rm -f tmp/pids/server.pid && bundle exec rails s -p 3000 -b '0.0.0.0'"
    volumes:
      - .:/data_importer
--- a/lib/github_api/github_api.rb
+++ b/lib/github_api/github_api.rb
@ -0,0 +1,18 @@
+require "graphql/client"
+require "graphql/client/http"
+
+module GithubApi
+  GITHUB_ACCESS_TOKEN = ENV['github_api_token']
+  URL = 'https://api.github.com/graphql'
+
+  HttpAdapter = GraphQL::Client::HTTP.new(URL) do
+    def headers(context)
+      {
+        "Authorization" => "Bearer #{GITHUB_ACCESS_TOKEN}",
+        "User-Agent" => 'Ruby'
+      }
+    end
+  end
+  Schema = GraphQL::Client.load_schema(HttpAdapter)
+  Client = GraphQL::Client.new(schema: Schema, execute: HttpAdapter)
+end
--- a/lib/github_api/security_advisory.rb
+++ b/lib/github_api/security_advisory.rb
@ -0,0 +1,57 @@
+require '/data_importer/lib/github_api/github_api.rb'
+
+class SecurityAdvisory
+    SecurityAdvisoryQuery = GithubApi::Client.parse <<-'GRAPHQL'
+    query($ghsa_id: String!) {
+        securityAdvisory(ghsaId: $ghsa_id) {
+            ghsaId
+            summary
+            severity
+            description
+            cvss {
+                vectorString
+            }
+            origin
+            permalink
+            notificationsPermalink
+            updatedAt
+            publishedAt
+            cwes(first: 100) {
+                edges {
+                    node {
+                        cweId
+                        description
+                    }
+                }
+            }
+            references {
+                url
+            }
+            vulnerabilities(first: 100) {
+                edges {
+                    node {
+                        package {
+                            name
+                            ecosystem
+                        }
+                        severity
+                        updatedAt
+                        vulnerableVersionRange
+                    }
+                }
+            }
+        }
+    }
+    GRAPHQL
+
+    def self.find(ghsa_id)
+        response = GithubApi::Client.query(SecurityAdvisoryQuery, variables: { ghsa_id: ghsa_id })
+        if response.errors.any?
+            raise QueryExecutionError.new(response.errors[:data].join(", "))
+        else
+            response.data.security_advisory
+        end
+    end
+end
+
+class QueryExecutionError < StandardError; end