diff --git a/.gitignore b/.gitignore index ecca9c5..979c3ba 100644 --- a/.gitignore +++ b/.gitignore @@ -31,7 +31,7 @@ /config/master.key # Any API keys or envars we dont want to commit add here. -/twitter_credentials.env +/credentials.env # Ignore our data dir as that gets populated during initial seed/setup /data/* diff --git a/Gemfile b/Gemfile index 5b6786b..b721cbd 100644 --- a/Gemfile +++ b/Gemfile @@ -12,6 +12,8 @@ gem 'rest-client' gem 'twitter' gem 'tweetkit', github: 'julianfssen/tweetkit' # for twitter v2 api support gem 'nokogiri' +gem 'graphql' +gem 'graphql-client' # Use postgres as the database for Active Record gem 'pg' diff --git a/Gemfile.lock b/Gemfile.lock index 5129332..f8ce99d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -150,6 +150,10 @@ GEM rchardet (~> 1.8) globalid (1.0.0) activesupport (>= 5.0) + graphql (1.13.11) + graphql-client (0.17.0) + activesupport (>= 3.0) + graphql (~> 1.10) http (4.4.1) addressable (~> 2.3) http-cookie (~> 1.0) @@ -355,6 +359,8 @@ DEPENDENCIES chromedriver-helper coffee-rails (~> 4.2) git + graphql + graphql-client jbuilder (~> 2.5) listen (>= 3.0.5, < 3.2) nokogiri diff --git a/docker-compose.yml b/docker-compose.yml index ea48071..2a06d71 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,7 +9,7 @@ services: web: build: . env_file: - - twitter_credentials.env + - credentials.env command: bash -c "rm -f tmp/pids/server.pid && bundle exec rails s -p 3000 -b '0.0.0.0'" volumes: - .:/data_importer diff --git a/lib/github_api/github_api.rb b/lib/github_api/github_api.rb new file mode 100644 index 0000000..013193d --- /dev/null +++ b/lib/github_api/github_api.rb @@ -0,0 +1,18 @@ +require "graphql/client" +require "graphql/client/http" + +module GithubApi + GITHUB_ACCESS_TOKEN = ENV['github_api_token'] + URL = 'https://api.github.com/graphql' + + HttpAdapter = GraphQL::Client::HTTP.new(URL) do + def headers(context) + { + "Authorization" => "Bearer #{GITHUB_ACCESS_TOKEN}", + "User-Agent" => 'Ruby' + } + end + end + Schema = GraphQL::Client.load_schema(HttpAdapter) + Client = GraphQL::Client.new(schema: Schema, execute: HttpAdapter) +end \ No newline at end of file diff --git a/lib/github_api/security_advisory.rb b/lib/github_api/security_advisory.rb new file mode 100644 index 0000000..6f60f18 --- /dev/null +++ b/lib/github_api/security_advisory.rb @@ -0,0 +1,57 @@ +require '/data_importer/lib/github_api/github_api.rb' + +class SecurityAdvisory + SecurityAdvisoryQuery = GithubApi::Client.parse <<-'GRAPHQL' + query($ghsa_id: String!) { + securityAdvisory(ghsaId: $ghsa_id) { + ghsaId + summary + severity + description + cvss { + vectorString + } + origin + permalink + notificationsPermalink + updatedAt + publishedAt + cwes(first: 100) { + edges { + node { + cweId + description + } + } + } + references { + url + } + vulnerabilities(first: 100) { + edges { + node { + package { + name + ecosystem + } + severity + updatedAt + vulnerableVersionRange + } + } + } + } + } + GRAPHQL + + def self.find(ghsa_id) + response = GithubApi::Client.query(SecurityAdvisoryQuery, variables: { ghsa_id: ghsa_id }) + if response.errors.any? + raise QueryExecutionError.new(response.errors[:data].join(", ")) + else + response.data.security_advisory + end + end +end + +class QueryExecutionError < StandardError; end \ No newline at end of file