Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #411 from cb22/develop
Safety Alerts: GitHub PRs and GitHub issues support
- Loading branch information
Showing
13 changed files
with
1,045 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
import sys | ||
import json | ||
from typing import Any | ||
import click | ||
|
||
from dataclasses import dataclass | ||
|
||
from . import github | ||
from safety.util import SafetyPolicyFile | ||
|
||
@dataclass | ||
class Alert: | ||
report: Any | ||
key: str | ||
policy: Any = None | ||
requirements_files: Any = None | ||
|
||
@click.group(help="Send alerts based on the results of a Safety scan.") | ||
@click.option('--check-report', help='JSON output of Safety Check to work with.', type=click.File('r'), default=sys.stdin) | ||
@click.option("--policy-file", type=SafetyPolicyFile(), default='.safety-policy.yml', | ||
help="Define the policy file to be used") | ||
@click.option("--key", envvar="SAFETY_API_KEY", | ||
help="API Key for pyup.io's vulnerability database. Can be set as SAFETY_API_KEY " | ||
"environment variable.", required=True) | ||
@click.pass_context | ||
def alert(ctx, check_report, policy_file, key): | ||
with check_report: | ||
# TODO: This breaks --help for subcommands | ||
try: | ||
safety_report = json.load(check_report) | ||
except json.decoder.JSONDecodeError as e: | ||
click.secho("Error decoding input JSON: {}".format(e.msg), fg='red') | ||
sys.exit(1) | ||
|
||
if not 'report_meta' in safety_report: | ||
click.secho("You must pass in a valid Safety Check JSON report", fg='red') | ||
sys.exit(1) | ||
|
||
ctx.obj = Alert(report=safety_report, policy=policy_file if policy_file else {}, key=key) | ||
|
||
alert.add_command(github.github_pr) | ||
alert.add_command(github.github_issue) |
Oops, something went wrong.