diff --git a/CHANGELOG.md b/CHANGELOG.md index d9754d1..e16488b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,26 @@ # Changelog +## [v0.6.0](https://github.com/tphoney/best_practice/tree/v0.6.0) (2022-07-16) + +[Full Changelog](https://github.com/tphoney/best_practice/compare/v0.5.0...v0.6.0) + +**Implemented enhancements:** + +- write a ruby scanner [\#21](https://github.com/tphoney/best_practice/issues/21) +- Possible enhancements [\#10](https://github.com/tphoney/best_practice/issues/10) +- \(feat\) add basic ruby scanning [\#24](https://github.com/tphoney/best_practice/pull/24) ([tphoney](https://github.com/tphoney)) +- \(feat\) add android check to java scanner [\#23](https://github.com/tphoney/best_practice/pull/23) ([tphoney](https://github.com/tphoney)) + +**Fixed bugs:** + +- ensure naming standards for checks [\#16](https://github.com/tphoney/best_practice/issues/16) +- audit all scanlets in scanners [\#15](https://github.com/tphoney/best_practice/issues/15) +- audit scanlets to provide better info [\#22](https://github.com/tphoney/best_practice/pull/22) ([tphoney](https://github.com/tphoney)) + +**Merged pull requests:** + +- \(maint\) add some semblance of naming to checks [\#20](https://github.com/tphoney/best_practice/pull/20) ([tphoney](https://github.com/tphoney)) + ## [v0.5.0](https://github.com/tphoney/best_practice/tree/v0.5.0) (2022-07-13) [Full Changelog](https://github.com/tphoney/best_practice/compare/v0.4.0...v0.5.0) diff --git a/README.md b/README.md index 01b1357..e4e08a0 100644 --- a/README.md +++ b/README.md @@ -9,16 +9,17 @@ A plugin/cli tool/container/library for automating best practice in a code repos It has the following scanners: - Docker scanner, for best practice -- Drone scanner, analyses your build file +- Drone scanner, analyses your build file to give you recommendations - Golang scanner, for best practice - Java scanner, for best practice - Javascript scanner, for best practice +- Ruby scanner, for best practice And the following output formats: -- Best practice report -- Drone build file creation -- Harness product recommendations. +- Best practice for existing Drone builds +- Drone build file creation (creates a drone file, or a .drone.yml.new file if you have an existing drone file) +- Harness product recommendations Example output: @@ -36,6 +37,15 @@ Download the Binaries from the release section. Then, you can use it as a cli to ./best-practice ``` +Execute the newly created drone build file + +```bash +# install drone-cli if necessary +brew install drone-cli +# execute the drone build +drone exec .drone.yml +``` + ### Using the container locally You can use a container locally. This will run it against your current working directory. @@ -45,6 +55,15 @@ docker pull tphoney/best_practice docker run -it --rm -v $(pwd):/plugin -e PLUGIN_WORKING_DIRECTORY=/plugin tphoney/best_practice ``` +Execute the newly created drone build file + +```bash +# install drone-cli if necessary +brew install drone-cli +# execute the drone build +drone exec .drone.yml +``` + ### Using it in your drone build Below is an example `.drone.yml` that uses this plugin. @@ -61,7 +80,20 @@ steps: ### Using it as a library -Have a look at the calls in `plugin\plugin.go +Select your scanners and pass it through to the output formatters: + +```go +# set the working directory to the root of your project +workingDirectory, err := os.Getwd() +# set your scanners, this uses all of the scanners by default +requestedScanners = scanner.ListScannersNames() +# set your output formatters, this uses all of the output formatters by default +requestesOutputFormatters = output.ListOutputFormattersNames() +# run the scanners +scanResults, scanErr := scanner.RunScanners(ctx, requestedScanners, requestesOutputFormatters) +# run the output formatters +outputErr := outputter.RunOutput(ctx, outputters, scanResults) +``` ## Developer notes diff --git a/go.mod b/go.mod index 66cd0d3..85d9daa 100644 --- a/go.mod +++ b/go.mod @@ -6,8 +6,8 @@ require ( github.com/Masterminds/semver v1.5.0 github.com/kelseyhightower/envconfig v1.4.0 github.com/sirupsen/logrus v1.8.1 - golang.org/x/exp v0.0.0-20220706164943-b4a6d9510983 + golang.org/x/exp v0.0.0-20220713135740-79cabaa25d75 gopkg.in/yaml.v3 v3.0.1 ) -require golang.org/x/sys v0.0.0-20220712014510-0a85c31ab51e // indirect +require golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect diff --git a/go.sum b/go.sum index d0dc1ad..9b785f3 100644 --- a/go.sum +++ b/go.sum @@ -12,9 +12,13 @@ github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= golang.org/x/exp v0.0.0-20220706164943-b4a6d9510983 h1:sUweFwmLOje8KNfXAVqGGAsmgJ/F8jJ6wBLJDt4BTKY= golang.org/x/exp v0.0.0-20220706164943-b4a6d9510983/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA= +golang.org/x/exp v0.0.0-20220713135740-79cabaa25d75 h1:x03zeu7B2B11ySp+daztnwM5oBJ/8wGUSqrwcw9L0RA= +golang.org/x/exp v0.0.0-20220713135740-79cabaa25d75/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20220712014510-0a85c31ab51e h1:NHvCuwuS43lGnYhten69ZWqi2QOj/CiDNcKbVqwVoew= golang.org/x/sys v0.0.0-20220712014510-0a85c31ab51e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 h1:0A+M6Uqn+Eje4kHMK80dtF3JCXC4ykBgQG4Fe06QRhQ= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=