playing

Author: muhammadsherief24

Dockerfile

@@ -7,6 +7,8 @@ WORKDIR /opt/ghsec-jira
 
 RUN composer install --prefer-dist --no-dev
 
+RUN cat composer.lock
+
 # -----------------
 FROM php:8.2.11-alpine3.18@sha256:671c309315113b73eba316bb175e130f376d3ba5e1a930794909ef5a1cb10fbc
 

composer.json

@@ -6,8 +6,7 @@
         "php": ">=8.1",
         "softonic/graphql-client": "^2.1",
         "symfony/console": "^5",
-        "symfony/yaml": "^6.1",
-        "flextock/jira-security-issue": "^1.0.0"
+        "symfony/yaml": "^6.1"
     },
     "repositories": [
       {
@@ -17,7 +16,8 @@
     ],
     "autoload": {
         "psr-4": {
-            "GitHubSecurityJira\\": "src/"
+            "GitHubSecurityJira\\": "src/",
+            "JiraSecurityIssue\\": "jira-security-issue/"
         }
     },
     "require-dev": {

composer.lock

@@ -0,0 +1,15 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+indent_style = space
+indent_size = 4
+trim_trailing_whitespace = true
+
+[*.md]
+trim_trailing_whitespace = false
+
+[*.{yml,yaml,feature}]
+indent_size = 2

jira-security-issue/.editorconfig

@@ -0,0 +1,2 @@
+vendor
+.phpunit.result.cache

jira-security-issue/.gitignore

@@ -0,0 +1,16 @@
+<?xml version="1.0"?>
+<ruleset>
+    <file>./src</file>
+    <file>./tests</file>
+    <rule ref="AppocularCodingStandard"/>
+    <rule ref="SlevomatCodingStandard.Files.TypeNameMatchesFileName">
+      <properties>
+        <!-- Tell Slevomat the root directories of our namespaces, so
+             it can check if the filepath is correct. -->
+	<property name="rootNamespaces" type="array">
+	  <element key="src" value="Reload"/>
+	  <element key="tests" value="Reload"/>
+	</property>
+      </properties>
+    </rule>
+</ruleset>

jira-security-issue/.phpcs.xml

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 Reload A/S
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

jira-security-issue/LICENSE

@@ -0,0 +1,16 @@
+.PHONY: test lint phpunit phpcs phpstan all
+
+all: test lint
+
+lint: phpcs phpstan
+
+test: phpunit
+
+phpcs:
+	vendor/bin/phpcs
+
+phpunit:
+	vendor/bin/phpunit
+
+phpstan:
+	vendor/bin/phpstan analyse

jira-security-issue/Makefile

@@ -0,0 +1,32 @@
+# Reload Jira Security Issue
+
+This is a small library that can create Jira issues. The main idea is
+that it's simple to use and it'll not recreate an issue if the proper
+keys are supplied.
+
+Quick example:
+
+``` php
+        $issue = new JiraSecurityIssue();
+
+        $issue->setTitle('Issue title')
+            ->setBody('The main body');
+
+        $issue->setKeyLabel('some-unique-id');
+
+        echo $issue->ensure();
+```
+
+Configuration is set using environment variables, for ease of use in
+CI systems.
+
+- `JIRA_TOKEN`: A reference to the repo secret `JiraApiToken` (**REQUIRED**)
+- `JIRA_HOST`: The endpoint for your Jira instance, e.g. https://foo.atlassian.net (**REQUIRED**)
+- `JIRA_USER`: The ID of the Jira user which is associated with the 'JiraApiToken' secret, eg '[email protected]' (**REQUIRED**)
+- `JIRA_PROJECT`: The project key for the Jira project where issues should be created, eg `TEST` or `ABC`. (**REQUIRED** if not set in code)
+- `JIRA_ISSUE_TYPE`: Type of issue to create, e.g. `Security`. Defaults to `Bug`. (*Optional*)
+- `JIRA_WATCHERS`: Jira users to add as watchers to tickets. Separate
+  multiple watchers with comma (no spaces). (*Optional*)
+- `JIRA_RESTRICTED_COMMENT_ROLE`: A comment with restricted visibility
+  to this role is posted with info about who was added as watchers to
+  the issue. Defaults to `Developers`. (*Optional*)

jira-security-issue/README.md

@@ -0,0 +1,17 @@
+#!/usr/bin/env php
+<?php
+
+require __DIR__.'/../vendor/autoload.php';
+
+use Symfony\Component\Console\Application;
+use Reload\JiraSecurityIssueCommand;
+use Reload\JiraUserInfoCommand;
+
+$application = new Application('jsi');
+
+$application->add(new JiraSecurityIssueCommand());
+$application->add(new JiraUserInfoCommand());
+$application->setDefaultCommand('ensure');
+
+
+$application->run();

jira-security-issue/bin/jsi

@@ -0,0 +1,38 @@
+{
+    "name": "reload/jira-security-issue",
+    "description": "Create Jira issues if it doesn't exist",
+    "license": "MIT",
+    "require": {
+        "php": ">=8.2.0",
+        "lesstif/php-jira-rest-client": "^5",
+        "webignition/symfony-console-typed-input": "^0.6"
+    },
+    "autoload": {
+        "psr-4": {
+            "Reload\\": "src/"
+        }
+    },
+    "autoload-dev": {
+        "psr-4": {
+            "Reload\\": "tests/"
+        }
+    },
+    "require-dev": {
+        "appocular/coding-standard": "^2.0",
+        "phpstan/phpstan": "^1.10",
+        "phpunit/phpunit": "^9.6",
+        "sempro/phpunit-pretty-print": "^1.2",
+        "symfony/console": "^5.0",
+        "phpspec/prophecy": "^1.15",
+        "jangregor/phpstan-prophecy": "^1.0",
+        "phpspec/prophecy-phpunit": "^2.0",
+        "phpstan/extension-installer": "^1.3"
+    },
+    "config": {
+        "lock": false,
+        "allow-plugins": {
+            "dealerdirect/phpcodesniffer-composer-installer": true,
+            "phpstan/extension-installer": true
+        }
+    }
+}

jira-security-issue/composer.json

@@ -0,0 +1,6 @@
+parameters:
+    level: max
+    paths:
+        - .
+    excludePaths:
+        - vendor

jira-security-issue/phpstan.neon

@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         backupGlobals="false"
+         backupStaticAttributes="false"
+         bootstrap="vendor/autoload.php"
+         colors="true"
+         convertErrorsToExceptions="true"
+         convertNoticesToExceptions="true"
+         convertWarningsToExceptions="true"
+         processIsolation="false"
+         stopOnFailure="false"
+         printerClass="Sempro\PHPUnitPrettyPrinter\PrettyPrinterForPhpUnit9"
+         xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/9.3/phpunit.xsd">
+  <coverage processUncoveredFiles="true">
+    <include>
+      <directory suffix=".php">./src</directory>
+    </include>
+  </coverage>
+  <testsuites>
+    <testsuite name="Suite">
+      <directory suffix="Test.php">./tests</directory>
+    </testsuite>
+  </testsuites>
+</phpunit>