Project

rondabot

0.0
No commit activity in last 3 years
No release in over 3 years
rondabotrondinellimorais/rondabotHomepageDocumentationSource CodeBug TrackerWiki
Rondabot Rondabot is a powerful agent that checks for vulnerabilities on the project's premises and submits pull requests with the best version.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
 Popularity
Downloads
7,894
Stars
5
Forks
0
Watchers
1
 Releases
Current version
1.0.3
Total releases
5
First release
2020-08-14
Latest release
2020-08-17
 Issues
Open Issues
2
Closed Issues
0
Total Issues
2
Issue Closure Rate
0%
 Pull Requests
Open Pull Requests
0
Closed Pull Requests
0
Merged Pull Requests
1
Pull Request Acceptance Rate
100%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2020-08-16
Reverse Dependencies
0

 Dependencies

Development

rake
~> 11
rspec
~> 3
 Project Readme

Getting Started

Rondabot is a powerful agent that checks for vulnerabilities on the project's premises and submits pull requests with the best version.

The high-level flow looks like this:

Rondabot architecture

Install

Ruby version

Rondabot works from ruby version >=2.5.0. Make sure you are using version 2.5.0 or higher of ruby.

To get started let's create our Gemfile:

source "https://rubygems.org"

gem "rondabot", "~> 1.0.3"
gem "dependabot-omnibus", "~> 0.111.5"

run:

bundle install

After installation! To start using Rondabot all you need is a script looks like this:

require "rondabot"

core = Rondabot::Core.new(
  # ...
  # the parameters. See Parameters table below
  # ...
)

core.start()

Parameters

Name Description
provider Source control provider azure, gitlab or github
organization Name of your organization on azure devops
project Name of your project on azure devops
repository Name of your project to using for clone and create pull requests
hostname Only Gitlab. Your server hostname on premise. Default gitlab.com
access_token A git credentials to clone e create pull requests. On gitlab is a personal access token generated in your portal
feed_id Your feed id npm/yarn on azure devops. Go to Azure Devops, your project Artifacts > Connect to feed > npm and then you can find feed id in the url looks like https://pkgs.dev.azure.com/your organization name/you feed id to be right here/_packaging/npm-packages/npm/registry/
github_token Allows passing in a GitHub access token so that the API rate limiting is not exceeded. When the repository's visibility is public, the github_token must be an access token with read access to the public repositories. When repository visibility is private, the github_token must be an access token with full control of private repositories.

Examples

Azure Devops

require "dependabot/omnibus"
require "rondabot"

core = Rondabot::Core.new(
  provider: "azure",
  organization: "Akatsuki",
  project: "Digital%20Channel",
  repository: "akatsuki-website",
  access_token: "cm9uZGluZWxsaW1vcmFpcwcm9uZGFib3Q",
  feed_id: "11db190-e3b1872-1e6e6e-c97f2dd-49253",
  github_token: "11db190e3b18721e6e6ec97f2dd49253"
)

core.start()

GitHub

WARNING

When the repository's visibility is public, the github_token must be an access token with read access to the public repositories.

When repository visibility is private, the github_token must be an access token with full control of private repositories.

require "dependabot/omnibus"
require "rondabot"

core = Rondabot::Core.new(
  provider: "github",
  repository: "rondinellimorais/rondabot",
  github_token: "11db190e3b18721e6e6ec97f2dd49253"
)

core.start()

GitLab

require "dependabot/omnibus"
require "rondabot"

core = Rondabot::Core.new(
  provider: "gitlab",
  hostname: "https://gitlab.devops.akatsuki.com",
  repository: "akatsuki/software/mobile/myproject",
  access_token: "F1nZ827g8GsAd1rKx1A8r",
  github_token: "11db190e3b18721e6e6ec97f2dd49253"
)

core.start()

License

MIT.