# Concourse Resource Type for Debian Security Announcements

This [Concourse CI](https://concourse-ci.org/) resource type checks the
[Debian Security Announcements](https://www.debian.org/security/) and reports the latest security announcements
this can be used to trigger registry-image or docker-image builds when security updates are released.

The source code for the resource type is available at https://git.dittberner.info/jan/concourse-dsa-resource

## Usage

To use the resource type in your own Concourse pipeline you will have to define the resource type and a resource:

```yaml
---
resource_types:
- name: debian-dsa
  type: registry-image
  source:
    repository: jandd/concourse-dsa-resource
    tag: latest

resources:
- name: debian-dsa-version
  type: debian-dsa
  source: {}

jobs:
- name: security-update
  plan:
  - get: debian-dsa-version
    trigger: true
```

The resource type supports the check and in operations.

## `check` operation

The check operations returns a list of versions consisting of an ISO date and the title of the available update. A
shortened and pretty-printed example output looks like this:
     
* Input

  ```json
  {}
  ```

* Output

  ```json
  [
    {
      "date": "2023-01-18",
      "title": "DSA-5322 firefox-esr"
    },
    {
      "date": "2023-01-19",
      "title": "DSA-5323 libitext5-java"
    }
  ]
  ```

## `in` operation

The in operation takes a version as described in Concourse's resource type implementation documentation and returns
metadata. If the version exists. The following input example returns the output below:

* Input

  ```json
  {
    "source": {},
    "params": {},
    "version": {
      "date": "2023-01-18",
      "title": "DSA-5322 firefox-esr"
    }
  }
  ```

* Output

  ```json
  {
    "version": {
      "date": "2023-01-18",
      "title": "DSA-5322 firefox-esr"
    },
    "metadata": {
      "link": "https://www.debian.org/security/2023/dsa-5322",
      "description": "security update"
    }
  }
  ```