Jan Dittberner
182f21944b
- use date and DSA number as version identifier - add tests for Check and Get calls |
||
|---|---|---|
| cmd/debian-dsa | ||
| internal/resource/dsa | ||
| .gitignore | ||
| COPYING | ||
| debian-dsa | ||
| Dockerfile | ||
| go.mod | ||
| go.sum | ||
| Makefile | ||
| README.md | ||
Concourse Resource Type for Debian Security Announcements
This Concourse CI resource type checks the Debian Security Announcements and reports the latest security announcements this can be used to trigger registry-image or docker-image builds when security updates are released.
The source code for the resource type is available at https://git.dittberner.info/jan/concourse-dsa-resource
Usage
To use the resource type in your own Concourse pipeline you will have to define the resource type and a resource:
---
resource_types:
- name: debian-dsa
type: registry-image
source:
repository: jandd/concourse-dsa-resource
tag: latest
resources:
- name: debian-dsa-version
type: debian-dsa
source: {}
jobs:
- name: security-update
plan:
- get: debian-dsa-version
trigger: true
The resource type supports the check and in operations.
check operation
The check operations returns a list of versions consisting of an ISO date and the title of the available update. A shortened and pretty-printed example output looks like this:
-
Input
{} -
Output
[ { "date": "2023-01-18", "title": "DSA-5322 firefox-esr" }, { "date": "2023-01-19", "title": "DSA-5323 libitext5-java" } ]
in operation
The in operation takes a version as described in Concourse's resource type implementation documentation and returns metadata. If the version exists. The following input example returns the output below:
-
Input
{ "source": {}, "params": {}, "version": { "date": "2023-01-18", "title": "DSA-5322 firefox-esr" } } -
Output
{ "version": { "date": "2023-01-18", "title": "DSA-5322 firefox-esr" }, "metadata": { "link": "https://www.debian.org/security/2023/dsa-5322", "description": "security update" } }