From a36da288b87e1db466778a615935c8e98537ad40 Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Mon, 29 Apr 2024 17:03:35 -0400 Subject: [PATCH 01/17] initial commit to create PR so it can be used on another project for testing --- scripts/security-updates/automatic-update | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/scripts/security-updates/automatic-update b/scripts/security-updates/automatic-update index d23de2e..08ab719 100755 --- a/scripts/security-updates/automatic-update +++ b/scripts/security-updates/automatic-update @@ -230,6 +230,12 @@ if [[ $(security_updates_available) == "true" ]]; then echo "Zendesk Ticket successfully created." echo "-------------------------------------------" fi + + # Create a ticket for ClickUp. + if true; then + echo "Creating security updates ClickUp Ticket." + echo "-------------------------------------------" + fi fi else echo "Nothing to do, None available sec updates." From 2314b350e06668e9fe06eaa99d7aae323d070c0f Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Tue, 30 Apr 2024 17:22:42 -0400 Subject: [PATCH 02/17] add code for creating clickup ticket --- ..._TICKET_TEMPLATE.md => TICKET_TEMPLATE.md} | 2 +- scripts/security-updates/automatic-update | 96 ++++++++++++++++--- 2 files changed, 82 insertions(+), 16 deletions(-) rename scripts/security-updates/{ZD_TICKET_TEMPLATE.md => TICKET_TEMPLATE.md} (78%) diff --git a/scripts/security-updates/ZD_TICKET_TEMPLATE.md b/scripts/security-updates/TICKET_TEMPLATE.md similarity index 78% rename from scripts/security-updates/ZD_TICKET_TEMPLATE.md rename to scripts/security-updates/TICKET_TEMPLATE.md index cee5063..d7f3094 100644 --- a/scripts/security-updates/ZD_TICKET_TEMPLATE.md +++ b/scripts/security-updates/TICKET_TEMPLATE.md @@ -6,5 +6,5 @@ We''ll run the upgrade and the work will be billed to your flat-rate annual/mont In other words, this will not count towards your subscription hours. Security updates are required for: [PROJECTS] -These updates are being performed automatically and we'll let you know when it is complete. +These updates are being performed automatically, and we'll let you know when it is complete. Thank You! diff --git a/scripts/security-updates/automatic-update b/scripts/security-updates/automatic-update index 08ab719..4e0be21 100755 --- a/scripts/security-updates/automatic-update +++ b/scripts/security-updates/automatic-update @@ -7,6 +7,7 @@ echo "Updating projects" DIR=$(pwd) COMPOSER_CMD=$(which composer) NOW=$(date +'%F') +UNIX_TIMESTAMP=$(date -d "$NOW" '+%s') cd $DIR source "./vendor/fourkitchens/pots/scripts/security-updates/4k-openai-lib.sh" BRANCH_NAME="feature/automated-sec-update-$NOW" @@ -42,7 +43,7 @@ create_gh_branch () { echo "true" } -# Helper function to check if there are avaiable sec update to apply. +# Helper function to check if there are available sec update to apply. security_updates_available () { # 3. Loop through each key-value pair in the "advisories" object. AVAILABLE_UPDATE="false" @@ -156,24 +157,22 @@ if [[ $(security_updates_available) == "true" ]]; then echo "Creating security updates Zendesk Ticket." echo "-------------------------------------------" ZD_API=https://advomatic.zendesk.com/api/v2 - # Hardcode Requester ID. - # To get this project's Requester ID from Zendesk: + # group_id: 360007800612; Assigns the ticket to the security group. + # Environment variables; should be defined as CircleCI variables. + # ZD_REQUESTER_ID: Found by following the steps below. # 1. Visit: https://advomatic.zendesk.com/agent/user_filters # 2. Search for the user you need the requester ID for. # 3. The user ID can be obtained from the user's url. # e.g. https://advomatic.zendesk.com/agent/users/378771022972/requested_tickets # e.g. Requester ID: 378771022972 - # 4. Replace the value below. - # ZD_REQUESTER_ID : Env varible, should be define into the CircleCI variables, User into the client Org. - # ZD_TOKEN: Env varible, should be define into the CircleCI variables, you could find it into 1password - # ZD_LEAD_EMAIL: Env varible, should be define into the CircleCI variables (TL, TS) - # group_id: 360007800612 : This line into the JSON is assignning the ticket to security group - - ZD_BODY_MESSAGE=`cat ./vendor/fourkitchens/pots/scripts/security-updates/ZD_TICKET_TEMPLATE.md` - # Replacing placehoders into the template. + # ZD_TOKEN: Located in 1Pass. + # ZD_LEAD_EMAIL: Find lead in engagements database. + + ZD_BODY_MESSAGE=`cat ./vendor/fourkitchens/pots/scripts/security-updates/TICKET_TEMPLATE.md` + # Replacing placeholders in the template. ZD_BODY_MESSAGE=${ZD_BODY_MESSAGE//\[SITE_NAME\]/$SITE_NAME} ZD_BODY_MESSAGE=${ZD_BODY_MESSAGE//\[PROJECTS\]/$ZD_PROJECTS_UPDATED} - # Scaping new lines characters. + # Scraping new line characters. ZD_BODY_MESSAGE=${ZD_BODY_MESSAGE//$'\n'/\\n} ZD_TICKET_TITLE="Security Updates Required For Your Website - ${SITE_NAME}" ZD_JSON_DATA=$(printf '{ @@ -232,11 +231,78 @@ if [[ $(security_updates_available) == "true" ]]; then fi # Create a ticket for ClickUp. - if true; then - echo "Creating security updates ClickUp Ticket." + if [ -n "${CU_REQUESTER_ID}" -a -n "${CU_TOKEN}" -a -n "${CU_LEAD_EMAIL}" ]; then + echo "Creating security updates ClickUp Ticket." + echo "-------------------------------------------" + CU_API=https://api.clickup.com/api/v2 + # Environment variables; should be defined as CircleCI variables. + # CU_CLIENT_ID: Look in ClickUp for id. e.g. 16 + # CU_REQUESTER_ID: Found by following the steps below. + # 1. Visit: https://advomatic.zendesk.com/agent/user_filters + # 2. Search for the user you need the requester ID for. + # 3. The user ID can be obtained from the user's url. + # e.g. https://advomatic.zendesk.com/agent/users/378771022972/requested_tickets + # e.g. Requester ID: 378771022972 + # CU_TOKEN: Located in 1Pass. + # CU_LEAD_EMAIL: Find lead in engagements database. + + CU_BODY_MESSAGE=`cat ./vendor/fourkitchens/pots/scripts/security-updates/TICKET_TEMPLATE.md` + # Replacing placeholders in the template. + CU_BODY_MESSAGE=${CU_BODY_MESSAGE//\[SITE_NAME\]/$SITE_NAME} + CU_BODY_MESSAGE=${CU_BODY_MESSAGE//\[PROJECTS\]/$CU_PROJECTS_UPDATED} + # Scraping new line characters. + CU_BODY_MESSAGE=${CU_BODY_MESSAGE//$'\n'/\\n} + CU_TICKET_TITLE="Security Updates Required For Your Website - ${SITE_NAME}" + CU_JSON_DATA=$(printf '{ + "name": "%s", + "assignees": [ + 82036728 + ], + "tags": [ + "autosec update" + ], + "status": "in progress", + "priority": 2, + "start_date": %s, + "start_date_time": false, + "notify_all": false, + "parent": null, + "links_to": null, + "check_required_custom_fields": true, + "custom_fields": [ + { + "id": "b8bbcb75-a7c8-4eb7-9202-e56d227eefbf", + "value": "%s" + } + ] + "description": "%s", + }' "$CU_TICKET_TITLE" "$UNIX_TIMESTAMP" "$CU_CLIENT_ID" "$CU_BODY_MESSAGE") + + # Encoding CU token. + CU_AUTH=$(echo -n "${CU_LEAD_EMAIL}/token:${CU_TOKEN}" | openssl enc -A -base64) + curl ${CU_API}/list/901300865356/task \ + -X POST \ + -H "Content-Type: application/json" \ + -H "Authorization: Basic ${CU_AUTH}" \ + -d "$CU_JSON_DATA" + + # TODO: Retrieve the task id from the newly created ticket. + TASK_ID="86a36wj6y" # For testing purposes. + + # TODO: Use the task id to add the Requester to the requester custom field. + CU_JSON_DATA_REQUESTER=$(printf '{ + "value": "%s" + }' "$CU_REQUESTER_ID") + curl ${CU_API}/task/"${TASK_ID}"/field/601d8088-a5d6-41c2-ad32-9bec68eac624 \ + -X POST \ + -H "Content-Type: application/json" \ + -H "Authorization: Basic ${CU_AUTH}" \ + -d "$CU_JSON_DATA_REQUESTER" + + echo "ClickUp Ticket successfully created." echo "-------------------------------------------" fi fi else - echo "Nothing to do, None available sec updates." + echo "Nothing to do! No available security updates." fi From e2b8ca05c7978f9b64e05afecd213ed69f77db1b Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 17 May 2024 01:33:02 -0400 Subject: [PATCH 03/17] chore: sort out curl requests --- scripts/security-updates/automatic-update | 53 +++++++++++++---------- 1 file changed, 29 insertions(+), 24 deletions(-) diff --git a/scripts/security-updates/automatic-update b/scripts/security-updates/automatic-update index 4e0be21..3c4eb8d 100755 --- a/scripts/security-updates/automatic-update +++ b/scripts/security-updates/automatic-update @@ -232,21 +232,20 @@ if [[ $(security_updates_available) == "true" ]]; then # Create a ticket for ClickUp. if [ -n "${CU_REQUESTER_ID}" -a -n "${CU_TOKEN}" -a -n "${CU_LEAD_EMAIL}" ]; then + UNIX_TIMESTAMP=$(date '+%s') + + # Creating ClickUp ticket. echo "Creating security updates ClickUp Ticket." echo "-------------------------------------------" CU_API=https://api.clickup.com/api/v2 # Environment variables; should be defined as CircleCI variables. # CU_CLIENT_ID: Look in ClickUp for id. e.g. 16 - # CU_REQUESTER_ID: Found by following the steps below. - # 1. Visit: https://advomatic.zendesk.com/agent/user_filters - # 2. Search for the user you need the requester ID for. - # 3. The user ID can be obtained from the user's url. - # e.g. https://advomatic.zendesk.com/agent/users/378771022972/requested_tickets - # e.g. Requester ID: 378771022972 + # CU_REQUESTER_ID: Look in ClickUp for id. e.g. 54648604 + # CU_LIST_ID: Look in ClickUp for id. e.g. 901300865356 # CU_TOKEN: Located in 1Pass. # CU_LEAD_EMAIL: Find lead in engagements database. - CU_BODY_MESSAGE=`cat ./vendor/fourkitchens/pots/scripts/security-updates/TICKET_TEMPLATE.md` + CU_BODY_MESSAGE=`cat ./scripts/security-updates/TICKET_TEMPLATE.md` # Replacing placeholders in the template. CU_BODY_MESSAGE=${CU_BODY_MESSAGE//\[SITE_NAME\]/$SITE_NAME} CU_BODY_MESSAGE=${CU_BODY_MESSAGE//\[PROJECTS\]/$CU_PROJECTS_UPDATED} @@ -263,7 +262,7 @@ if [[ $(security_updates_available) == "true" ]]; then ], "status": "in progress", "priority": 2, - "start_date": %s, + "start_date": "%s", "start_date_time": false, "notify_all": false, "parent": null, @@ -274,29 +273,35 @@ if [[ $(security_updates_available) == "true" ]]; then "id": "b8bbcb75-a7c8-4eb7-9202-e56d227eefbf", "value": "%s" } - ] - "description": "%s", + ], + "description": "%s" }' "$CU_TICKET_TITLE" "$UNIX_TIMESTAMP" "$CU_CLIENT_ID" "$CU_BODY_MESSAGE") - # Encoding CU token. - CU_AUTH=$(echo -n "${CU_LEAD_EMAIL}/token:${CU_TOKEN}" | openssl enc -A -base64) - curl ${CU_API}/list/901300865356/task \ - -X POST \ - -H "Content-Type: application/json" \ - -H "Authorization: Basic ${CU_AUTH}" \ - -d "$CU_JSON_DATA" + # Create the ticket and capture the response. + RESPONSE=$( + curl -s ${CU_API}/list/901300865356/task \ + -i -X POST \ + -H "Authorization: ${CU_TOKEN}" \ + -H "Content-Type: application/json" \ + -d "$CU_JSON_DATA" + ) - # TODO: Retrieve the task id from the newly created ticket. - TASK_ID="86a36wj6y" # For testing purposes. + # Extract the task id from the response. + TASK_ID=$(echo "$RESPONSE" | awk -F'"id":' '{print $2}' | awk -F',' '{print $1}' | sed 's/"//g' | tr -d '[:space:]') - # TODO: Use the task id to add the Requester to the requester custom field. + # Use the task id to add the requester to the "Requester" custom field. CU_JSON_DATA_REQUESTER=$(printf '{ - "value": "%s" - }' "$CU_REQUESTER_ID") - curl ${CU_API}/task/"${TASK_ID}"/field/601d8088-a5d6-41c2-ad32-9bec68eac624 \ + "value": { + "add": [ + %s + ] + } + }' "$CU_REQUESTER_ID") + + curl -s ${CU_API}/task/${TASK_ID}/field/601d8088-a5d6-41c2-ad32-9bec68eac624 \ -X POST \ -H "Content-Type: application/json" \ - -H "Authorization: Basic ${CU_AUTH}" \ + -H "Authorization: ${CU_TOKEN}" \ -d "$CU_JSON_DATA_REQUESTER" echo "ClickUp Ticket successfully created." From facd24f09601ac0cad146caf807252dcd29650bf Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 17 May 2024 10:42:34 -0400 Subject: [PATCH 04/17] fix: remove unix timestamp as it is already defined elsewhere --- scripts/security-updates/automatic-update | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/security-updates/automatic-update b/scripts/security-updates/automatic-update index 3c4eb8d..f76d6cc 100755 --- a/scripts/security-updates/automatic-update +++ b/scripts/security-updates/automatic-update @@ -232,7 +232,6 @@ if [[ $(security_updates_available) == "true" ]]; then # Create a ticket for ClickUp. if [ -n "${CU_REQUESTER_ID}" -a -n "${CU_TOKEN}" -a -n "${CU_LEAD_EMAIL}" ]; then - UNIX_TIMESTAMP=$(date '+%s') # Creating ClickUp ticket. echo "Creating security updates ClickUp Ticket." From d948afb4a8d0512f7cd514edbd950ba3bd249349 Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 17 May 2024 11:14:37 -0400 Subject: [PATCH 05/17] ignore local testing file --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index a261958..da505f3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ /vendor/ acli .circleci/scripts/security-updates/projects_to_update.txt +test-clickup-integration From 17ba3d7987f9badc4e26a5c60e95e7c64d408d2a Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 17 May 2024 12:02:44 -0400 Subject: [PATCH 06/17] simple change to test something --- scripts/security-updates/automatic-update | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/security-updates/automatic-update b/scripts/security-updates/automatic-update index f76d6cc..d4db060 100755 --- a/scripts/security-updates/automatic-update +++ b/scripts/security-updates/automatic-update @@ -285,7 +285,7 @@ if [[ $(security_updates_available) == "true" ]]; then -d "$CU_JSON_DATA" ) - # Extract the task id from the response. + # Extract the task id from the response; I could not get jq to work. TASK_ID=$(echo "$RESPONSE" | awk -F'"id":' '{print $2}' | awk -F',' '{print $1}' | sed 's/"//g' | tr -d '[:space:]') # Use the task id to add the requester to the "Requester" custom field. From d69ebbee9950b88712790750ba67a6eaa4cfb975 Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 17 May 2024 14:05:34 -0400 Subject: [PATCH 07/17] add verbosity for debugging --- scripts/pantheon/deploy | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/pantheon/deploy b/scripts/pantheon/deploy index 209dd27..9b56265 100755 --- a/scripts/pantheon/deploy +++ b/scripts/pantheon/deploy @@ -56,7 +56,7 @@ else if [[ "$TERMINUS_ENV" != "$DEVELOPMENT_ENV" ]] && [[ "$REBUILD_MULTIDEV_ENV_EVERY_PUSH" == "YES" ]] then echo "This project is set to clone content for multidevs every push." - terminus -n build:env:create "$TERMINUS_SITE.$CANONICAL_ENV" "$TERMINUS_ENV" --clone-content $CREATE_OPTIONS + terminus -n build:env:create "$TERMINUS_SITE.$CANONICAL_ENV" "$TERMINUS_ENV" --clone-content $CREATE_OPTIONS -vvv if [[ ! -z "$SANITIZE_SCRIPT" ]] then echo "Sanitizing Database." @@ -66,7 +66,7 @@ else elif [[ "$TERMINUS_ENV" == "$DEVELOPMENT_ENV" ]] && [[ "$REBUILD_DEVELOPMENT_ENV_EVERY_PUSH" == "YES" ]] then echo "This project is set to clone content for the github development multidev every push." - terminus -n build:env:create "$TERMINUS_SITE.$CANONICAL_ENV" "$TERMINUS_ENV" --clone-content $CREATE_OPTIONS + terminus -n build:env:create "$TERMINUS_SITE.$CANONICAL_ENV" "$TERMINUS_ENV" --clone-content $CREATE_OPTIONS -vvv if [[ ! -z "$SANITIZE_SCRIPT" ]] then echo "Sanitizing Database." @@ -74,7 +74,7 @@ else $( $SANITIZE_SCRIPT ) fi else - terminus -n build:env:create "$TERMINUS_SITE.$CANONICAL_ENV" "$TERMINUS_ENV" $CREATE_OPTIONS + terminus -n build:env:create "$TERMINUS_SITE.$CANONICAL_ENV" "$TERMINUS_ENV" $CREATE_OPTIONS -vvv fi fi From 7d01791dffb9602a6aa7b7ac0584b30b133ef38d Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 17 May 2024 14:10:34 -0400 Subject: [PATCH 08/17] move verbosity to updatedb command --- scripts/pantheon/deploy | 6 +++--- scripts/pantheon/drush-commands | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/pantheon/deploy b/scripts/pantheon/deploy index 9b56265..209dd27 100755 --- a/scripts/pantheon/deploy +++ b/scripts/pantheon/deploy @@ -56,7 +56,7 @@ else if [[ "$TERMINUS_ENV" != "$DEVELOPMENT_ENV" ]] && [[ "$REBUILD_MULTIDEV_ENV_EVERY_PUSH" == "YES" ]] then echo "This project is set to clone content for multidevs every push." - terminus -n build:env:create "$TERMINUS_SITE.$CANONICAL_ENV" "$TERMINUS_ENV" --clone-content $CREATE_OPTIONS -vvv + terminus -n build:env:create "$TERMINUS_SITE.$CANONICAL_ENV" "$TERMINUS_ENV" --clone-content $CREATE_OPTIONS if [[ ! -z "$SANITIZE_SCRIPT" ]] then echo "Sanitizing Database." @@ -66,7 +66,7 @@ else elif [[ "$TERMINUS_ENV" == "$DEVELOPMENT_ENV" ]] && [[ "$REBUILD_DEVELOPMENT_ENV_EVERY_PUSH" == "YES" ]] then echo "This project is set to clone content for the github development multidev every push." - terminus -n build:env:create "$TERMINUS_SITE.$CANONICAL_ENV" "$TERMINUS_ENV" --clone-content $CREATE_OPTIONS -vvv + terminus -n build:env:create "$TERMINUS_SITE.$CANONICAL_ENV" "$TERMINUS_ENV" --clone-content $CREATE_OPTIONS if [[ ! -z "$SANITIZE_SCRIPT" ]] then echo "Sanitizing Database." @@ -74,7 +74,7 @@ else $( $SANITIZE_SCRIPT ) fi else - terminus -n build:env:create "$TERMINUS_SITE.$CANONICAL_ENV" "$TERMINUS_ENV" $CREATE_OPTIONS -vvv + terminus -n build:env:create "$TERMINUS_SITE.$CANONICAL_ENV" "$TERMINUS_ENV" $CREATE_OPTIONS fi fi diff --git a/scripts/pantheon/drush-commands b/scripts/pantheon/drush-commands index 00b71f4..0e3bcb1 100755 --- a/scripts/pantheon/drush-commands +++ b/scripts/pantheon/drush-commands @@ -19,7 +19,7 @@ fi echo "Starting environment deploy commmands." # Update the Drupal database -terminus -n drush "$P_SITE.$P_ENV" -- updatedb -y +terminus -n drush "$P_SITE.$P_ENV" -- updatedb -y -vvv # Clear Drupal cache echo "Clearing Drupal cache." From 357b5cdc71b56d4e6118b4e2f189c2c45e7389e6 Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 17 May 2024 14:15:53 -0400 Subject: [PATCH 09/17] not quite sure where -vvv should go :/ --- scripts/pantheon/drush-commands | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/pantheon/drush-commands b/scripts/pantheon/drush-commands index 0e3bcb1..500c081 100755 --- a/scripts/pantheon/drush-commands +++ b/scripts/pantheon/drush-commands @@ -17,9 +17,9 @@ if [[ -z "$P_SITE" ]] || [[ -z "$P_ENV" ]]; then exit 1 fi -echo "Starting environment deploy commmands." +echo "Starting environment deploy commands." # Update the Drupal database -terminus -n drush "$P_SITE.$P_ENV" -- updatedb -y -vvv +terminus -n drush -vvv "$P_SITE.$P_ENV" -- updatedb -y # Clear Drupal cache echo "Clearing Drupal cache." From e242659cee49cb185d6e70ee11fb6cfa90bb3d93 Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 17 May 2024 14:23:21 -0400 Subject: [PATCH 10/17] eh --- scripts/pantheon/drush-commands | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/pantheon/drush-commands b/scripts/pantheon/drush-commands index 500c081..a9fd235 100755 --- a/scripts/pantheon/drush-commands +++ b/scripts/pantheon/drush-commands @@ -19,7 +19,7 @@ fi echo "Starting environment deploy commands." # Update the Drupal database -terminus -n drush -vvv "$P_SITE.$P_ENV" -- updatedb -y +terminus -n -vvv drush "$P_SITE.$P_ENV" -- updatedb -y # Clear Drupal cache echo "Clearing Drupal cache." From 8e8bb9e4466f6753be1ae497edaecac802c4afa9 Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 17 May 2024 14:57:52 -0400 Subject: [PATCH 11/17] rm verbosity --- scripts/pantheon/drush-commands | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/pantheon/drush-commands b/scripts/pantheon/drush-commands index a9fd235..78b3e04 100755 --- a/scripts/pantheon/drush-commands +++ b/scripts/pantheon/drush-commands @@ -19,7 +19,7 @@ fi echo "Starting environment deploy commands." # Update the Drupal database -terminus -n -vvv drush "$P_SITE.$P_ENV" -- updatedb -y +terminus -n drush "$P_SITE.$P_ENV" -- updatedb -y # Clear Drupal cache echo "Clearing Drupal cache." From 40079628eb743f071d708995912b81a084535c11 Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 28 Jun 2024 15:54:24 -0400 Subject: [PATCH 12/17] fix: correct unix timestamp to be in ms --- scripts/security-updates/automatic-update | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/security-updates/automatic-update b/scripts/security-updates/automatic-update index f76d6cc..9e5ebb3 100755 --- a/scripts/security-updates/automatic-update +++ b/scripts/security-updates/automatic-update @@ -7,7 +7,7 @@ echo "Updating projects" DIR=$(pwd) COMPOSER_CMD=$(which composer) NOW=$(date +'%F') -UNIX_TIMESTAMP=$(date -d "$NOW" '+%s') +UNIX_TIMESTAMP_MS=$(($(date -d "$NOW" '+%s')*1000)) cd $DIR source "./vendor/fourkitchens/pots/scripts/security-updates/4k-openai-lib.sh" BRANCH_NAME="feature/automated-sec-update-$NOW" @@ -274,7 +274,7 @@ if [[ $(security_updates_available) == "true" ]]; then } ], "description": "%s" - }' "$CU_TICKET_TITLE" "$UNIX_TIMESTAMP" "$CU_CLIENT_ID" "$CU_BODY_MESSAGE") + }' "$CU_TICKET_TITLE" "$UNIX_TIMESTAMP_MS" "$CU_CLIENT_ID" "$CU_BODY_MESSAGE") # Create the ticket and capture the response. RESPONSE=$( From c172cf9649ebe6c1c90a9eb237b0cf606bf0f021 Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 28 Jun 2024 17:24:03 -0400 Subject: [PATCH 13/17] fix: correct path for ticket template --- scripts/security-updates/automatic-update | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/security-updates/automatic-update b/scripts/security-updates/automatic-update index f626e19..e68b3df 100755 --- a/scripts/security-updates/automatic-update +++ b/scripts/security-updates/automatic-update @@ -244,7 +244,7 @@ if [[ $(security_updates_available) == "true" ]]; then # CU_TOKEN: Located in 1Pass. # CU_LEAD_EMAIL: Find lead in engagements database. - CU_BODY_MESSAGE=`cat ./scripts/security-updates/TICKET_TEMPLATE.md` + CU_BODY_MESSAGE=`cat ./vendor/fourkitchens/pots/scripts/security-updates/TICKET_TEMPLATE.md` # Replacing placeholders in the template. CU_BODY_MESSAGE=${CU_BODY_MESSAGE//\[SITE_NAME\]/$SITE_NAME} CU_BODY_MESSAGE=${CU_BODY_MESSAGE//\[PROJECTS\]/$CU_PROJECTS_UPDATED} From 1b967ed9dd4efcd607bac73b1244db783f37b624 Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 28 Jun 2024 17:48:57 -0400 Subject: [PATCH 14/17] update gitignore --- .gitignore | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitignore b/.gitignore index da505f3..a261958 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,3 @@ /vendor/ acli .circleci/scripts/security-updates/projects_to_update.txt -test-clickup-integration From c41adf67e155c8ab1b1b5eeba02410c91fe25c07 Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 28 Jun 2024 18:01:57 -0400 Subject: [PATCH 15/17] make project list generic --- scripts/security-updates/automatic-update | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/security-updates/automatic-update b/scripts/security-updates/automatic-update index e68b3df..25021b0 100755 --- a/scripts/security-updates/automatic-update +++ b/scripts/security-updates/automatic-update @@ -19,7 +19,7 @@ ADVISORIES=$(echo "$JSON_DATA" | jq '.advisories') MESSAGE="" TEST_STEPS="" -ZD_PROJECTS_UPDATED="" +PROJECTS_UPDATED="" # Helper function to check if branch exist on remote repository. gh_branch_exist () { @@ -85,7 +85,7 @@ if [[ $(security_updates_available) == "true" ]]; then # Building PR information. # Remove prefix "drupal/" from the project name AUX=${PROJECT//drupal\//''} - ZD_PROJECTS_UPDATED+="${AUX}, " + PROJECTS_UPDATED+="${AUX}, " if [ $AUX == 'core' ]; then AUX="- Update [${PROJECT}](https://www.drupal.org/project/drupal/releases)." else @@ -171,7 +171,7 @@ if [[ $(security_updates_available) == "true" ]]; then ZD_BODY_MESSAGE=`cat ./vendor/fourkitchens/pots/scripts/security-updates/TICKET_TEMPLATE.md` # Replacing placeholders in the template. ZD_BODY_MESSAGE=${ZD_BODY_MESSAGE//\[SITE_NAME\]/$SITE_NAME} - ZD_BODY_MESSAGE=${ZD_BODY_MESSAGE//\[PROJECTS\]/$ZD_PROJECTS_UPDATED} + ZD_BODY_MESSAGE=${ZD_BODY_MESSAGE//\[PROJECTS\]/$PROJECTS_UPDATED} # Scraping new line characters. ZD_BODY_MESSAGE=${ZD_BODY_MESSAGE//$'\n'/\\n} ZD_TICKET_TITLE="Security Updates Required For Your Website - ${SITE_NAME}" @@ -247,7 +247,7 @@ if [[ $(security_updates_available) == "true" ]]; then CU_BODY_MESSAGE=`cat ./vendor/fourkitchens/pots/scripts/security-updates/TICKET_TEMPLATE.md` # Replacing placeholders in the template. CU_BODY_MESSAGE=${CU_BODY_MESSAGE//\[SITE_NAME\]/$SITE_NAME} - CU_BODY_MESSAGE=${CU_BODY_MESSAGE//\[PROJECTS\]/$CU_PROJECTS_UPDATED} + CU_BODY_MESSAGE=${CU_BODY_MESSAGE//\[PROJECTS\]/$PROJECTS_UPDATED} # Scraping new line characters. CU_BODY_MESSAGE=${CU_BODY_MESSAGE//$'\n'/\\n} CU_TICKET_TITLE="Security Updates Required For Your Website - ${SITE_NAME}" From 4be425edb682314a5e7eb72a4f4fe65bff8c331f Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 28 Jun 2024 18:12:10 -0400 Subject: [PATCH 16/17] correct template --- scripts/security-updates/TICKET_TEMPLATE.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/security-updates/TICKET_TEMPLATE.md b/scripts/security-updates/TICKET_TEMPLATE.md index d7f3094..b8bb68f 100644 --- a/scripts/security-updates/TICKET_TEMPLATE.md +++ b/scripts/security-updates/TICKET_TEMPLATE.md @@ -1,9 +1,10 @@ -@@ -0,0 +1,9 @@ Hello! Security updates are required for some of the code that runs your website, [SITE_NAME]. + We''ll run the upgrade and the work will be billed to your flat-rate annual/monthly security updates account. In other words, this will not count towards your subscription hours. + Security updates are required for: [PROJECTS] These updates are being performed automatically, and we'll let you know when it is complete. From 28a5b4245e7f0397be3b55db5317e8cd5116b3d3 Mon Sep 17 00:00:00 2001 From: Charles Fannin Date: Fri, 20 Sep 2024 14:42:58 -0400 Subject: [PATCH 17/17] chore: remove zd ticket creation --- scripts/security-updates/automatic-update | 77 ----------------------- 1 file changed, 77 deletions(-) diff --git a/scripts/security-updates/automatic-update b/scripts/security-updates/automatic-update index 25021b0..dbd033e 100755 --- a/scripts/security-updates/automatic-update +++ b/scripts/security-updates/automatic-update @@ -153,83 +153,6 @@ if [[ $(security_updates_available) == "true" ]]; then exit 1 fi - if [ -n "${ZD_REQUESTER_ID}" -a -n "${ZD_TOKEN}" -a -n "${ZD_LEAD_EMAIL}" ]; then - echo "Creating security updates Zendesk Ticket." - echo "-------------------------------------------" - ZD_API=https://advomatic.zendesk.com/api/v2 - # group_id: 360007800612; Assigns the ticket to the security group. - # Environment variables; should be defined as CircleCI variables. - # ZD_REQUESTER_ID: Found by following the steps below. - # 1. Visit: https://advomatic.zendesk.com/agent/user_filters - # 2. Search for the user you need the requester ID for. - # 3. The user ID can be obtained from the user's url. - # e.g. https://advomatic.zendesk.com/agent/users/378771022972/requested_tickets - # e.g. Requester ID: 378771022972 - # ZD_TOKEN: Located in 1Pass. - # ZD_LEAD_EMAIL: Find lead in engagements database. - - ZD_BODY_MESSAGE=`cat ./vendor/fourkitchens/pots/scripts/security-updates/TICKET_TEMPLATE.md` - # Replacing placeholders in the template. - ZD_BODY_MESSAGE=${ZD_BODY_MESSAGE//\[SITE_NAME\]/$SITE_NAME} - ZD_BODY_MESSAGE=${ZD_BODY_MESSAGE//\[PROJECTS\]/$PROJECTS_UPDATED} - # Scraping new line characters. - ZD_BODY_MESSAGE=${ZD_BODY_MESSAGE//$'\n'/\\n} - ZD_TICKET_TITLE="Security Updates Required For Your Website - ${SITE_NAME}" - ZD_JSON_DATA=$(printf '{ - "ticket": { - "subject": "%s" , - "requester_id": "%s", - "group_id": 360007800612, - "priority": "high", - "type": "task", - "status": "new", - "tags": [ - "security-updates" - ], - "comment": { - "body": "%s" - }, - "custom_fields": [ - { - "id": 360002688411, - "value": null - }, - { - "id": 360027138451, - "value": null - }, - { - "id": 22966000, - "value": "Updates regarding security releases are completed." - }, - { - "id": 24204016, - "value": "Perform auto updates for security release." - }, - { - "id": 22966010, - "value": null - }, - { - "id": 360048728091, - "value": false - } - ] - } - }' "$ZD_TICKET_TITLE" "$ZD_REQUESTER_ID" "$ZD_BODY_MESSAGE") - - # Encoding ZD token. - ZD_AUTH=$(echo -n "${ZD_LEAD_EMAIL}/token:${ZD_TOKEN}" | openssl enc -A -base64) - curl ${ZD_API}/tickets \ - -X POST \ - -H "Content-Type: application/json" \ - -H "Authorization: Basic ${ZD_AUTH}" \ - -d "$ZD_JSON_DATA" - - echo "Zendesk Ticket successfully created." - echo "-------------------------------------------" - fi - # Create a ticket for ClickUp. if [ -n "${CU_REQUESTER_ID}" -a -n "${CU_TOKEN}" -a -n "${CU_LEAD_EMAIL}" ]; then