gaia 正在参加 2021 年度 OSC 中国开源项目评选,请投票支持!
gaia 在 2021 年度 OSC 中国开源项目评选 中已获得 {{ projectVoteCount }} 票,请投票支持!
2021 年度 OSC 中国开源项目评选 正在火热进行中,快来投票支持你喜欢的开源项目!
2021 年度 OSC 中国开源项目评选 >>> 中场回顾
gaia 获得 2021 年度 OSC 中国开源项目评选「最佳人气项目」 !
授权协议 Apache-2.0 License
开发语言 Python
操作系统 跨平台
软件类型 开源软件
所属分类 云计算云原生
开源组织
地区 不详
投 递 者 首席测试
适用人群 未知
收录时间 2021-11-10

软件简介

Build Status Go Report Card GoDoc Apache licensed Slack codecov

Gaia is an open source automation platform which makes it easy and fun to build powerful pipelines in any programming language. Based on HashiCorp's go-plugin and gRPC, gaia is efficient, fast, lightweight, and developer friendly.

Develop powerful pipelines with the help of SDKs and simply check-in your code into a git repository. Gaia automatically clones your code repository, compiles your code to a binary, and executes it on-demand. All results are streamed back and formatted as a user-friendly graphical output.

Check out gaia-pipeline.io to learn more.

Motivation

Automation Engineer, DevOps Engineer, SRE, Cloud Engineer, Platform Engineer - they all have one in common: The majority of tech people are not motivated to take up this work and they are hard to recruit.

One of the main reasons for this is the abstraction and poor execution of many automation tools. They come with their own configuration (YAML syntax) specification or limit the user to one specific programming language. Testing is nearly impossible because most automation tools lack the ability to mock services and subsystems. Even tiny things, for example parsing a JSON file, are sometimes really painful because external, outdated libraries were used and not included in the standard framework.

We believe it's time to remove all those abstractions and come back to our roots. Are you tired of writing endless lines of YAML-code? Are you sick of spending days forced to write in a language that does not suit you and is not fun at all? Do you enjoy programming in a language you like? Then Gaia is for you.

How does it work?

Gaia is based on HashiCorp's go-plugin. It's a plugin system that uses gRPC to communicate over HTTP/2. Initially, HashiCorp developed this tool for Packer but now it's heavily used by Terraform, Nomad, and Vault too.

Plugins, also called pipelines, are applications which can be written in any programming language, as long as gRPC is supported. All functions, also called jobs, are exposed to Gaia and can form up a dependency graph that describes the order of execution.

Pipelines can be compiled locally or simply over the integrated build system. Gaia clones the git repository and automatically builds the included pipeline. If a change (git push) happened, Gaia will automatically rebuild the pipeline for you*.

After a pipeline has been started, all log output is returned back to Gaia and displayed in a detailed overview with their final result status.

Gaia uses boltDB for storage. This makes the installation process super easy. No external database is currently required.

* This requires polling or webhook to be activated.

Screenshots

gaia login screenshot gaia overview screenshot gaia create pipeline screenshot gaia pipeline detailed screenshot gaia pipeline logs screenshot gaia Vault screenshot gaia settings screenshot

Getting Started

Installation

The installation of gaia is simple and often takes a few minutes.

Using docker

The following command starts gaia as a daemon process and mounts all data to the current folder. Afterwards, gaia will be available on the host system on port 8080. Use the standard user admin and password admin as initial login. It is recommended to change the password afterwards.

docker run -d -p 8080:8080 -v $PWD:/data gaiapipeline/gaia:latest

This uses the image with the latest tag which includes all required libraries and compilers for all supported languages. If you prefer a smaller image suited for your preferred language, have a look at the available docker image tags.

Manually

It is possible to install Gaia directly on the host system. This can be achieved by downloading the binary from the releases page.

Gaia will automatically detect the folder of the binary and will place all data next to it. You can change the data directory with the startup parameter -home-path if you want.

Using helm

If you haven't got an ingress controller pod yet, make sure that you have kube-dns or coredns enabled, run this command to set it up.

make kube-ingress

To init helm:

helm init

To deploy gaia:

make deploy-kube

Example Pipelines

Go

package main

import (
    "log"

    sdk "github.com/gaia-pipeline/gosdk"
)

// This is one job. Add more if you want.
func DoSomethingAwesome(args sdk.Arguments) error {
    log.Println("This output will be streamed back to gaia and will be displayed in the pipeline logs.")

    // An error occurred? Return it back so gaia knows that this job failed.
    return nil
}

func main() {
    jobs := sdk.Jobs{
        sdk.Job{
            Handler:     DoSomethingAwesome,
            Title:       "DoSomethingAwesome",
            Description: "This job does something awesome.",
        },
    }

    // Serve
    if err := sdk.Serve(jobs); err != nil {
        panic(err)
    }

}

Python

from gaiasdk import sdk
import logging

def MyAwesomeJob(args):
    logging.info("This output will be streamed back to gaia and will be displayed in the pipeline logs.")
    # Just raise an exception to tell Gaia if a job failed.
    # raise Exception("Oh no, this job failed!")

def main():
    logging.basicConfig(level=logging.INFO)
    myjob = sdk.Job("MyAwesomeJob", "Do something awesome", MyAwesomeJob)
    sdk.serve([myjob])

Java

package io.gaiapipeline;

import io.gaiapipeline.javasdk.*;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.logging.Logger;

public class Pipeline
{
    private static final Logger LOGGER = Logger.getLogger(Pipeline.class.getName());

    private static Handler MyAwesomeJob = (gaiaArgs) -> {
        LOGGER.info("This output will be streamed back to gaia and will be displayed in the pipeline logs.");
        // Just raise an exception to tell Gaia if a job failed.
        // throw new IllegalArgumentException("Oh no, this job failed!");
    };

    public static void main( String[] args )
    {
        PipelineJob myjob = new PipelineJob();
        myjob.setTitle("MyAwesomeJob");
        myjob.setDescription("Do something awesome.");
        myjob.setHandler(MyAwesomeJob);

        Javasdk sdk = new Javasdk();
        try {
            sdk.Serve(new ArrayList<>(Arrays.asList(myjob)));
        } catch (Exception ex) {
            ex.printStackTrace();
        }
    }
}

C++

#include "cppsdk/sdk.h"
#include <list>
#include <iostream>

void DoSomethingAwesome(std::list<gaia::argument> args) throw(std::string) {
   std::cerr << "This output will be streamed back to gaia and will be displayed in the pipeline logs." << std::endl;

   // An error occurred? Return it back so gaia knows that this job failed.
   // throw "Uhh something badly happened!"
}

int main() {
   std::list<gaia::job> jobs;
   gaia::job awesomejob;
   awesomejob.handler = &DoSomethingAwesome;
   awesomejob.title = "DoSomethingAwesome";
   awesomejob.description = "This job does something awesome.";
   jobs.push_back(awesomejob);

   try {
      gaia::Serve(jobs);
   } catch (string e) {
      std::cerr << "Error: " << e << std::endl;
   }
}

Ruby

require 'rubysdk'

class Main
    AwesomeJob = lambda do |args|
        STDERR.puts "This output will be streamed back to gaia and will be displayed in the pipeline logs."

        # An error occurred? Raise an exception and gaia will fail the pipeline.
        # raise "Oh gosh! Something went wrong!"
    end

    def self.main
        awesomejob = Interface::Job.new(title: "Awesome Job",
                                        handler: AwesomeJob,
                                        desc: "This job does something awesome.")

        begin
            RubySDK.Serve([awesomejob])
        rescue => e
            puts "Error occured: #{e}"
            exit(false)
        end
    end
end

Node.JS

const nodesdk = require('@gaia-pipeline/nodesdk');

function DoSomethingAwesome(args) {
    console.error('This output will be streamed back to gaia and will be displayed in the pipeline logs.');

    // An error occurred? Throw it back so gaia knows that this job failed.
    // throw new Error('My error message');
}

// Serve
try {
    nodesdk.Serve([{
        handler: DoSomethingAwesome,
        title: 'DoSomethingAwesome',
        description: 'This job does something awesome.'
    }]);
} catch (err) {
    console.error(err);
}

Pipelines are defined by jobs and a function usually represents a job. You can define as many jobs in your pipeline as you want.

Every function accepts arguments. Those arguments can be requested from the pipeline itself and the values are passed back in from the UI.

Some pipeline jobs need a specific order of execution. DependsOn allows you to declare dependencies for every job.

You can find real examples and more information on how to develop a pipeline in the docs.

Security

See the Documentation located here: security-docs.

Documentation and more

Please find the docs at https://docs.gaia-pipeline.io. We also have a tutorials section over there with examples and real use-case scenarios. For example, Kubernetes deployment with vault integration.

Questions and Answers (Q&A)

What problem solves Gaia?

Literally every tool that was designed for automation, continuous integration (CI), and continuous deployment (CD) like Spinnaker, Jenkins, Gitlab CI/CD, TravisCI, CircleCI, Codeship, Bamboo and many more, introduced their own configuration format. Some of them don't even support configuration/automation as code. This works well for simple tasks like running a go install or mvn clean install but in the real world there is more to do.

Gaia is the first platform that does not limit the user and provides full support for almost all common programming languages without losing the features offered by todays CI/CD tools.

What is a pipeline?

A pipeline is a real application with at least one function (we call it a Job). Every programming language can be used as long as gRPC is supported. We offer SDKs to support the development.

What is a job?

A job is a function, usually globally exposed to Gaia. Dependent on the dependency graph, Gaia will execute this function in a specific order.

Why do I need an SDK?

The SDK implements the Gaia plugin gRPC interface and offers helper functions like serving the gRPC-Server. This helps you to focus on the real problem instead of doing the boring stuff.

Which programming languages are supported?

We currently fully support Go, Java, Python, C++, Ruby and Node.JS.

When do you support programming language XYZ?

We are working hard to support as much programming languages as possible but our resources are limited and we are also mostly no experts in all programming languages. If you are willing to contribute, feel free to open an issue and start working.

Roadmap

Gaia is currently available as beta version.

Feel free to open a new GitHub issue to request a new feature.

Contributing

Gaia can only evolve and become a great product with the help of contributors. If you like to contribute, please have a look at our issues section. We do our best to mark issues for new contributors with the label good first issue.

If you think you found a good first issue, please consider this list as a short guide:

  • If the issue is clear and you have no questions, please leave a short comment that you started working on this. The issue will be usually blocked for two weeks for you to solve it.
  • If something is not clear or you are unsure what to do, please leave a comment so we can add more detailed description.
  • Make sure your development environment is configured and set up. You need Go installed on your machine and also nodeJS for the frontend. Clone this repository and run the make command inside the cloned folder. This will start the backend. To start the frontend you have to open a new terminal window and go into the frontend folder. There you run npm install and then npm run serve. This should automatically open a new browser window.
  • Before you start your work, you should fork this repository and push changes to your fork. Afterwards, send a merge request back to upstream.

Contact

If you have any questions feel free to contact us on slack.

展开阅读全文

代码

评论

点击引领话题📣 发布并加入讨论🔥
暂无内容
发表了博客
{{o.pubDate | formatDate}}

{{formatAllHtml(o.title)}}

{{parseInt(o.replyCount) | bigNumberTransform}}
{{parseInt(o.viewCount) | bigNumberTransform}}
没有更多内容
暂无内容
发表了问答
{{o.pubDate | formatDate}}

{{formatAllHtml(o.title)}}

{{parseInt(o.replyCount) | bigNumberTransform}}
{{parseInt(o.viewCount) | bigNumberTransform}}
没有更多内容
暂无内容
@hapi/hoek 存在原型污染漏洞
原型污染
@hapi/hoek 是 hapi 生态系统的实用方法包。此包的受影响版本容易受到原型污染。
MPS-2022-13742
2022-08-08 18:20
node-forge 存在原型污染漏洞
原型污染
node-forge 是网络传输、密码学、密码、PKI、消息摘要和各种实用程序的 JavaScript 实现。此软件包的受影响版本容易受到通过伪造的原型污染。
MPS-2022-13920
2022-08-08 18:20
Unshiftio Url-parse 访问控制错误漏洞
Url-Parse是一个跨 Node.js 和浏览器环境无缝工作的小型 Url 解析器。 Unshiftio Url-parse 中存在访问控制错误漏洞,该漏洞源于产品对用户控制的密钥缺少有效的保护机制。攻击者可通过该漏洞绕过授权。以下产品及版本受到影响:Unshiftio Url-parse 1.5.9 之前版本。
CVE-2022-0691 MPS-2022-4474
2022-08-08 18:20
Highlightjs 安全漏洞
MAID
Highlight.js 是一个用 JavaScript 编写的语法高亮器。 Highlight.js 9.18.2 和 10.1.2 之前的版本容易受到原型污染。可以制作恶意 HTML 代码块,在突出显示期间导致基础对象原型的原型污染。如果您允许用户通过解析 Markdown 代码块(或类似代码块)将自定义 HTML 代码块插入您的页面/应用程序,并且不过滤用户可以提供的语言名称,您可能会受到攻击。污染应该只是无害的数据,但这可能会导致不期望这些属性存在的应用程序出现问题,并可能导致奇怪的行为或应用程序崩溃,即潜在的 DOS 向量。如果您的网站或应用程序不呈现用户提供的数据,它应该不受影响。版本 9.18.2 和 10.1.2 及更高版本包括针对此漏洞的修复。如果您使用的是版本 7 或 8,我们鼓励您升级到较新的版本。
CVE-2020-26237 MPS-2020-16772
2022-08-08 18:20
trim-newlines 安全漏洞
拒绝服务
trim-newlines是一个修改换行符的npm包。 trim-newlines 存在安全漏洞,该漏洞源于应用于Node.js在3.0.1与4.0.1版本及之前版本中.end()方法存在相关问题。
CVE-2021-33623 MPS-2021-7398
2022-08-08 18:20
go.uuid 安全特征问题漏洞
使用具有密码学弱点缺陷的PRNG
go.uuid是一个用于 Go 的 UUID 包。这个包提供了通用唯一标识符 (UUID) 的纯 Go 实现。支持 UUID 的创建和解析。 go.uuid存在安全漏洞,该漏洞源于g.rand.Read函数中存在不安全的随机性导致攻击者可利用该漏洞可以预测生成的uuid。。
CVE-2021-3538 MPS-2021-7854
2022-08-08 18:20
serialize-javascript 代码问题漏洞
反序列化
Verizon serialize-javascript是美国威瑞森电信(Verizon)公司的一款支持将JavaScript序列化为 JSON超集的软件包。 serialize-javascript 3.1.0之前版本中存在代码问题漏洞。远程攻击者可借助index.js文件中的‘deleteFunctions’函数利用该漏洞注入任意代码。
CVE-2020-7660 MPS-2020-7976
2022-08-08 18:20
shelljs 安全漏洞
特权管理不恰当
shelljs是基于Node.js API 的 Unix shell 命令的可移植(Windows/Linux/OS X)实现。 shelljs存在安全漏洞,该漏洞源于不适当的权限管理,攻击者可利用该漏洞进行越权访问。
CVE-2022-0144 MPS-2022-0508
2022-08-08 18:20
node-forge 输入验证错误漏洞
动态确定对象属性修改的控制不恰当
node-forge是一个应用软件。一个用于 node-forge 的 WebJar。 所有版本的node-forge软件包都易于通过setPath函数受到原型污染。
CVE-2020-7720 MPS-2020-12281
2022-08-08 18:20
npm CLI 路径遍历漏洞
路径遍历
6.13.3 之前的 npm CLI 版本容易受到任意文件写入的攻击。它无法阻止通过 bin 字段访问预期的 node_modules 文件夹之外的文件夹。 package.json bin 字段中正确构造的条目将允许包发布者在安装包时修改和/或访问用户系统上的任意文件。通过安装脚本仍然可以实现此行为。此漏洞绕过使用 --ignore-scripts 安装选项的用户。
CVE-2019-16776 MPS-2019-16249
2022-08-08 18:20
Ajv 输入验证错误漏洞
输入验证不恰当
Ajv 6.12.2版本中的ajv.validate()函数中存在输入验证错误漏洞。攻击者可利用该漏洞执行代码或造成拒绝服务。
CVE-2020-15366 MPS-2020-10525
2022-08-08 18:20
Digital Bazaar Forge 输入验证错误漏洞
跨站重定向
Digital Bazaar Forge是美国Digital Bazaar公司的一个 Tls 在 Javascript 中的本机实现以及用于编写基于加密和网络密集型 Web 应用程序的开源工具。 Digital Bazaar Forge 中存在输入验证错误漏洞,该漏洞源于产品允许URL重定向到不受信任的站点。
CVE-2022-0122 MPS-2022-0421
2022-08-08 18:20
nodejs 资源管理错误漏洞
拒绝服务
nodejs是是一个基于ChromeV8引擎的JavaScript运行环境通过对Chromev8引擎进行了封装以及使用事件驱动和非阻塞IO的应用让Javascript开发高性能的后台应用成为了可能。 nodejs-glob-parent 存在安全漏洞,该漏洞源于正则表达式拒绝服务。
CVE-2020-28469 MPS-2021-7827
2022-08-08 18:20
follow-redirects project信息暴露漏洞
信息暴露
Exposure of Sensitive Information to an Unauthorized Actor in NPM follow-redirects prior to 1.14.8.
CVE-2022-0536 MPS-2022-3636
2022-08-08 18:20
Npm Node-tar 后置链接漏洞
node-tar是一款用于文件压缩/解压缩的软件包。 Npm Node-tar 中存在后置链接漏洞,该漏洞源于产品未对特殊字符做有效验证。攻击者可通过该漏洞在其他路径创建恶意文件。
CVE-2021-37701 MPS-2021-28486
2022-08-08 18:20
Moment.js 路径遍历漏洞
路径遍历
Moment.js 是一个 JavaScript 日期库。用于解析、验证、操作和格式化日期。 Moment.js 的 npm 版本中处理目录遍历序列时对于输入验证不严格导致可以构造特制的 HTTP 请求读取系统上的任意文件。 攻击者可利用该漏洞访问系统敏感文件。
CVE-2022-24785 MPS-2022-3752
2022-08-08 18:20
npm bl 缓冲区错误漏洞
跨界内存读
npm bl 4.x系列中4.0.3之前版本,3.x系列中3.0.1之前版本,2.x系列中2.2.1之前版本存在安全漏洞,攻击者可以通过恶意输入导致越界读。
CVE-2020-8244 MPS-2020-12199
2022-08-08 18:20
uglify-js 存在ReDoS漏洞
ReDoS
uglify-js 是一个 JavaScript 解析器、压缩器、压缩器和美化工具包。此软件包的受影响版本容易通过 string_template 和 decode_template 函数受到正则表达式拒绝服务 (ReDoS) 的攻击。
MPS-2022-14112
2022-08-08 18:20
NPM url-parse授权绕过漏洞
Url-Parse是一个跨Node.js和浏览器环境无缝工作的小型Url解析器。NPM url-parse 1.5.8之前版本存在授权绕过漏洞,攻击者可利用该漏洞通过用户控制的密钥绕过授权。
CVE-2022-0686 MPS-2022-4464
2022-08-08 18:20
dns-packet 信息泄露漏洞
资源初始化缺失
dns-packet是一个应用软件。一个抽象的编码为编码/解码DNS数据包的依从模型。 dns-packet 5.2.2之前版本存在安全漏洞,该漏洞源于使用allocUnsafe创建缓冲区,并且在形成网络数据包之前并不总是填充它们。
CVE-2021-23386 MPS-2021-7013
2022-08-08 18:20
没有更多内容
加载失败,请刷新页面
点击加载更多
加载中
下一页
0 评论
0 收藏
分享
OSCHINA
登录后可查看更多优质内容
返回顶部
顶部