slackに脆弱性情報をpost

function send_to_slack($message){
	$webhook_url = 'https://hooks.slack.com/services/hogehoge';
	$options = array(
		'http' => array(
		'method' => 'POST',
		'header' => 'Content-Type: application/json',
		'content' => json_encode($message),
	  )
	);
	$response = file_get_contents($webhook_url, false, stream_context_create($options));
	return $response === 'ok';
}

$message = array(
	'channel' => '#general',
	'username' => '脆弱性情報',
	'icon_emoji' => ':warning:',
	'text' => $string,
);

send_to_slack($message);

おおおおおおお、できたー

とりあえず、リファクタリングしよう

ipa RSSを取得

<?php 
$target_day = date('Y/m/d', strtotime('-1 day'));
$xml = "https://jvndb.jvn.jp/ja/rss/jvndb_new.rdf";

$xmlData = simplexml_load_file($xml);
foreach ($xmlData->item as $entry){
  $dc = $entry->children('http://purl.org/dc/elements/1.1/');
  $day = date('Y/m/d', strtotime($dc->date));
  if($day == $target_day){
      $string.= date('Y/m/d h:i', strtotime($dc->date))."<br>";
      $string.= $entry->title."<br>";
      $string.= $entry->link."<br>";
  }
}
?>
<html>
<body>
	<?php echo $string; ?>
</body>
</html>

OK、次はslack webhook

Herokuの料金体系とは

さて、Herokuの料金体系はどうなっているのでしょうか?
Herokuというと、何となく「無料」のサーバーという概念が強かったのですが、Heroku Schedulerを使用しようとしたところ、クレジットカードの登録を要求されて、無料版と有料版があるということを理解。

Herokuの運営がSalesforceなので、やや不安が残るというか、変な課金のされ方をしないか心配ではある。

では早速見ていこう。以下のように○○ free dyno hours(○%) used this monthとあり、AWSのように容量課金ではなく、時間単位の課金のようだ。

ちなみに、このfree dynoは月550時間使えることが見て取れる。

そしてこのfree dynoはクレジットカードを登録すると、月1000時間使えるようになる。約2倍。何んかだいぶいい加減だな。

では早速クレジットカードを登録してみましょう。
登録後は、以下のように、free dyno houresが1000に増えていることがわかります。

で、Heroku Scheduler は Web Dynoとは別のOne-Off Dynoという仮想環境で実行される。で、One-Off Dynoで使用された時間はfree dyno houresから引かれる。つまり、cronだけで使うなら、約1/2時間になるイメージだろう。

続いて、Heroku Schedulerを登録していこう。

Your PostgreSQL is too old

[vagrant@localhost ipa]$ yum list installed | grep postgres
postgresql.x86_64 8.4.20-8.el6_9 @base
postgresql-devel.x86_64 8.4.20-8.el6_9 @base
postgresql-libs.x86_64 8.4.20-8.el6_9 @base
postgresql96.x86_64 9.6.15-1PGDG.rhel6 @pgdg96
postgresql96-devel.x86_64 9.6.15-1PGDG.rhel6 @pgdg96
postgresql96-libs.x86_64 9.6.15-1PGDG.rhel6 @pgdg96
postgresql96-server.x86_64 9.6.15-1PGDG.rhel6 @pgdg96

psqlが8.4を読み込んでいるため、「Your PostgreSQL is too old」のエラーが出る

まず、psqlにログインして、実行ファイルを探します
[vagrant@localhost ipa]$ su – postgres
パスワード:
-bash-4.1$ which -a psql
/usr/bin/psql

Heroku scheduler

[vagrant@localhost heroku]$ heroku addons:create scheduler:standard
Creating scheduler:standard on ⬢ peaceful-garden-15590… !
▸ Please verify your account to install this add-on plan (please enter a credit card) For more information, see
▸ https://devcenter.heroku.com/categories/billing Verify now at https://heroku.com/verify
[vagrant@localhost heroku]$ heroku addons:open scheduler
▸ Couldn’t find that add on.

あれ、何で?
コンソールにログインして見ましょう。

Heroku schedulerって金かかるの?

Herokuにdeploy

[vagrant@localhost local]$ mkdir heroku
[vagrant@localhost local]$ cd heroku
[vagrant@localhost heroku]$ ls
[vagrant@localhost heroku]$ touch index.php
[vagrant@localhost heroku]$ touch composer.json
[vagrant@localhost heroku]$ ls
composer.json index.php
[vagrant@localhost heroku]$ git init
Initialized empty Git repository in /home/vagrant/local/heroku/.git/
[vagrant@localhost heroku]$ git add .
[vagrant@localhost heroku]$ git commit -m “Hello heroku commit”
[master (root-commit) 683c29e] Hello heroku commit
Committer: vagrant
Your name and email address were configured automatically based
on your username and hostname. Please check that they are accurate.
You can suppress this message by setting them explicitly:

git config –global user.name “Your Name”
git config –global user.email you@example.com

If the identity used for this commit is wrong, you can fix it with:

git commit –amend –author=’Your Name

1 files changed, 3 insertions(+), 0 deletions(-)
create mode 100644 composer.json
create mode 100644 index.php
[vagrant@localhost heroku]$ heroku create
Creating app… done, ⬢ peaceful-garden-15590
https://peaceful-garden-15590.herokuapp.com/ | https://git.heroku.com/peaceful-garden-15590.git
[vagrant@localhost heroku]$ git push heroku master
Counting objects: 4, done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (4/4), 295 bytes, done.
Total 4 (delta 0), reused 0 (delta 0)
remote: Compressing source files… done.
remote: Building source:
remote:
remote: —–> PHP app detected
remote:
remote: NOTICE: Your ‘composer.json’ is completely empty!
remote:
remote: A completely empty file is not a valid JSON document.
remote:
remote: Heroku automatically corrected this problem, but it is strongly
remote: recommended you change the contents to at least ‘{}’.
remote:
remote: For documentation on Composer and dependency management, check
remote: out the introduction at https://getcomposer.org/doc/00-intro.md
remote:
remote: —–> Bootstrapping…
remote: —–> Installing platform packages…
remote: NOTICE: No runtime required in composer.lock; using PHP ^7.0.0
remote: – php (7.3.8)
remote: – apache (2.4.39)
remote: – nginx (1.16.0)
remote: —–> Installing dependencies…
remote: Composer version 1.9.0 2019-08-02 20:55:32
remote: —–> Preparing runtime environment…
remote: NOTICE: No Procfile, using ‘web: heroku-php-apache2’.
remote: —–> Checking for additional extensions to install…
remote: —–> Discovering process types
remote: Procfile declares types -> web
remote:
remote: —–> Compressing…
remote: Done: 15.7M
remote: —–> Launching…
remote: Released v3
remote: https://peaceful-garden-15590.herokuapp.com/ deployed to Heroku
remote:
remote: Verifying deploy… done.
To https://git.heroku.com/peaceful-garden-15590.git
* [new branch] master -> master

ほう、rubyじゃなくてもいけるやんか。
で、Herokuでcronってどうやるんだ?

あれ、Heroku Schedulerで行けそう?? もしかして^^

.bash_profile

– 設定ファイル
– ログインした時に読み込まれる
– ログインシェルがbashの状態でログインした時に読み込まれる
– bash_profileはログインした直後のホームディレクトリにある

なんかエラーが出ている

[vagrant@localhost rails]$ gem install pg -v ‘1.1.4’
Building native extensions. This could take a while…
ERROR: Error installing pg:
ERROR: Failed to build gem native extension.

current directory: /home/vagrant/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/pg-1.1.4/ext
/home/vagrant/.rbenv/versions/2.3.1/bin/ruby -I /home/vagrant/.rbenv/versions/2.3.1/lib/ruby/site_ruby/2.3.0 -r ./siteconf20190809-24267-2gatu1.rb extconf.rb
checking for pg_config… no
No pg_config… trying anyway. If building fails, please try again with
–with-pg-config=/path/to/pg_config
checking for libpq-fe.h… no
Can’t find the ‘libpq-fe.h header
*** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of necessary
libraries and/or headers. Check the mkmf.log file for more details. You may
need configuration options.

Provided configuration options:
–with-opt-dir
–without-opt-dir
–with-opt-include
–without-opt-include=${opt-dir}/include
–with-opt-lib
–without-opt-lib=${opt-dir}/lib
–with-make-prog
–without-make-prog
–srcdir=.
–curdir
–ruby=/home/vagrant/.rbenv/versions/2.3.1/bin/$(RUBY_BASE_NAME)
–with-pg
–without-pg
–enable-windows-cross
–disable-windows-cross
–with-pg-config
–without-pg-config
–with-pg_config
–without-pg_config
–with-pg-dir
–without-pg-dir
–with-pg-include
–without-pg-include=${pg-dir}/include
–with-pg-lib
–without-pg-lib=${pg-dir}/lib

To see why this extension failed to compile, please check the mkmf.log which can be found here:

/home/vagrant/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/extensions/x86_64-linux/2.3.0-static/pg-1.1.4/mkmf.log

extconf failed, exit code 1

Gem files will remain installed in /home/vagrant/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/pg-1.1.4 for inspection.
Results logged to /home/vagrant/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/extensions/x86_64-linux/2.3.0-static/pg-1.1.4/gem_make.out
[vagrant@localhost rails]$ find ~/.rbenv | grep mkmf.log
/home/vagrant/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/extensions/x86_64-linux/2.3.0-static/msgpack-1.3.1/mkmf.log
/home/vagrant/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/extensions/x86_64-linux/2.3.0-static/pg-1.1.4/mkmf.log
/home/vagrant/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/extensions/x86_64-linux/2.3.0-static/nio4r-2.4.0/mkmf.log
/home/vagrant/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/extensions/x86_64-linux/2.3.0-static/ffi-1.11.1/mkmf.log
/home/vagrant/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/extensions/x86_64-linux/2.3.0-static/nokogiri-1.10.3/mkmf.log
[vagrant@localhost rails]$ cat /home/vagrant/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/extensions/x86_64-linux/2.3.0-static/pg-1.1.4/mkmf.log
find_executable: checking for pg_config… ——————– no

——————–

find_header: checking for libpq-fe.h… ——————– no

“gcc -o conftest -I/home/vagrant/.rbenv/versions/2.3.1/include/ruby-2.3.0/x86_64-linux -I/home/vagrant/.rbenv/versions/2.3.1/include/ruby-2.3.0/ruby/backward -I/home/vagrant/.rbenv/versions/2.3.1/include/ruby-2.3.0 -I. -I/home/vagrant/.rbenv/versions/2.3.1/include -O3 -fno-fast-math -ggdb3 -Wall -Wextra -Wno-unused-parameter -Wno-parentheses -Wno-long-long -Wno-missing-field-initializers -Wunused-variable -Wpointer-arith -Wwrite-strings -Wdeclaration-after-statement -Wimplicit-function-declaration -Wdeprecated-declarations -Wno-packed-bitfield-compat conftest.c -L. -L/home/vagrant/.rbenv/versions/2.3.1/lib -Wl,-R/home/vagrant/.rbenv/versions/2.3.1/lib -L. -L/home/vagrant/.rbenv/versions/2.3.1/lib -fstack-protector -rdynamic -Wl,-export-dynamic -Wl,-R/home/vagrant/.rbenv/versions/2.3.1/lib -L/home/vagrant/.rbenv/versions/2.3.1/lib -lruby-static -lpthread -lrt -ldl -lcrypt -lm -lc”
checked program was:
/* begin */
1: #include “ruby.h”
2:
3: int main(int argc, char **argv)
4: {
5: return 0;
6: }
/* end */

“gcc -E -I/home/vagrant/.rbenv/versions/2.3.1/include/ruby-2.3.0/x86_64-linux -I/home/vagrant/.rbenv/versions/2.3.1/include/ruby-2.3.0/ruby/backward -I/home/vagrant/.rbenv/versions/2.3.1/include/ruby-2.3.0 -I. -I/home/vagrant/.rbenv/versions/2.3.1/include -O3 -fno-fast-math -ggdb3 -Wall -Wextra -Wno-unused-parameter -Wno-parentheses -Wno-long-long -Wno-missing-field-initializers -Wunused-variable -Wpointer-arith -Wwrite-strings -Wdeclaration-after-statement -Wimplicit-function-declaration -Wdeprecated-declarations -Wno-packed-bitfield-compat conftest.c -o conftest.i”
conftest.c:3:22: error: libpq-fe.h: そのようなファイルやディレクトリはありません
checked program was:
/* begin */
1: #include “ruby.h”
2:
3: #include /* end */

——————–
え?

ターミナルベースでherokuにログイン

[vagrant@localhost ~]$ heroku –version
heroku/7.27.1 linux-x64 node-v11.14.0
[vagrant@localhost ~]$ heroku login
heroku: Press any key to open up the browser to login or q to exit:
Opening browser to https://cli-auth.heroku.com/auth/browser/54d1a025-4f83-4774-93e8-afe0faba719a
› Warning: Cannot open browser.
heroku: Waiting for login… ⣯
^C
[vagrant@localhost ~]$ heroku login –interactive
heroku: Enter your login credentials
Email: