Homebrew formula

[nitrocode]

Hi. I'd like to see a brew install parliament here. It would be nice to have in our brew arsenal along with policy_sentry and iam-policy-json-to-terraform.

Thanks for a nice script!

[0xdabbad00]

This had been raised in the past in https://github.com/duo-labs/parliament/pull/111

Basically, although it shouldn't be much work for me, the more work this project involves for me, especially outside of the core goals, the less likely it is to be well-maintained. So I'm going to close this, as won't fix/do.

[nitrocode]

All the tickets shouldn't fall only upon your shoulders. That would defeat the purpose of an open source project.

Can't the ticket be left open for a future contributor ?

[kmcquade]

@0xdabbad00 - I will say, for my other repos that use this approach... It's very much zero effort on the maintainer's part. When a new release is pushed, I don't have to do anything - it does it automagically. Personally, I've found that it significantly increases the user base of my tools.

I've done this for both Policy Sentry and Cloudsplaining. I would be happy to submit a PR that does the same for Parliament.

It basically just adds this on:

https://github.com/salesforce/policy_sentry/blob/master/.github/workflows/publish.yml#L65-L89

Let me know. Happy to submit a PR.

[BastianZim]

Just to add, I would not go with the approach in #111 because it goes with a custom tap. The project should be popular enough to be added to homebrew core so there would be no extra work to the maintainers. The only necessary upkeep is updating the formula which can be done by the community through brew bump-formula-pr or as outlined by @kmcquade.

[kmcquade]

@BastianZim ... I mean, there is no work for the maintainers as-is in the approach outlined in #111. It just adds one command to the installation process for the user which is fine imho.

I'll just submit a PR to match the approach in #111. This will be simple.

[kmcquade]

It would be nice to have in our brew arsenal along with policy_sentry and iam-policy-json-to-terraform.

@nitrocode - separately, I'd love to hear about this and how you are using these tools :). Feel free to ping me on Twitter or the Cloud security forum slack.

[BastianZim]

@kmcquade Yeah you‘re right, I just wanted to mention it in case @0xdabbad00 really doesn‘t want anything connected to the repo. That would‘ve been an approach for that case but using a tap is fine as well, when automating the updates.

Just out of interest though, any reason why you would not want to submit this directly to homebrew?

[kmcquade]

@BastianZim Uh, because I haven't submitted it directly to homebrew before and it was a copy/paste job from one of my OSS repos where I've done the automated custom homebrew tap before? 😁 lol

[BastianZim]

@kmcquade Haha makes sense, I thought it was something with parliament itself. Just as an FYI though, I started a discussion at homebrew to ask if this would be something they'd accept (https://github.com/Homebrew/discussions/discussions/613) since creating a formula is doable with poet but I'm not sure if they accept it since it's also a library. So depending on the outcome, I'd volunteer to try to create a proper formula. But a custom tap might still be preferable because I have no idea how long that's gonna take me. 😅

[BastianZim]

Was easier than expected, parliament is now available via the normal homebrew-core tab https://github.com/Homebrew/homebrew-core/pull/69770 This is supported by the community and homebrew, so no involvement is required from the parliament maintainers.

[BastianZim]

Since it's now available via the official tap, I'd suggest switching #170 to the official action: https://github.com/dawidd6/action-homebrew-bump-formula. @kmcquade Let me know if you'd like me to make a pr. This should keep it automatically updated at all times, although a failure would mean that no one would be requested to fix it, except for the person whose token is used to initiate the pr. So before implementing this, it would first need to be discussed, if that's acceptable/ if someone is willing to be the point-of-contact. If not, updating should be left to the community.

[nitrocode]

I've used poet in the past for python formula and it worked out very well. The most difficult thing about adding official homebrew formula is coming up with a non --version test.

[BastianZim]

Haha true! Have you tried yet if you can already download parliament using brew? I'm able to but it doesn't yet show up in their website search so just wanted to double check.

[nitrocode]

Yes! It worked. I didn't realize it was already added. Thank you very much @BastianZim .

✗ brew install parliament
==> Downloading https://homebrew.bintray.com/bottles/parliament-1.3.1.catalina.bottle.tar.gz
==> Downloading from https://d29vzk4ow07wi7.cloudfront.net/8055e860ac18dc826c696a9a8f81360f9aef83f5118cadb4ab25139aae9f87f9?response-content-disposition=attachment%3Bfilename%3D%22parliament-1.3.1.catalina.bottle.tar.gz%22&Policy=ey
######################################################################## 100.0%
==> Pouring parliament-1.3.1.catalina.bottle.tar.gz
🍺  /usr/local/Cellar/parliament/1.3.1: 1,792 files, 67.0MB

✗ which parliament
/usr/local/bin/parliament

[BastianZim]

Awesome, glad to hear!