diff --git a/.github/workflows/acceptance.yml b/.github/workflows/acceptance.yml index e2c2f45..16b8f3f 100644 --- a/.github/workflows/acceptance.yml +++ b/.github/workflows/acceptance.yml @@ -17,7 +17,7 @@ jobs: has_change: ${{ steps.diff.outputs.has_change}} steps: - - uses: actions/checkout@7884fcad6b5d53d10323aee724dc68d8b9096a2e # pin@v2 + - uses: actions/checkout@v3 - id: fetch-base if: github.event_name == 'pull_request' @@ -65,9 +65,9 @@ jobs: run: | echo "✅ Bypassing acceptance tests - they are not required for this change" - - name: Check out code + - name: checkout if: ${{ needs.changes.outputs.has_change == 'true' }} - uses: actions/checkout@7884fcad6b5d53d10323aee724dc68d8b9096a2e # pin@v2 + uses: actions/checkout@v3 # Use Docker layer caching for 'docker build' and 'docker-compose build' commands. # https://github.com/satackey/action-docker-layer-caching/releases/tag/v0.0.11 diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..1f69d66 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,41 @@ +name: build + +on: + push: + branches: + - main + pull_request: + branches: + - main + workflow_call: + +permissions: + contents: read + +jobs: + build: + name: build + runs-on: ubuntu-latest + + steps: + - name: checkout + uses: actions/checkout@v3 + + - uses: ruby/setup-ruby@250fcd6a742febb1123a77a841497ccaa8b9e939 # pin@v1.152.0 + with: + bundler-cache: true + + - name: bootstrap + run: script/bootstrap + + - name: build + run: | + GEM_NAME=$(ls | grep gemspec | cut -d. -f1) + echo "Attempting to build gem $GEM_NAME..." + gem build $GEM_NAME + if [ $? -eq 0 ]; then + echo "Gem built successfully!" + else + echo "Gem build failed!" + exit 1 + fi diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index eec268e..5a8b251 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -1,4 +1,4 @@ -name: "CodeQL" +name: CodeQL on: push: @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@7884fcad6b5d53d10323aee724dc68d8b9096a2e # pin@v2 + uses: actions/checkout@v3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/gem.yml b/.github/workflows/gem.yml new file mode 100644 index 0000000..d724ffa --- /dev/null +++ b/.github/workflows/gem.yml @@ -0,0 +1,61 @@ +name: release + +on: + workflow_dispatch: + push: + branches: + - main + paths: + - lib/version.rb + +permissions: + contents: write + packages: write + +jobs: + release: + runs-on: ubuntu-latest + + steps: + - name: checkout + uses: actions/checkout@v3 + + - uses: ruby/setup-ruby@250fcd6a742febb1123a77a841497ccaa8b9e939 # pin@v1.152.0 + with: + bundler-cache: true + + - name: bootstrap + run: script/bootstrap + + - name: lint + run: bundle exec rubocop -c .rubocop.yml lib/ spec/ + + - name: test + run: script/test + + - name: set GEM_NAME from gemspec + run: echo "GEM_NAME=$(ls | grep gemspec | cut -d. -f1)" >> $GITHUB_ENV + + # builds the gem and saves the version to GITHUB_ENV + - name: build + run: echo "GEM_VERSION=$(gem build ${{ env.GEM_NAME }}.gemspec 2>&1 | grep Version | cut -d':' -f 2 | tr -d " \t\n\r")" >> $GITHUB_ENV + + - name: publish to GitHub packages + run: | + export OWNER=$( echo ${{ github.repository }} | cut -d "/" -f 1 ) + GEM_HOST_API_KEY=${{ secrets.GITHUB_TOKEN }} gem push --KEY github --host https://rubygems.pkg.github.com/${OWNER} ${{ env.GEM_NAME }}-${{ env.GEM_VERSION }}.gem + + - name: release + uses: ncipollo/release-action@a2e71bdd4e7dab70ca26a852f29600c98b33153e # pin@v1.12.0 + with: + artifacts: "${{ env.GEM_NAME }}-${{ env.GEM_VERSION }}.gem" + tag: "v${{ env.GEM_VERSION }}" + generateReleaseNotes: true + + - name: Publish to RubyGems + run: | + mkdir -p ~/.gem + echo -e "---\n:rubygems_api_key: ${{ secrets.RUBYGEMS_API_KEY }}" > ~/.gem/credentials + chmod 0600 ~/.gem/credentials + gem push ${{ env.GEM_NAME }}-${{ env.GEM_VERSION }}.gem + rm ~/.gem/credentials diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 3ed1ba5..37f21e9 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -14,12 +14,11 @@ jobs: contents: read steps: - - name: Check out code - uses: actions/checkout@7884fcad6b5d53d10323aee724dc68d8b9096a2e # pin@v2 + - name: checkout + uses: actions/checkout@v3 - - uses: ruby/setup-ruby@8029ebd6e5bd8f4e0d6f7623ea76a01ec5b1010d # pin@v1.110.0 + - uses: ruby/setup-ruby@250fcd6a742febb1123a77a841497ccaa8b9e939 # pin@v1.152.0 with: - ruby-version: 3.1.2 bundler-cache: true - name: rubocop diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index edc9e15..7833f83 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -14,12 +14,11 @@ jobs: contents: read steps: - - name: Check out code - uses: actions/checkout@7884fcad6b5d53d10323aee724dc68d8b9096a2e # pin@v2 + - name: checkout + uses: actions/checkout@v3 - - uses: ruby/setup-ruby@8029ebd6e5bd8f4e0d6f7623ea76a01ec5b1010d # pin@v1.110.0 + - uses: ruby/setup-ruby@250fcd6a742febb1123a77a841497ccaa8b9e939 # pin@v1.152.0 with: - ruby-version: 3.1.2 bundler-cache: true - name: rspec tests diff --git a/.rubocop.yml b/.rubocop.yml index f2a38d8..5ae9443 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -3,8 +3,9 @@ inherit_gem: - config/default.yml AllCops: + SuggestExtensions: false DisplayCopNames: true - TargetRubyVersion: 2.7.5 + TargetRubyVersion: 3.1 Exclude: - 'bin/*' - 'spec/acceptance/fixtures/**/*' diff --git a/Gemfile.lock b/Gemfile.lock index a850abb..d43d3bf 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,19 +1,19 @@ PATH remote: . specs: - entitlements-gitrepo-auditor-plugin (0.2.1) + entitlements-gitrepo-auditor-plugin (0.3.0) contracts (= 0.17) entitlements (= 0.2.0) GEM remote: https://rubygems.org/ specs: - activesupport (7.0.3.1) + activesupport (7.0.7.2) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) tzinfo (~> 2.0) - addressable (2.8.1) + addressable (2.8.5) public_suffix (>= 2.0.2, < 6.0) ast (2.4.2) concurrent-ruby (1.1.9) @@ -28,29 +28,31 @@ GEM net-ldap (~> 0.17) octokit (~> 4.18) optimist (= 3.0.0) - faraday (2.5.2) + faraday (2.7.10) faraday-net_http (>= 2.0, < 3.1) ruby2_keywords (>= 0.0.4) - faraday-net_http (3.0.0) + faraday-net_http (3.0.2) hashdiff (1.0.1) - i18n (1.12.0) + i18n (1.14.1) concurrent-ruby (~> 1.0) - json (2.6.2) - minitest (5.16.3) - net-ldap (0.17.1) + json (2.6.3) + minitest (5.19.0) + net-ldap (0.18.0) octokit (4.25.1) faraday (>= 1, < 3) sawyer (~> 0.9) optimist (3.0.0) - parallel (1.22.1) - parser (3.1.2.1) + parallel (1.23.0) + parser (3.2.2.3) ast (~> 2.4.1) - public_suffix (5.0.0) - rack (2.2.4) + racc + public_suffix (5.0.3) + racc (1.7.1) + rack (3.0.8) rainbow (3.1.1) rake (13.0.6) - regexp_parser (2.5.0) - rexml (3.2.5) + regexp_parser (2.8.1) + rexml (3.2.6) rspec (3.8.0) rspec-core (~> 3.8.0) rspec-expectations (~> 3.8.0) @@ -73,8 +75,8 @@ GEM rubocop-ast (>= 1.17.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 3.0) - rubocop-ast (1.21.0) - parser (>= 3.1.1.0) + rubocop-ast (1.29.0) + parser (>= 3.2.1.0) rubocop-github (0.17.0) rubocop rubocop-performance @@ -86,7 +88,7 @@ GEM activesupport (>= 4.2.0) rack (>= 1.1) rubocop (>= 1.7.0, < 2.0) - ruby-progressbar (1.11.0) + ruby-progressbar (1.13.0) ruby2_keywords (0.0.5) rugged (0.27.5) sawyer (0.9.2) @@ -99,9 +101,9 @@ GEM simplecov-erb (1.0.1) simplecov (< 1.0) simplecov-html (0.10.2) - tzinfo (2.0.5) + tzinfo (2.0.6) concurrent-ruby (~> 1.0) - unicode-display_width (2.2.0) + unicode-display_width (2.4.2) vcr (4.0.0) webmock (3.4.2) addressable (>= 2.3.6) diff --git a/README.md b/README.md index 21cfb3c..1d8018d 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # entitlements-gitrepo-auditor-plugin -[![acceptance](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/acceptance.yml/badge.svg)](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/acceptance.yml) [![test](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/test.yml/badge.svg)](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/test.yml) [![lint](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/lint.yml/badge.svg)](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/lint.yml) [![coverage](https://img.shields.io/badge/coverage-100%25-success)](https://img.shields.io/badge/coverage-100%25-success) [![style](https://img.shields.io/badge/code%20style-rubocop--github-blue)](https://github.com/github/rubocop-github) +[![acceptance](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/acceptance.yml/badge.svg)](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/acceptance.yml) [![test](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/test.yml/badge.svg)](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/test.yml) [![lint](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/lint.yml/badge.svg)](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/lint.yml) [![build](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/build.yml/badge.svg)](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/build.yml) [![release](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/gem.yml/badge.svg)](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/gem.yml) [![codeql](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/github/entitlements-gitrepo-auditor-plugin/actions/workflows/codeql-analysis.yml) [![coverage](https://img.shields.io/badge/coverage-100%25-success)](https://img.shields.io/badge/coverage-100%25-success) [![style](https://img.shields.io/badge/code%20style-rubocop--github-blue)](https://github.com/github/rubocop-github) `entitlements-gitrepo-auditor-plugin` is an [entitlements-app](https://github.com/github/entitlements-app) plugin allowing further auditing capabilities in entitlements by writing each deploy log to a separate GitHub repo. @@ -71,3 +71,13 @@ auditors: ``` At the end of each `entitlements-app` run, the `entitlements-gitrepo-auditor-plugin` will write a commit to the repo defined above with the details of the deployment. + +## Release 🚀 + +To release a new version of this Gem, do the following: + +1. Update the version number in the [`lib/version.rb`](lib/version.rb) file +2. Run `bundle install` to update the `Gemfile.lock` file with the new version +3. Commit your changes, push them to GitHub, and open a PR + +Once your PR is approved and the changes are merged, a new release will be created automatically by the [`release.yml`](.github/workflows/gem.yml) workflow. The latest version of the Gem will be published to the GitHub Package Registry and RubyGems. diff --git a/VERSION b/VERSION deleted file mode 100644 index 0c62199..0000000 --- a/VERSION +++ /dev/null @@ -1 +0,0 @@ -0.2.1 diff --git a/entitlements-gitrepo-auditor-plugin.gemspec b/entitlements-gitrepo-auditor-plugin.gemspec index 9788a17..bf7b3e5 100644 --- a/entitlements-gitrepo-auditor-plugin.gemspec +++ b/entitlements-gitrepo-auditor-plugin.gemspec @@ -1,19 +1,21 @@ # frozen_string_literal: true +require_relative "lib/version" + Gem::Specification.new do |s| s.name = "entitlements-gitrepo-auditor-plugin" - s.version = File.read("VERSION").chomp + s.version = Entitlements::Version::VERSION s.summary = "Entitlements GitRepo Auditor" - s.description = "" + s.description = "Entitlements plugin for a robust audit log" s.authors = ["GitHub, Inc. Security Ops"] s.email = "opensource+entitlements-app@github.com" s.license = "MIT" - s.files = Dir.glob("lib/**/*") + %w[VERSION] + s.files = Dir.glob("lib/**/*") s.homepage = "https://github.com/github/entitlements-gitrepo-auditor-plugin" s.executables = %w[] - s.add_dependency "entitlements", "0.2.0" s.add_dependency "contracts", "0.17" + s.add_dependency "entitlements", "0.2.0" s.add_development_dependency "rake", "= 13.0.6" s.add_development_dependency "rspec", "= 3.8.0" diff --git a/lib/entitlements/auditor/gitrepo.rb b/lib/entitlements/auditor/gitrepo.rb index 338bfff..e27c851 100644 --- a/lib/entitlements/auditor/gitrepo.rb +++ b/lib/entitlements/auditor/gitrepo.rb @@ -26,7 +26,7 @@ def setup @repo = Entitlements::Util::GitRepo.new( repo: config["repo"], sshkey: Base64.decode64(config["sshkey"]), - logger: logger + logger: ) @repo.github = config["github_override"] if config["github_override"] @repo.send(operation, checkout_directory) @@ -59,10 +59,10 @@ def commit(actions:, successful_actions:, provider_exception:) %w[update_files delete_files].each do |m| send( m.to_sym, - action_hash: action_hash, - successful_actions: successful_actions, - sync_changes: sync_changes, - valid_changes: valid_changes + action_hash:, + successful_actions:, + sync_changes:, + valid_changes: ) end diff --git a/lib/entitlements/util/gitrepo.rb b/lib/entitlements/util/gitrepo.rb index afd7cd2..0e2b8e3 100644 --- a/lib/entitlements/util/gitrepo.rb +++ b/lib/entitlements/util/gitrepo.rb @@ -38,6 +38,7 @@ def initialize(repo:, sshkey:, logger: Entitlements.logger) @repo = repo @sshkey = sshkey @github = "git@github.com:" + @tmpdir_prefix = ENV.fetch("ENTITLEMENTS_TMPDIR_PREFIX", "/data/entitlements_deploys") end # Run "git add" on a file. @@ -206,7 +207,11 @@ def open3_git_execute(dir, commandline, ssh = false) # else custom that might be going on in the environment. Turn off prompts for the SSH key for # github.com being trusted or not, only use the provided key as the identity, and ignore any # ~/.ssh/config file the user running this might have set up. - tempdir = Dir.mktmpdir + + # if the @tmpdir_prefix doesn't exist, create it + FileUtils.mkdir_p(@tmpdir_prefix) unless File.directory?(@tmpdir_prefix) + tempdir = Dir.mktmpdir(nil, @tmpdir_prefix) + File.open(File.join(tempdir, "key"), "w") { |f| f.write(sshkey) } File.open(File.join(tempdir, "ssh"), "w") do |f| f.puts "#!/bin/sh" diff --git a/lib/version.rb b/lib/version.rb new file mode 100644 index 0000000..423f893 --- /dev/null +++ b/lib/version.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +module Entitlements + module Version + VERSION = "0.3.0" + end +end diff --git a/script/release b/script/release deleted file mode 100755 index de79cf7..0000000 --- a/script/release +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -# Tag and push a release. - -set -e -set -x - -# Make sure we're in the project root. - -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && cd .. && pwd )" -cd ${DIR} - -# Build a new gem archive. - -rm -rf entitlements-gitrepo-auditor-plugin-*.gem -gem build -q entitlements-gitrepo-auditor-plugin.gemspec - -# Make sure we're on the main branch. - -(git branch --no-color | grep -q '* main') || { - echo "Only release from the main branch." - exit 1 -} - -# Figure out what version we're releasing. - -tag=v`ls entitlements-gitrepo-auditor-plugin-*.gem | sed 's/^entitlements-gitrepo-auditor-plugin-\(.*\)\.gem$/\1/'` - -# Make sure we haven't released this version before. - -git fetch -t origin - -(git tag -l | grep -q "$tag") && { - echo "Whoops, there's already a '${tag}' tag." - exit 1 -} - -# Tag it and bag it. - -gem push entitlements-gitrepo-auditor-plugin-*.gem && git tag "$tag" && - git push origin main && git push origin "$tag" diff --git a/script/vendor-gem b/script/vendor-gem deleted file mode 100755 index 68a7a14..0000000 --- a/script/vendor-gem +++ /dev/null @@ -1,148 +0,0 @@ -#!/bin/sh -#/ Usage: script/vendor-gem [-r ] [-n ] [-d ] -#/ Build a gem for the given git repository and stick it in vendor/cache. With -r, build -#/ the gem at the branch, tag, or SHA1 given. With no -r, build the default HEAD. -#/ With -d, build the gem at the given directory within the repository. -#/ -#/ This command is used in situations where you'd typically use a :git bundler -#/ source which should not be used in the main github app (even for development gems). -set -e -[[ $TRACE ]] && set -x - -# write out compare url for review -[ $# -eq 0 ] && set -- --help - -# parse args -rev=master -directory="." -while [ $# -gt 0 ]; do - case "$1" in - -d) - directory=$2 - shift 2 - ;; - -r) - rev=$2 - shift 2 - ;; - -n) - gem=$2 - shift 2 - ;; - -h|--help) - grep ^#/ <"$0" |cut -c4- - exit - ;; - *) - url="$1" - shift - ;; - esac -done - -if [ -z "$url" ]; then - echo "error: no git url given. see $0 --help for usage." 1>&2 - exit 1 -fi - -repo=$(echo "$url" | sed 's@^\(https://github\.com.*\)\.git$@\1@') - -if [ -z "$gem" ]; then - gem=$(basename "$url" .git) -fi - -# the RAILS_ROOT directory -root=$(cd $(dirname "$0")/.. && pwd) -cd "$root" - -gem_directory="$root/tmp/gems/$gem/$directory" - -# clone the repo under tmp, clean up on exit -echo "Cloning $url for gem build" -mkdir -p "tmp/gems/$gem" - -# go in and build the gem using the HEAD version, clean up this tmp dir on exit -echo "Building $gem" -( - cd "tmp/gems/$gem" - git init -q - git fetch -q -fu "$url" "+refs/*:refs/*" - git reset --hard HEAD - git clean -df - git checkout "$rev" - git submodule update --init - git --no-pager log -n 1 - - cd "$gem_directory" - gemspec=$(ls -1 *.gemspec | head -1) - echo "Building $gemspec" - - gemname=$(basename "$gemspec" .gemspec) - echo $gemname > vendor-gem-name - - # tag name + number of commits on top of tag + tree sha - GEM_VERSION="" - - # No tags - if [ -z "${GEM_VERSION}" ] - then - gem_version=$(ruby -e "require 'rubygems'; spec=eval(File.read('$gemspec')); print spec.version.to_s") - tree_sha=$(git show --quiet --format=format:%t $rev) - GEM_VERSION="${gem_version}.g${tree_sha}" - fi - - if [ -z "${GEM_VERSION}" ] - then - echo "couldn't determine the gem version from \"$gemspec\"" - exit 1 - fi - - export GEM_VERSION - - # build a wrapping gemspec that adds the sha1 version to the gem version - # unless the gemspec references the GEM_VERSION environment variable - # in which case we assume this is handled explicitly in the gemspec itself - if ! grep -q "GEM_VERSION" < $gemspec - then - cat <<-RUBY > vendor.gemspec - require 'rubygems' - spec = eval(File.read("$gemspec")) - spec.version = "$GEM_VERSION" - spec -RUBY - gem build vendor.gemspec - else - gem build $gemspec - fi - - cd "$root/tmp/gems/$gem" - # Bump gem version in Gemfile (and deal with OS X sed differences) - sed -i -e "s/^gem ['\"]$gemname['\"],\( *\)['\"]\([^'\"]*\)['\"]/gem \"$gemname\",\\1\"$GEM_VERSION\"/" ../../../Gemfile - if [ `uname` = 'Darwin' ]; then - rm -f "../../../Gemfile-e" - fi -) -[ $? -eq 0 ] || exit 1 - -# get the gem name determined in the subprocess -gemname=$(cat "$gem_directory/vendor-gem-name") - -# record old gem ref before deleting -oldref=$(ls vendor/cache/$gemname-*.gem | grep -o -E -e "g[0-9a-f]{7}" | cut -c 2-) - -# remove any existing gems and add the newly built gem -if [ -n "$gemname" ]; then - git rm -f vendor/cache/$gemname*.gem 2>/dev/null || true - cp "$gem_directory/$gemname"*.gem vendor/cache - git add vendor/cache/$gemname* -fi - -# get new gem ref -newref=$(ls vendor/cache/$gemname-*.gem | grep -o -E -e "g[0-9a-f]{7}" | cut -c 2-) - -# write out compare url for review -echo "$repo/compare/$oldref...$newref" - -rm -rf "tmp" -bundle update --local $gemname -git add Gemfile Gemfile.lock diff --git a/spec/acceptance/Dockerfile.entitlements-gitrepo-auditor-plugin b/spec/acceptance/Dockerfile.entitlements-gitrepo-auditor-plugin index 470b542..79d43be 100644 --- a/spec/acceptance/Dockerfile.entitlements-gitrepo-auditor-plugin +++ b/spec/acceptance/Dockerfile.entitlements-gitrepo-auditor-plugin @@ -22,7 +22,8 @@ RUN gem install bundler # Bootstrap files and caching for speed COPY "vendor/cache/" "/data/entitlements/vendor/cache/" COPY "script/" "/data/entitlements/script/" -COPY [".rubocop.yml", ".ruby-version", "entitlements-gitrepo-auditor-plugin.gemspec", "Gemfile", "Gemfile.lock", "VERSION", "/data/entitlements/"] +COPY [".rubocop.yml", ".ruby-version", "entitlements-gitrepo-auditor-plugin.gemspec", "Gemfile", "Gemfile.lock", "/data/entitlements/"] +COPY "lib/version.rb" "/data/entitlements/lib/version.rb" RUN ./script/bootstrap # Source Files diff --git a/spec/acceptance/tests/spec_helper.rb b/spec/acceptance/tests/spec_helper.rb index 377e1b3..8f2b105 100644 --- a/spec/acceptance/tests/spec_helper.rb +++ b/spec/acceptance/tests/spec_helper.rb @@ -63,7 +63,7 @@ def run(fixture_dir, args = []) command_parts = [binary, "--config-file", configfile] + args command = command_parts.map { |i| Shellwords.escape(i) }.join(" ") stdout, stderr, exitstatus = Open3.capture3(command) - OpenStruct.new({ stdout: stdout, stderr: stderr, exitstatus: exitstatus.exitstatus, success?: exitstatus.exitstatus == 0 }) + OpenStruct.new({ stdout:, stderr:, exitstatus: exitstatus.exitstatus, success?: exitstatus.exitstatus == 0 }) end def log(priority, pattern) diff --git a/spec/unit/entitlements/auditor/gitrepo_spec.rb b/spec/unit/entitlements/auditor/gitrepo_spec.rb index 1979feb..5d800fc 100644 --- a/spec/unit/entitlements/auditor/gitrepo_spec.rb +++ b/spec/unit/entitlements/auditor/gitrepo_spec.rb @@ -287,10 +287,10 @@ valid_changes = {} subject.send(:update_files, - action_hash: action_hash, - successful_actions: successful_actions, - sync_changes: sync_changes, - valid_changes: valid_changes + action_hash:, + successful_actions:, + sync_changes:, + valid_changes: ) expect(sync_changes).to eq({}) @@ -343,10 +343,10 @@ valid_changes = {} subject.send(:update_files, - action_hash: action_hash, - successful_actions: successful_actions, - sync_changes: sync_changes, - valid_changes: valid_changes + action_hash:, + successful_actions:, + sync_changes:, + valid_changes: ) expect(sync_changes).to eq( @@ -420,10 +420,10 @@ .with("Entitlements::Auditor::GitRepo: Valid change (create dc=net/dc=kittens/ou=Groups/cn=group3) queued") subject.send(:update_files, - action_hash: action_hash, - successful_actions: successful_actions, - sync_changes: sync_changes, - valid_changes: valid_changes + action_hash:, + successful_actions:, + sync_changes:, + valid_changes: ) expect(sync_changes).to eq( @@ -561,10 +561,10 @@ .with("Entitlements::Auditor::GitRepo: Valid change (update dc=net/dc=kittens/ou=Groups/cn=group5) queued") subject.send(:update_files, - action_hash: action_hash, - successful_actions: successful_actions, - sync_changes: sync_changes, - valid_changes: valid_changes + action_hash:, + successful_actions:, + sync_changes:, + valid_changes: ) expect(sync_changes).to eq( @@ -695,10 +695,10 @@ .with("Entitlements::Auditor::GitRepo: Valid change (delete dc=net/dc=kittens/ou=Groups/cn=group5) queued") subject.send(:update_files, - action_hash: action_hash, - successful_actions: successful_actions, - sync_changes: sync_changes, - valid_changes: valid_changes + action_hash:, + successful_actions:, + sync_changes:, + valid_changes: ) expect(sync_changes).to eq( @@ -759,10 +759,10 @@ .with("Entitlements::Auditor::GitRepo: Sync change (delete dc=net/dc=kittens/ou=extra/cn=extragroup) required") subject.send(:delete_files, - action_hash: action_hash, - successful_actions: successful_actions, - sync_changes: sync_changes, - valid_changes: valid_changes + action_hash:, + successful_actions:, + sync_changes:, + valid_changes: ) expect(sync_changes).to eq( diff --git a/spec/unit/entitlements/util/gitrepo_spec.rb b/spec/unit/entitlements/util/gitrepo_spec.rb index 58be8ce..7c8f7e4 100644 --- a/spec/unit/entitlements/util/gitrepo_spec.rb +++ b/spec/unit/entitlements/util/gitrepo_spec.rb @@ -6,7 +6,7 @@ let(:directory) { "/tmp/asdlkfjafdiejwroiwejfalskdfjdsklf" } let(:logger) { instance_double(Logger) } - let(:subject) { described_class.new(repo: "kittens/fluffy", sshkey: "xyz123", logger: logger) } + let(:subject) { described_class.new(repo: "kittens/fluffy", sshkey: "xyz123", logger:) } describe "#add" do it "executes the command" do @@ -168,6 +168,9 @@ allow(exitstatus).to receive(:exitstatus).and_return(0) begin + expect(FileUtils).to receive(:mkdir_p) + .and_return(true) + tempdir = Dir.mktmpdir allow(Dir).to receive(:mktmpdir).and_return(tempdir) diff --git a/spec/unit/entitlements_spec.rb b/spec/unit/entitlements_spec.rb index 5c3cf41..78c9095 100644 --- a/spec/unit/entitlements_spec.rb +++ b/spec/unit/entitlements_spec.rb @@ -259,7 +259,7 @@ expect(logger).to receive(:debug).with("Audit Auditor 1 completed successfully") expect(logger).to receive(:debug).with("Audit Auditor 2 completed successfully") - expect { described_class.execute(actions: actions) }.not_to raise_error + expect { described_class.execute(actions:) }.not_to raise_error end it "returns without error with no auditors configured" do @@ -278,7 +278,7 @@ expect(logger).not_to receive(:debug) - expect { described_class.execute(actions: actions) }.not_to raise_error + expect { described_class.execute(actions:) }.not_to raise_error end it "raises when setup of an auditor fails" do @@ -292,7 +292,7 @@ expect(auditor2).not_to receive(:setup) expect(auditor2).not_to receive(:commit) - expect { described_class.execute(actions: actions) }.to raise_error(exc) + expect { described_class.execute(actions:) }.to raise_error(exc) end it "raises (but runs other auditors) when an auditor fails" do @@ -332,7 +332,7 @@ allow(logger).to receive(:error) expect(logger).to receive(:error).with("Audit Auditor 1 failed: RuntimeError Boom") - expect { described_class.execute(actions: actions) }.to raise_error(exc) + expect { described_class.execute(actions:) }.to raise_error(exc) end it "raises when a provider fails and there are no auditors" do @@ -352,7 +352,7 @@ expect(logger).not_to receive(:debug) - expect { described_class.execute(actions: actions) }.to raise_error(exc) + expect { described_class.execute(actions:) }.to raise_error(exc) end it "raises (but runs the auditors) when a provider fails" do @@ -391,7 +391,7 @@ expect(logger).to receive(:debug).with("Audit Auditor 1 completed successfully") expect(logger).to receive(:debug).with("Audit Auditor 2 completed successfully") - expect { described_class.execute(actions: actions) }.to raise_error(exc) + expect { described_class.execute(actions:) }.to raise_error(exc) end it "raises the provider's exception when a provider and auditor both fail" do @@ -431,7 +431,7 @@ expect(logger).to receive(:debug).with("Audit Auditor 2 completed successfully") allow(logger).to receive(:error) # Stack trace - expect { described_class.execute(actions: actions) }.to raise_error(exc) + expect { described_class.execute(actions:) }.to raise_error(exc) end it "raises and logs a message when multiple auditors fail" do @@ -472,7 +472,7 @@ expect(logger).to receive(:error).with("Audit Auditor 2 failed: RuntimeError Boom Boom") allow(logger).to receive(:error) # Stack trace - expect { described_class.execute(actions: actions) }.to raise_error(exc) + expect { described_class.execute(actions:) }.to raise_error(exc) end end diff --git a/vendor/cache/activesupport-7.0.3.1.gem b/vendor/cache/activesupport-7.0.3.1.gem deleted file mode 100644 index 0c3757a..0000000 Binary files a/vendor/cache/activesupport-7.0.3.1.gem and /dev/null differ diff --git a/vendor/cache/activesupport-7.0.7.2.gem b/vendor/cache/activesupport-7.0.7.2.gem new file mode 100644 index 0000000..a334fb7 Binary files /dev/null and b/vendor/cache/activesupport-7.0.7.2.gem differ diff --git a/vendor/cache/addressable-2.8.1.gem b/vendor/cache/addressable-2.8.1.gem deleted file mode 100644 index 17e4257..0000000 Binary files a/vendor/cache/addressable-2.8.1.gem and /dev/null differ diff --git a/vendor/cache/addressable-2.8.5.gem b/vendor/cache/addressable-2.8.5.gem new file mode 100644 index 0000000..e58bb94 Binary files /dev/null and b/vendor/cache/addressable-2.8.5.gem differ diff --git a/vendor/cache/faraday-2.5.2.gem b/vendor/cache/faraday-2.5.2.gem deleted file mode 100644 index a66f174..0000000 Binary files a/vendor/cache/faraday-2.5.2.gem and /dev/null differ diff --git a/vendor/cache/faraday-2.7.10.gem b/vendor/cache/faraday-2.7.10.gem new file mode 100644 index 0000000..f072d78 Binary files /dev/null and b/vendor/cache/faraday-2.7.10.gem differ diff --git a/vendor/cache/faraday-net_http-3.0.0.gem b/vendor/cache/faraday-net_http-3.0.0.gem deleted file mode 100644 index a990f3a..0000000 Binary files a/vendor/cache/faraday-net_http-3.0.0.gem and /dev/null differ diff --git a/vendor/cache/faraday-net_http-3.0.2.gem b/vendor/cache/faraday-net_http-3.0.2.gem new file mode 100644 index 0000000..f6b5175 Binary files /dev/null and b/vendor/cache/faraday-net_http-3.0.2.gem differ diff --git a/vendor/cache/i18n-1.12.0.gem b/vendor/cache/i18n-1.12.0.gem deleted file mode 100644 index c64c068..0000000 Binary files a/vendor/cache/i18n-1.12.0.gem and /dev/null differ diff --git a/vendor/cache/i18n-1.14.1.gem b/vendor/cache/i18n-1.14.1.gem new file mode 100644 index 0000000..27d6d5d Binary files /dev/null and b/vendor/cache/i18n-1.14.1.gem differ diff --git a/vendor/cache/json-2.6.2.gem b/vendor/cache/json-2.6.2.gem deleted file mode 100644 index dfa9204..0000000 Binary files a/vendor/cache/json-2.6.2.gem and /dev/null differ diff --git a/vendor/cache/json-2.6.3.gem b/vendor/cache/json-2.6.3.gem new file mode 100644 index 0000000..f76ee74 Binary files /dev/null and b/vendor/cache/json-2.6.3.gem differ diff --git a/vendor/cache/minitest-5.16.3.gem b/vendor/cache/minitest-5.16.3.gem deleted file mode 100644 index ebdb92e..0000000 Binary files a/vendor/cache/minitest-5.16.3.gem and /dev/null differ diff --git a/vendor/cache/minitest-5.19.0.gem b/vendor/cache/minitest-5.19.0.gem new file mode 100644 index 0000000..2b14e41 Binary files /dev/null and b/vendor/cache/minitest-5.19.0.gem differ diff --git a/vendor/cache/net-ldap-0.17.1.gem b/vendor/cache/net-ldap-0.17.1.gem deleted file mode 100644 index 76462c6..0000000 Binary files a/vendor/cache/net-ldap-0.17.1.gem and /dev/null differ diff --git a/vendor/cache/net-ldap-0.18.0.gem b/vendor/cache/net-ldap-0.18.0.gem new file mode 100644 index 0000000..6b5326f Binary files /dev/null and b/vendor/cache/net-ldap-0.18.0.gem differ diff --git a/vendor/cache/parallel-1.22.1.gem b/vendor/cache/parallel-1.22.1.gem deleted file mode 100644 index 5208c79..0000000 Binary files a/vendor/cache/parallel-1.22.1.gem and /dev/null differ diff --git a/vendor/cache/parallel-1.23.0.gem b/vendor/cache/parallel-1.23.0.gem new file mode 100644 index 0000000..8b23caa Binary files /dev/null and b/vendor/cache/parallel-1.23.0.gem differ diff --git a/vendor/cache/parser-3.1.2.1.gem b/vendor/cache/parser-3.1.2.1.gem deleted file mode 100644 index 7b71167..0000000 Binary files a/vendor/cache/parser-3.1.2.1.gem and /dev/null differ diff --git a/vendor/cache/parser-3.2.2.3.gem b/vendor/cache/parser-3.2.2.3.gem new file mode 100644 index 0000000..4ef12e9 Binary files /dev/null and b/vendor/cache/parser-3.2.2.3.gem differ diff --git a/vendor/cache/public_suffix-5.0.0.gem b/vendor/cache/public_suffix-5.0.0.gem deleted file mode 100644 index 6b6ed52..0000000 Binary files a/vendor/cache/public_suffix-5.0.0.gem and /dev/null differ diff --git a/vendor/cache/public_suffix-5.0.3.gem b/vendor/cache/public_suffix-5.0.3.gem new file mode 100644 index 0000000..2558356 Binary files /dev/null and b/vendor/cache/public_suffix-5.0.3.gem differ diff --git a/vendor/cache/racc-1.7.1.gem b/vendor/cache/racc-1.7.1.gem new file mode 100644 index 0000000..c255295 Binary files /dev/null and b/vendor/cache/racc-1.7.1.gem differ diff --git a/vendor/cache/rack-2.2.4.gem b/vendor/cache/rack-2.2.4.gem deleted file mode 100644 index cff677e..0000000 Binary files a/vendor/cache/rack-2.2.4.gem and /dev/null differ diff --git a/vendor/cache/rack-3.0.8.gem b/vendor/cache/rack-3.0.8.gem new file mode 100644 index 0000000..4edcbc6 Binary files /dev/null and b/vendor/cache/rack-3.0.8.gem differ diff --git a/vendor/cache/regexp_parser-2.5.0.gem b/vendor/cache/regexp_parser-2.5.0.gem deleted file mode 100644 index e2e175e..0000000 Binary files a/vendor/cache/regexp_parser-2.5.0.gem and /dev/null differ diff --git a/vendor/cache/regexp_parser-2.8.1.gem b/vendor/cache/regexp_parser-2.8.1.gem new file mode 100644 index 0000000..58c023a Binary files /dev/null and b/vendor/cache/regexp_parser-2.8.1.gem differ diff --git a/vendor/cache/rexml-3.2.5.gem b/vendor/cache/rexml-3.2.5.gem deleted file mode 100644 index 5680fec..0000000 Binary files a/vendor/cache/rexml-3.2.5.gem and /dev/null differ diff --git a/vendor/cache/rexml-3.2.6.gem b/vendor/cache/rexml-3.2.6.gem new file mode 100644 index 0000000..71a4946 Binary files /dev/null and b/vendor/cache/rexml-3.2.6.gem differ diff --git a/vendor/cache/rubocop-ast-1.21.0.gem b/vendor/cache/rubocop-ast-1.21.0.gem deleted file mode 100644 index 71f1a4d..0000000 Binary files a/vendor/cache/rubocop-ast-1.21.0.gem and /dev/null differ diff --git a/vendor/cache/rubocop-ast-1.29.0.gem b/vendor/cache/rubocop-ast-1.29.0.gem new file mode 100644 index 0000000..0c5b37d Binary files /dev/null and b/vendor/cache/rubocop-ast-1.29.0.gem differ diff --git a/vendor/cache/ruby-progressbar-1.11.0.gem b/vendor/cache/ruby-progressbar-1.11.0.gem deleted file mode 100644 index a9d84e5..0000000 Binary files a/vendor/cache/ruby-progressbar-1.11.0.gem and /dev/null differ diff --git a/vendor/cache/ruby-progressbar-1.13.0.gem b/vendor/cache/ruby-progressbar-1.13.0.gem new file mode 100644 index 0000000..c50b94b Binary files /dev/null and b/vendor/cache/ruby-progressbar-1.13.0.gem differ diff --git a/vendor/cache/tzinfo-2.0.5.gem b/vendor/cache/tzinfo-2.0.5.gem deleted file mode 100644 index 1b28f07..0000000 Binary files a/vendor/cache/tzinfo-2.0.5.gem and /dev/null differ diff --git a/vendor/cache/tzinfo-2.0.6.gem b/vendor/cache/tzinfo-2.0.6.gem new file mode 100644 index 0000000..2c16da8 Binary files /dev/null and b/vendor/cache/tzinfo-2.0.6.gem differ diff --git a/vendor/cache/unicode-display_width-2.2.0.gem b/vendor/cache/unicode-display_width-2.2.0.gem deleted file mode 100644 index bece7fa..0000000 Binary files a/vendor/cache/unicode-display_width-2.2.0.gem and /dev/null differ diff --git a/vendor/cache/unicode-display_width-2.4.2.gem b/vendor/cache/unicode-display_width-2.4.2.gem new file mode 100644 index 0000000..4402c5d Binary files /dev/null and b/vendor/cache/unicode-display_width-2.4.2.gem differ pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy