From e012919f086e6982bee404f71fa04068ad604c41 Mon Sep 17 00:00:00 2001 From: Gene Liverman Date: Wed, 16 Feb 2022 09:36:17 -0500 Subject: [PATCH 1/6] Update CODEOWNERS --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index cabe96c..7d43104 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1 +1 @@ -* @puppetlabs/beaker +* @puppetlabs/dio From 596e0d83f9f398c007245b3ae8b75f018a8cd666 Mon Sep 17 00:00:00 2001 From: suckatrash Date: Mon, 2 May 2022 13:46:21 -0700 Subject: [PATCH 2/6] (DIO-3134) Scan repo with Snyk --- .github/workflows/snyk_scan.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 .github/workflows/snyk_scan.yaml diff --git a/.github/workflows/snyk_scan.yaml b/.github/workflows/snyk_scan.yaml new file mode 100644 index 0000000..a83b827 --- /dev/null +++ b/.github/workflows/snyk_scan.yaml @@ -0,0 +1,23 @@ +name: Snyk Scan +on: + workflow_dispatch: + push: + branches: + - master +jobs: + security: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@master + - name: setup ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: 2.7 + - name: create lock + run: bundle lock + - name: Run Snyk to check for vulnerabilities + uses: snyk/actions/ruby@master + env: + SNYK_TOKEN: ${{ secrets.SNYK_DIO_KEY }} + with: + command: monitor \ No newline at end of file From 5be58b1e82166b51147dcf8030df2b64c885081b Mon Sep 17 00:00:00 2001 From: Gene Liverman Date: Fri, 20 Jan 2023 08:43:09 -0500 Subject: [PATCH 3/6] Update code owners to RE --- CODEOWNERS | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index 7d43104..9767b61 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1 +1,2 @@ -* @puppetlabs/dio +* @puppetlabs/release-engineering + From 6acbc08abacd91bd5fd83fab7b57fbef80085de5 Mon Sep 17 00:00:00 2001 From: Jake Spain Date: Fri, 10 Feb 2023 16:40:40 -0500 Subject: [PATCH 4/6] Add mend scanning. Update test and release actions --- .github/dependabot.yml | 3 +-- .github/workflows/release.yml | 39 ++++++++++++++++++++++++++++++++ .github/workflows/security.yml | 39 ++++++++++++++++++++++++++++++++ .github/workflows/snyk_scan.yaml | 23 ------------------- .github/workflows/test.yml | 26 --------------------- .github/workflows/testing.yml | 25 ++++++++++++++++++++ 6 files changed, 104 insertions(+), 51 deletions(-) create mode 100644 .github/workflows/release.yml create mode 100644 .github/workflows/security.yml delete mode 100644 .github/workflows/snyk_scan.yaml delete mode 100644 .github/workflows/test.yml create mode 100644 .github/workflows/testing.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml index c8f8016..81e0069 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -3,6 +3,5 @@ updates: - package-ecosystem: bundler directory: "/" schedule: - interval: daily - time: "13:00" + interval: weekly open-pull-requests-limit: 10 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..866f9a7 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,39 @@ +name: Release + +on: workflow_dispatch + +jobs: + release: + runs-on: ubuntu-latest + if: github.repository == 'puppetlabs/beaker-vmpooler' + steps: + - uses: actions/checkout@v3 + - name: Get Version + id: gv + run: | + version=$(grep VERSION lib/beaker-vmpooler/version.rb |rev |cut -d "'" -f2 |rev) + echo "version=$version" >> $GITHUB_OUTPUT + echo "Found version $version from lib/beaker-vmpooler/version.rb" + - name: Tag Release + uses: ncipollo/release-action@v1 + with: + tag: ${{ steps.gv.outputs.version }} + token: ${{ secrets.GITHUB_TOKEN }} + draft: false + prerelease: false + generateReleaseNotes: true + - name: Install Ruby 2.7 + uses: ruby/setup-ruby@v1 + with: + ruby-version: '2.7' + - name: Build gem + run: gem build *.gemspec + - name: Publish gem + run: | + mkdir -p $HOME/.gem + touch $HOME/.gem/credentials + chmod 0600 $HOME/.gem/credentials + printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials + gem push *.gem + env: + GEM_HOST_API_KEY: '${{ secrets.RUBYGEMS_AUTH_TOKEN }}' diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml new file mode 100644 index 0000000..666c602 --- /dev/null +++ b/.github/workflows/security.yml @@ -0,0 +1,39 @@ +name: Security +on: + workflow_dispatch: + push: + branches: + - main + +jobs: + scan: + name: Mend Scanning + runs-on: ubuntu-latest + steps: + - name: checkout repo content + uses: actions/checkout@v3 + with: + fetch-depth: 1 + - name: setup ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: 2.7 + # setup a package lock if one doesn't exist, otherwise do nothing + - name: check lock + run: '[ -f "Gemfile.lock" ] && echo "package lock file exists, skipping" || bundle lock' + # install java + - uses: actions/setup-java@v3 + with: + distribution: 'temurin' # See 'Supported distributions' for available options + java-version: '17' + # download mend + - name: download_mend + run: curl -o wss-unified-agent.jar https://unified-agent.s3.amazonaws.com/wss-unified-agent.jar + - name: run mend + run: java -jar wss-unified-agent.jar + env: + WS_APIKEY: ${{ secrets.MEND_API_KEY }} + WS_WSS_URL: https://saas-eu.whitesourcesoftware.com/agent + WS_USERKEY: ${{ secrets.MEND_TOKEN }} + WS_PRODUCTNAME: RE + WS_PROJECTNAME: ${{ github.event.repository.name }} diff --git a/.github/workflows/snyk_scan.yaml b/.github/workflows/snyk_scan.yaml deleted file mode 100644 index a83b827..0000000 --- a/.github/workflows/snyk_scan.yaml +++ /dev/null @@ -1,23 +0,0 @@ -name: Snyk Scan -on: - workflow_dispatch: - push: - branches: - - master -jobs: - security: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@master - - name: setup ruby - uses: ruby/setup-ruby@v1 - with: - ruby-version: 2.7 - - name: create lock - run: bundle lock - - name: Run Snyk to check for vulnerabilities - uses: snyk/actions/ruby@master - env: - SNYK_TOKEN: ${{ secrets.SNYK_DIO_KEY }} - with: - command: monitor \ No newline at end of file diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml deleted file mode 100644 index 21bafc6..0000000 --- a/.github/workflows/test.yml +++ /dev/null @@ -1,26 +0,0 @@ -name: Test - -on: - - pull_request - - push - -jobs: - test: - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - ruby: - - "2.5" - - "2.6" - - "2.7" - name: Ruby ${{ matrix.ruby }} - steps: - - uses: actions/checkout@v2 - - name: Install Ruby ${{ matrix.ruby }} - uses: ruby/setup-ruby@v1 - with: - ruby-version: ${{ matrix.ruby }} - bundler-cache: true - - name: Run tests - run: bundle exec rake test:spec diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml new file mode 100644 index 0000000..67c6596 --- /dev/null +++ b/.github/workflows/testing.yml @@ -0,0 +1,25 @@ +name: Testing + +on: + pull_request: + branches: + - main + +jobs: + spec_tests: + runs-on: ubuntu-latest + strategy: + matrix: + ruby-version: + - '2.7' + - '3.0' + - '3.1' + steps: + - uses: actions/checkout@v3 + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: ${{ matrix.ruby-version }} + bundler-cache: true # runs 'bundle install' and caches installed gems automatically + - name: Run spec tests + run: bundle exec rake test From 4f5ee09807d0dca40ff9207c644d28c3d254b705 Mon Sep 17 00:00:00 2001 From: Michael Hashizume Date: Mon, 27 Mar 2023 13:59:30 -0700 Subject: [PATCH 5/6] (PUP-11786) Beaker 5 compatibility Vox Pupuli has released Beaker 5, which drops older (< 2.7) Ruby compatibility and adds compatibility for Ruby 3.2 This commit adds testing for Ruby 3.2, sets the dependency on Beaker to ~> 5.0, replaces the File#exists? method that's been deprecated since Ruby 2.7 and removed in 3.2, and updates the dependency on FakeFS to the same version that Beaker uses (FakeFS ~> 2.4). --- .github/workflows/testing.yml | 1 + Gemfile | 8 ++------ beaker-vmpooler.gemspec | 7 +------ 3 files changed, 4 insertions(+), 12 deletions(-) diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index 67c6596..ba73c0c 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -14,6 +14,7 @@ jobs: - '2.7' - '3.0' - '3.1' + - '3.2' steps: - uses: actions/checkout@v3 - name: Set up Ruby diff --git a/Gemfile b/Gemfile index bbec26f..171cfb9 100644 --- a/Gemfile +++ b/Gemfile @@ -2,8 +2,6 @@ source ENV['GEM_SOURCE'] || "https://rubygems.org" gemspec :development_group => :acceptance_testing - - def location_for(place, fake_version = nil) if place =~ /^(git:[^#]*)#(.*)/ [fake_version, { :git => $1, :branch => $2, :require => false }].compact @@ -14,15 +12,13 @@ def location_for(place, fake_version = nil) end end - # We don't put beaker in as a test dependency because we # don't want to create a transitive dependency group :acceptance_testing do - gem "beaker", *location_for(ENV['BEAKER_VERSION'] || '~> 4.0') + gem "beaker", *location_for(ENV['BEAKER_VERSION'] || '~> 5.0') gem "beaker-abs" end - -if File.exists? "#{__FILE__}.local" +if File.exist? "#{__FILE__}.local" eval(File.read("#{__FILE__}.local"), binding) end diff --git a/beaker-vmpooler.gemspec b/beaker-vmpooler.gemspec index fccd267..43c6e88 100644 --- a/beaker-vmpooler.gemspec +++ b/beaker-vmpooler.gemspec @@ -20,12 +20,7 @@ Gem::Specification.new do |s| # Testing dependencies s.add_development_dependency 'rspec', '~> 3.0' s.add_development_dependency 'rspec-its' - # pin fakefs for Ruby < 2.3 - if RUBY_VERSION < "2.3" - s.add_development_dependency 'fakefs', '~> 0.6', '< 0.14' - else - s.add_development_dependency 'fakefs', '~> 0.6' - end + s.add_development_dependency 'fakefs', '~> 2.4' s.add_development_dependency 'rake', '~> 13.0' s.add_development_dependency 'simplecov' s.add_development_dependency 'pry', '~> 0.10' From c027b1bcef47f7027a7958110d2c036c0ae03454 Mon Sep 17 00:00:00 2001 From: Michael Hashizume Date: Tue, 28 May 2024 09:54:41 -0700 Subject: [PATCH 6/6] Add support for Beaker 6 --- Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 171cfb9..ebabf9b 100644 --- a/Gemfile +++ b/Gemfile @@ -15,7 +15,7 @@ end # We don't put beaker in as a test dependency because we # don't want to create a transitive dependency group :acceptance_testing do - gem "beaker", *location_for(ENV['BEAKER_VERSION'] || '~> 5.0') + gem "beaker", *location_for(ENV['BEAKER_VERSION'] || '>= 5.0', '< 7') gem "beaker-abs" end