RubyGems - cirro-ruby-client - Versions diffs - 2.7.1 → 2.7.3 - Mend

cirro-ruby-client 2.7.1 → 2.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/.circleci/config.yml +32 -41
data/Gemfile.lock +1 -1
data/lib/cirro_io/client/version.rb +1 -1
data/lib/cirro_io_v2/resources/user.rb +5 -0
data/lib/cirro_io_v2/responses/responses.rb +1 -0
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4df676a10d42219e5d81847cc842521cb21c42da22816fec3cca8ad79759691a
-  data.tar.gz: 8b8197f8755d8f7211d2f3ae686c32619500a7a56511448c0f9a2e79a1c89b2f
+  metadata.gz: a284883c882e6e61c8449580ad57a886bed594109480e2ce67e570151c6c5c19
+  data.tar.gz: e2288b62ba9a818322d5e76025259825575dc384d6dc109cd8d8d67758a75f80
 SHA512:
-  metadata.gz: 05fd1c6d9037854059ed42a5f29d8da008602462eaade583164fdfd2350185e0862e51230d52a30ab6aac2e900469023d75adc773fdafd0630265fd1e1ed88b2
-  data.tar.gz: b83835c328574a4c59225383cc485e57cc7a7f3bb71eae206e75460c140e49dba7388aadd96f18d7193781a0ee0e5e04e0c4926cb05b6af6dd4cfc91946f0165
+  metadata.gz: a73ad1b5f39955448ca3b6940ff7215ff56e63d654b75d8cd87623d1706fc7e70e4b05539c5322ef6f132e0f892e9614a91eea03eb6dee43664b5fcf7ef9e5ac
+  data.tar.gz: 77d49218048a9543f8793fc6f71eecc10dc117b842031884867f55f1dfafa438eec5b300bb5f5d41f6e9fd99ad3da1604b1f1411b0ee0d44add384008fd07d6a

data/.circleci/config.yml CHANGED Viewed

@@ -1,21 +1,19 @@
 version: 2.1
-infra_container: &infra_container
-  us.gcr.io/oi-tset/swissknife@sha256:e8b74aab06de688b29c600785782a614efdaf2c20df7ef9b53b2b0276815fb0c
-# Configure authentication in private registry
-infra_container_registry_auth:
-  &infra_container_registry_auth
-    auth:
-      username: _json_key # default username when using a JSON key file to authenticate
-      password: $GOOGLE_JSON_KEY_OI_TSET
+executors:
+  cci-ruby:
+    docker:
+    - image: cimg/ruby:3.2.2
+      environment:
+        RAILS_ENV: test
+        RACK_ENV: test
+  cci-base:
+    docker:
+    - image: cimg/base:stable
 jobs:
   test:
-    docker:
-      - image: cimg/ruby:3.2.2-node
-        environment:
-          - RAILS_ENV=test
-          - RACK_ENV=test
+    executor: cci-ruby
     steps:
       - checkout
       - restore_cache:
@@ -36,8 +34,7 @@ jobs:
           command: bundle exec rubocop
   deploy:
-    docker:
-      - image: cimg/ruby:3.2.2-node
+    executor: cci-ruby
     steps:
       - checkout
       - run:
@@ -53,47 +50,44 @@ jobs:
               git push origin v"$version"
             fi
       - run:
-          name: build gem
+          name: Build the gem
           command: gem build cirro-ruby-client.gemspec
       - run:
-          name: push to rubygems
+          name: Push to Rubygems
           command: |
             version=$(cat lib/cirro_io/client/version.rb | grep VERSION | awk -F' = ' '{print $2}' | xargs)
-            echo "gem `gem --version`"
+            echo "gem $(gem --version)"
             mkdir ~/.gem
-            cat .circleci/gem_credentials | sed -e "s/__RUBYGEMS_API_KEY__/${RUBYGEMS_API_KEY}/" > ~/.gem/credentials
+            cat .circleci/gem_credentials | sed -e "s/__RUBYGEMS_API_KEY__/$RUBYGEMS_API_KEY/" > ~/.gem/credentials
             chmod 0600 ~/.gem/credentials
             gem push cirro-ruby-client-$version.gem
-            shred -u ~/.gem/credentials
+            shred -u ~/.gem/credentials # completely remove the file making it hard for even very expensive hardware to recover the data
   defectdojo:
-    docker:
-      - image: *infra_container
-        <<: *infra_container_registry_auth
+    executor: cci-base
     environment:
-      - DEFECTDOJO_URL: defectdojo.testcloud.io
-      - DEFECTDOJO_PRODUCT: Cirro Ruby Client
-      - DEFECTDOJO_ENG_NAME: CircleCI Scan
+      DEFECTDOJO_URL: defectdojo.testcloud.io
+      DEFECTDOJO_PRODUCT: Cirro Ruby Client
+      DEFECTDOJO_ENG_NAME: CircleCI Scan
+    circleci_ip_ranges: true # opts the job into the IP ranges feature
     steps:
       - checkout
       - run:
-          name: Setup access to GCP
+          name: Install Trivy and Gitleaks
           command: |
-            echo $GOOGLE_JSON_KEY_OI_TSET > ${HOME}/gcloud-service-key.json && \
-            gcloud auth activate-service-account --key-file=${HOME}/gcloud-service-key.json
-            gcloud auth configure-docker
+            curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b /usr/local/bin
+            curl -sfL https://github.com/zricethezav/gitleaks/releases/download/v8.18.2/gitleaks_8.18.2_linux_x64.tar.gz -o gitleaks.tar.gz && \
+            tar -xf gitleaks.tar.gz
       - run:
           name: Scans
           command: |
-            unset GITHUB_TOKEN && trivy fs --exit-code 0 --no-progress --ignorefile .trivyignore-fake --format json --output filesystem-scan.json .
-            gitleaks detect --no-git --exit-code 0 --report-format json --report-path gitleaks.json
+            trivy fs --exit-code 0 --no-progress --format json --output filesystem-scan.json .
+            ./gitleaks detect --no-git --exit-code 0 --report-format json --report-path gitleaks.json
       - run:
           name: Send data to DefectDojo
           command: |
-            export DEFECTDOJO_TOKEN=$(gcloud secrets versions access latest \
-            --secret="defectdojo_token" \
-            --project=oi-tset \
-            --quiet)
+            # The DEFECTDOJO_TOKEN env var is set in CCI to not have to be authenticated
+            # to GCP only for this purpose, so please change it there if it gets rotated
             # Send Trivy filesystem scan
             curl --fail --request POST https://$DEFECTDOJO_URL/api/v2/reimport-scan/ \
@@ -124,7 +118,6 @@ jobs:
             --form "file=@gitleaks.json"
 workflows:
-  version: 2
   deploy_the_gem:
     jobs:
       - test
@@ -133,10 +126,8 @@ workflows:
             - test
           filters:
             branches:
-              only:
-                - master
+              only: master
       - defectdojo:
           filters:
             branches:
-              only:
-                - master
+              only: master

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    cirro-ruby-client (2.7.1)
+    cirro-ruby-client (2.7.3)
       activesupport
       faraday (< 1.11.0)
       faraday_middleware

data/lib/cirro_io/client/version.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # rubocop:disable Style/MutableConstant
 module CirroIO
   module Client
-    VERSION = '2.7.1'
+    VERSION = '2.7.3'
   end
 end
 # rubocop:enable Style/MutableConstant

data/lib/cirro_io_v2/resources/user.rb CHANGED Viewed

@@ -11,6 +11,11 @@ module CirroIOV2
         CirroIOV2::Responses::UserResponse.new(response.body)
       end
+      def delete(id)
+        response = client.request_client.request(:delete, "#{resource_root}/#{id}")
+        Responses::UserDeleteResponse.new(response.body)
+      end
       def notification_preference(id)
         response = client.request_client.request(:get, "#{resource_root}/#{id}/notification_preference")
         CirroIOV2::Responses::UserNotificationPreferenceResponse.new(response.body)

data/lib/cirro_io_v2/responses/responses.rb CHANGED Viewed

@@ -16,6 +16,7 @@ module CirroIOV2
     ].freeze
     DELETE_RESPONSES = [
+      :UserDeleteResponse,
       :GigDeleteResponse,
       :PayoutDeleteResponse,
       :NotificationTemplateDeleteResponse,

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cirro-ruby-client
 version: !ruby/object:Gem::Version
-  version: 2.7.1
+  version: 2.7.3
 platform: ruby
 authors:
 - Cirro Dev Team
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-08-13 00:00:00.000000000 Z
+date: 2025-02-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport