conjur-debify 3.0.1.pre.1853 → 3.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4d734a0761b8cdf2ae9864565b7244bcf0d40b59fe786ace75fae525571e5f89
-  data.tar.gz: 115d4d1355cebadd91cdc1a6c85707eeb38ce3349ee54ce96d9a973d2a1580f9
+  metadata.gz: 8bd35d7a7a35d9c093b4194dedda6ea1d0221b8e0c20296b96195c16b28215cf
+  data.tar.gz: 8e42219970968e197d1adf38212d5e8b9a14f744687085b6a83b22d2a950fe3e
 SHA512:
-  metadata.gz: '0884ff62493120964ff07781e03bea8c6a6c2f830df010ab9c4da07a9e39fa222bebd84a03b41f3c95a6a9814fc264ac2886eb0ece36aa60aa8b0122e505cb32'
-  data.tar.gz: 8d3f646a5bbae3e667ac609c2a4232aa9b61d1465f4cac2b8dc8ddaaa4f9c4920e440d331cd7531a450c1bcb64ca3bcc7ec6b6d492a550cf4f04ce85ce7b66a6
+  metadata.gz: aaf81d2fe3303db79ba608ce5a3defa99a1cb756030a94d944fc61b37005720fdb7f4d59e3ada15d2752c3de931f3208e912c6bb85561c8e2f320386adee1b09
+  data.tar.gz: a32bb3780243b3ec25efb50c5c6016db49e8d777cf51e2f822772d6f907212d4c966b411f8ea5af79c69a7fd3adc5ad3c7dfdb62b35b5f023a5245bdd381dede

data/CHANGELOG.md

@@ -1,3 +1,10 @@
+## [3.0.2]
+### Changed
+- Allow Base Image to be configured on execution.
+- Updated dependencies.
+- Adapted code to reflect Docker API changes, specifying at least one stream is now required.
+  [conjurinc/debify#86](https://github.com/conjurinc/debify/issues/86)
+
 ## [3.0.1]
 ### Changed
 

data/Dockerfile

@@ -1,33 +1,33 @@
-FROM ruby:3.0
+FROM ruby:3.2
 
 RUN apt-get update -qq && \
-    apt-get dist-upgrade -qqy && \
+    apt-get upgrade -qqy && \
     apt-get install -qqy \
     apt-transport-https \
     ca-certificates \
-    curl
-    
+    curl && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
 # Install Docker client tools
-ENV DOCKERVERSION=20.10.0
+ENV DOCKERVERSION=24.0.2
 RUN curl -fsSLO https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKERVERSION}.tgz \
   && tar xzvf docker-${DOCKERVERSION}.tgz --strip 1 \
                  -C /usr/local/bin docker/docker \
   && rm docker-${DOCKERVERSION}.tgz
 
-RUN mkdir -p /debify
 WORKDIR /debify
 
 COPY . ./
 
-RUN gem install bundler:2.2.33
-RUN gem build debify.gemspec
+RUN gem install --no-document bundler:2.4.14 && \
+    gem build debify.gemspec && \
+    gem install --no-document -N conjur-debify-*.gem
 
 ARG VERSION
-RUN gem install -N conjur-debify-*.gem
-
 ARG CONJUR_APPLIANCE_URL
-ENV CONJUR_APPLIANCE_URL ${CONJUR_APPLIANCE_URL:-https://conjurops.itp.conjur.net}
-ENV CONJUR_ACCOUNT ${CONJUR_ACCOUNT:-conjur}
-ENV CONJUR_VERSION ${CONJUR_VERSION:-5}
+ENV CONJUR_APPLIANCE_URL=${CONJUR_APPLIANCE_URL:-https://conjurops.itp.conjur.net} \
+    CONJUR_ACCOUNT=${CONJUR_ACCOUNT:-conjur} \
+    CONJUR_VERSION=${CONJUR_VERSION:-5}
 
 ENTRYPOINT ["/debify/distrib/entrypoint.sh"]

data/README.md

@@ -93,7 +93,7 @@ Builds a Conjur Debian package from a Ruby gem.
 $ debify help package
 NAME
     package - Build a debian package for a project
-    
+
 SYNOPSIS
     debify [global options] package [command options] project_name -- <fpm-arguments>
 b
@@ -110,11 +110,16 @@ DESCRIPTION
     The distrib folder in the project source tree is intended to create scripts for package pre-install, post-install etc. The distrib folder is not
     included in the deb package, so its contents should be copied to the file system or packaged using fpm arguments.
 
-    All arguments to this command which follow the double-dash are propagated to the fpm command. 
+    All arguments to this command which follow the double-dash are propagated to the fpm command.
 
 COMMAND OPTIONS
-    -d, --dir=arg     - Set the current working directory (default: none)
-    -v, --version=arg - Specify the deb version; by default, it's read from the VERSION file (default: none)
+    --additional-files=arg - Specify files to add to the FPM image that are not included from the git repo (default: none)
+    -d, --dir=arg          - Set the current working directory (default: none)
+    --dockerfile=arg       - Specify a custom Dockerfile.fpm (default: none)
+    -i, --image=arg        - Image name (default: cyberark/phusion-ruby-fips)
+    -o, --output=arg       - Set the output file type of the fpm command (e.g rpm) (default: none)
+    -t, --image-tag=arg    - Image tag, e.g. 4.5-stable, 4.6-stable (default: latest)
+    -v, --version=arg      - Specify the deb version; by default, it's read from the VERSION file (default: none)
 ```
 
 ### Example usage
@@ -151,7 +156,7 @@ DESCRIPTION
 
     Finally, a test script from the project source tree is run, again with the container id as the program argument.
 
-    Then the Conjur container is deleted (use --keep to leave it running). 
+    Then the Conjur container is deleted (use --keep to leave it running).
 
 COMMAND OPTIONS
     -c, --configure-script=arg - Shell script to configure the appliance before testing (default: none)
@@ -215,17 +220,17 @@ NAME
     sandbox - Setup a development sandbox for a Conjur debian package in a Conjur appliance container
 
 SYNOPSIS
-    debify [global options] sandbox [command options] 
+    debify [global options] sandbox [command options]
 
 DESCRIPTION
-    First, a Conjur appliance container is created and started. By default, the container image is 
+    First, a Conjur appliance container is created and started. By default, the container image is
     registry.tld/conjur-appliance-cuke-master. An image tag MUST be supplied. This image
-    is configured with all the CONJUR_ environment variables setup for the local environment (appliance URL, 
+    is configured with all the CONJUR_ environment variables setup for the local environment (appliance URL,
     cert path, admin username and password, etc). The project source tree is
-    also mounted into the container, at /src/<project-name>, where <project-name> is taken from the name of the 
+    also mounted into the container, at /src/<project-name>, where <project-name> is taken from the name of the
     current working directory.
 
-    Once in the container, use "/opt/conjur/evoke/bin/dev-install" to install the development bundle of your project. 
+    Once in the container, use "/opt/conjur/evoke/bin/dev-install" to install the development bundle of your project.
 
 COMMAND OPTIONS
     --bind=arg          - Bind another source directory into the container. Use <src>:<dest>, where both are full paths. (default: none)
@@ -249,12 +254,12 @@ root@7d4217655332:/src/authz# bundle exec rake db:migrate
 
 ## Usage with docker-compose
 
-As of v1.10.0, both the `test` and `sandbox` subcommands support the `--net` switch. This allows you to specify a network to which the Conjur appliance container should be attached. 
+As of v1.10.0, both the `test` and `sandbox` subcommands support the `--net` switch.
+This allows you to specify a network to which the Conjur appliance container should be attached.
 
-There are a variety of ways to make use of this feature. One
-possiblity is creating a network using `docker network create`, then
-attaching both the docker-compose services, as well as the Conjur
-appliance container created by debify, to it. 
+There are a variety of ways to make use of this feature. One possibility is creating a network
+using `docker network create`, then attaching both the docker-compose services, as well, as the Conjur
+appliance container created by debify, to it.
 
 As a (somewhat contrived) example, create a new docker network:
 
@@ -298,6 +303,6 @@ root@7d4217655332:/src/example# getent hosts mydb
 
 ## Contributing
 
-For instructions on how to get started and 
+For instructions on how to get started and
 descriptions of our development workflows, please see our
 [contributing guide](CONTRIBUTING.md).

data/VERSION

@@ -1 +1 @@
-3.0.1-1853
+3.0.2

data/ci/test.sh

@@ -2,9 +2,8 @@
 
 git config --global --add safe.directory "$PWD"
 
-bundle
+bundle install
 
 for target in spec cucumber; do
   bundle exec rake $target
 done
-

data/debify.gemspec

@@ -16,21 +16,21 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
-  
+
   spec.add_dependency "gli"
   spec.add_dependency "docker-api", "~> 2.0"
   spec.add_dependency "conjur-cli" , "~> 6"
   spec.add_dependency "conjur-api", "~> 5.3"
-  spec.add_development_dependency "bundler", ">= 2.2.33"
-  spec.add_development_dependency "fakefs", "~> 0"
+  spec.add_development_dependency "bundler", ">= 2.4.14"
+  spec.add_development_dependency "fakefs", "~> 2.5.0"
   spec.add_development_dependency "rake", "~> 13.0"
-  
+
   # Pin to cucumbe v2. cucumber v3 changes (breaks) the behavior of
   # unmatched capture groups with \(d+). In v3, the value of such a
   # group is 0 instead of nil, which breaks aruba's "I successfully
   # run...." steps.
   spec.add_development_dependency "cucumber", '~> 7.1'
-  spec.add_development_dependency "aruba", "~> 2.0"
-  spec.add_development_dependency 'rspec', '~> 3.10'
+  spec.add_development_dependency "aruba", "~> 2.1"
+  spec.add_development_dependency 'rspec', '~> 3.12'
   spec.add_development_dependency 'ci_reporter_rspec', '~> 1.0'
 end

data/lib/conjur/debify.rb

@@ -78,7 +78,7 @@ subcommand_option_handling :normal
 arguments :strict
 
 def detect_version
-  if File.exists?("VERSION") && !(base_commit = `git log --pretty='%h' VERSION | head -n 1`.strip).empty?
+  if File.exist?("VERSION") && !(base_commit = `git log --pretty='%h' VERSION | head -n 1`.strip).empty?
     base_version = File.read("VERSION").strip
     commits_since = `git log #{base_commit}..HEAD --pretty='%h'`.split("\n").size
     hash = `git rev-parse --short HEAD`.strip
@@ -254,6 +254,14 @@ command "package" do |c|
   c.desc "Specify files to add to the FPM image that are not included from the git repo"
   c.flag [:'additional-files']
 
+  c.desc "Image name"
+  c.default_value "cyberark/phusion-ruby-fips"
+  c.flag [:i, :image]
+
+  c.desc "Image tag, e.g. 4.5-stable, 4.6-stable"
+  c.default_value "latest"
+  c.flag [:t, :'image-tag']
+
   c.action do |global_options, cmd_options, args|
     raise "project-name is required" unless project_name = args.shift
 
@@ -272,9 +280,13 @@ command "package" do |c|
       additional_files = cmd_options[:'additional-files'].split(',').map(&:strip)
     end
 
+    dockerfile = File.read(File.expand_path('fpm/Dockerfile.template', File.dirname(__FILE__)))
+    replace_image = dockerfile.gsub("@@image@@", cmd_options[:'image'] + ":" + cmd_options[:'image-tag'])
+    File.open(File.expand_path('fpm/Dockerfile', File.dirname(__FILE__)), "w") { |file| file.puts replace_image }
+
     begin
       tries ||= 2
-      fpm_image = Docker::Image.build_from_dir File.expand_path('fpm', File.dirname(__FILE__)), tag: "debify-fpm", &DebugMixin::DOCKER
+      fpm_image = Docker::Image.build_from_dir File.expand_path('fpm', File.dirname(__FILE__)), architecture: "x86_64", tag: "debify-fpm", &DebugMixin::DOCKER
     rescue
       image_id = File.readlines(File.expand_path('fpm/Dockerfile', File.dirname(__FILE__)))
                      .find { | line | line =~ /^FROM/ }
@@ -367,7 +379,7 @@ end
 def wait_for_conjur appliance_image, container
   container_command container, '/opt/conjur/evoke/bin/wait_for_conjur'
 rescue
-  $stderr.puts container.logs
+  $stderr.puts container.logs(stdout: true, stderr: true)
   raise
 end
 
@@ -848,4 +860,3 @@ on_error do |exception|
   # return false to skip default error handling
   true
 end
-

data/lib/conjur/fpm/{Dockerfile → Dockerfile.template}

@@ -1,5 +1,4 @@
-# Build from the same version of ubuntu as phusion/baseimage
-FROM cyberark/phusion-ruby-fips:latest
+FROM @@image@@
 
 RUN apt-get update -y && \
     apt-get dist-upgrade -y && \

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: conjur-debify
 version: !ruby/object:Gem::Version
-  version: 3.0.1.pre.1853
+  version: 3.0.2
 platform: ruby
 authors:
 - CyberArk Software, Inc.
@@ -72,28 +72,28 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.2.33
+        version: 2.4.14
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.2.33
+        version: 2.4.14
 - !ruby/object:Gem::Dependency
   name: fakefs
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.5.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.5.0
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -128,28 +128,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '2.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.10'
+        version: '3.12'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.10'
+        version: '3.12'
 - !ruby/object:Gem::Dependency
   name: ci_reporter_rspec
   requirement: !ruby/object:Gem::Requirement
@@ -217,7 +217,7 @@ files:
 - lib/conjur/debify/action/publish.rb
 - lib/conjur/debify/utils.rb
 - lib/conjur/debify/version.rb
-- lib/conjur/fpm/Dockerfile
+- lib/conjur/fpm/Dockerfile.template
 - lib/conjur/fpm/debify_utils.sh
 - lib/conjur/fpm/package.sh
 - lib/conjur/publish/Dockerfile
@@ -247,9 +247,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.2.33
 signing_key: