cutlass 0.1.0

data/Rakefile

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+require "rubocop/rake_task"
+
+RuboCop::RakeTask.new
+
+task default: %i[spec rubocop]

data/SECURITY.md

@@ -0,0 +1,7 @@
+## Security
+
+Please report any security issue to [security@salesforce.com](mailto:security@salesforce.com)
+as soon as it is discovered. This library limits its runtime dependencies in
+order to reduce the total cost of ownership as much as can be, but all consumers
+should remain vigilant and have their security stakeholders review all third-party
+products (3PP) like this one and their dependencies.

data/bin/console

@@ -0,0 +1,15 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "cutlass"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/cutlass.gemspec

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+require_relative "lib/cutlass/version"
+
+Gem::Specification.new do |spec|
+  spec.name = "cutlass"
+  spec.version = Cutlass::VERSION
+  spec.authors = ["schneems"]
+  spec.email = ["richard.schneeman+foo@gmail.com"]
+
+  spec.summary = "Write CNB integration tests for Pack in Ruby with cutlass"
+  spec.description = "Have you ever had problems opening a `pack` age? Try something sharper, try CUTLASS!"
+  spec.homepage = "https://github.com/heroku/cutlass"
+  spec.license = "MIT"
+  spec.required_ruby_version = Gem::Requirement.new(">= 2.4.0")
+
+  spec.metadata["homepage_uri"] = spec.homepage
+  spec.metadata["source_code_uri"] = "https://github.com/heroku/cutlass"
+  spec.metadata["changelog_uri"] = "https://github.com/heroku/cutlass/blob/main/CHANGELOG.md"
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{\A(?:test|spec|features)/}) }
+  end
+  spec.bindir = "exe"
+  spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  # Uncomment to register a new dependency of your gem
+  spec.add_dependency "docker-api", ">= 2.0"
+
+  # For more information and examples about making a new gem, checkout our
+  # guide at: https://bundler.io/guides/creating_gem.html
+end

data/lib/cutlass.rb

@@ -0,0 +1,92 @@
+# frozen_string_literal: true
+
+require "tempfile"
+require "fileutils"
+require "pathname"
+require "securerandom"
+
+require "docker" # docker-api gem
+
+require_relative "cutlass/version"
+
+# Cutlass
+module Cutlass
+  # Error
+  class Error < StandardError; end
+
+  def self.config
+    yield self
+  end
+
+  class << self
+    # Cutlass.default_builder
+    # Cutlass.default_buildpack_paths
+    attr_accessor :default_builder, :default_buildpack_paths
+  end
+
+  @default_buildpack_paths = []
+  @default_repo_dirs = []
+  def self.default_repo_dirs=(dirs)
+    @default_repo_dirs = Array(dirs).map { |dir| Pathname(dir) }
+  end
+
+  def self.default_repo_dirs
+    @default_repo_dirs
+  end
+
+  # Given a full path that exists it will return the same path.
+  # Given the name of a directory within the default repo dirs,
+  # it will match and return a full path
+  def self.resolve_path(path)
+    return Pathname(path) if Dir.exist?(path)
+
+    children = @default_repo_dirs.map(&:children).flatten
+    resolved = children.detect { |p| p.basename.to_s == path }
+
+    return resolved if resolved
+
+    raise(<<~EOM)
+      No such directory name: #{path.inspect}
+
+      #{children.map(&:basename).join($/)}
+    EOM
+  end
+
+  def self.debug?
+    ENV["CUTLASS_DEBUG"] || ENV["DEBUG"]
+  end
+
+  def self.default_image_name
+    "cutlass_image_#{SecureRandom.hex(10)}"
+  end
+
+  # Runs the block in a process fork to isolate memory
+  # or environment changes such as ENV var modifications
+  def self.in_fork
+    Tempfile.create("stdout") do |tmp_file|
+      pid = fork do
+        $stdout.reopen(tmp_file, "a")
+        $stderr.reopen(tmp_file, "a")
+        $stdout.sync = true
+        $stderr.sync = true
+        yield
+        Kernel.exit!(0) # needed for https://github.com/seattlerb/minitest/pull/683
+      end
+      Process.waitpid(pid)
+
+      if $?.success?
+        print File.read(tmp_file)
+      else
+        raise File.read(tmp_file)
+      end
+    end
+  end
+end
+
+require_relative "cutlass/bash_result"
+require_relative "cutlass/app"
+require_relative "cutlass/clean_test_env"
+
+require_relative "cutlass/local_buildpack"
+require_relative "cutlass/pack_build"
+require_relative "cutlass/container_boot"

data/lib/cutlass/app.rb

@@ -0,0 +1,172 @@
+# frozen_string_literal: true
+
+module Cutlass
+  # Top level class for interacting with a "pack" app
+  #
+  #   Cutlass::App.new(
+  #     path_to_rails_app,
+  #     buildpacks: "heroku/ruby",
+  #     builder: "heroku/buildpacks:18"
+  #   ).transaction do |app|
+  #     app.pack_build
+  #
+  #     expect(result.stdout).to include("Successfully built image")
+  #   end
+  class App
+    attr_reader :builds, :config, :builder, :buildpacks, :exception_on_failure, :image_name, :tmpdir
+
+    def initialize(
+      source_path_name,
+      config: {},
+      warn_io: $stderr,
+      builder: Cutlass.default_builder,
+      image_name: Cutlass.default_image_name,
+      buildpacks: Cutlass.default_buildpack_paths,
+      exception_on_failure: true
+    )
+      @tmpdir = nil
+      @source_path = nil
+
+      @builds = []
+      @on_teardown = []
+
+      @config = config
+      @warn_io = warn_io
+      @builder = builder
+      @image_name = image_name
+      @buildpacks = buildpacks
+      @source_path_name = source_path_name
+      @exception_on_failure = exception_on_failure
+    end
+
+    def stdout
+      last_build.stdout
+    end
+
+    def stderr
+      last_build.stderr
+    end
+
+    def success?
+      last_build.success?
+    end
+
+    def fail?
+      last_build.fail?
+    end
+
+    def last_build
+      raise "You must `pack_build` first" if builds.empty?
+
+      builds.last
+    end
+
+    def run(command, exception_on_failure: true)
+      command = docker_command(command)
+      result = BashResult.run(command)
+
+      raise(<<~EOM) if result.failed? && exception_on_failure
+        Command "#{command}" failed
+
+        stdout: #{result.stdout}
+        stderr: #{result.stderr}
+        status: #{result.status}
+      EOM
+
+      result
+    end
+
+    private def docker_command(command)
+      "docker run --entrypoint='/cnb/lifecycle/launcher' #{image_name} #{command.to_s.shellescape}"
+    end
+
+    def run_multi(command, exception_on_failure: true)
+      raise "No block given" unless block_given?
+
+      thread = Thread.new do
+        yield run(command, exception_on_failure: exception_on_failure)
+      end
+
+      on_teardown { thread.join }
+    end
+
+    def start_container(expose_ports: [])
+      raise "No block given" unless block_given?
+
+      ContainerBoot.new(image_id: last_build.image_id, expose_ports: expose_ports).call do |container|
+        yield container
+      end
+    end
+
+    def pack_build
+      build = PackBuild.new(
+        config: config,
+        app_dir: @tmpdir,
+        builder: builder,
+        buildpacks: buildpacks,
+        image_name: image_name,
+        exception_on_failure: exception_on_failure
+      )
+      on_teardown { build.teardown }
+
+      @builds << build
+      yield build.call
+    end
+
+    def transaction
+      raise "No block given" unless block_given?
+
+      in_dir do
+        yield self
+      ensure
+        teardown
+      end
+    end
+
+    def in_dir
+      Dir.mktmpdir do |dir|
+        @tmpdir = Pathname(dir)
+
+        FileUtils.copy_entry(source_path, @tmpdir)
+
+        Dir.chdir(@tmpdir) do
+          yield @tmpdir
+        end
+      end
+    end
+
+    def teardown
+      errors = []
+      @on_teardown.reverse_each do |callback|
+        # Attempt to run all teardown callbacks
+
+        callback.call
+      rescue => e
+        errors << e
+
+        @warn_io.puts <<~EOM
+
+          Error in teardown #{callback.inspect}
+
+          It will be raised after all teardown blocks have completed
+
+          #{e.message}
+
+          #{e.backtrace.join($/)}
+        EOM
+      end
+    ensure
+      errors.each do |e|
+        raise e
+      end
+    end
+
+    def on_teardown(&block)
+      @on_teardown << block
+    end
+
+    private def source_path
+      @source_path ||= Cutlass.resolve_path(@source_path_name)
+    end
+  end
+end

data/lib/cutlass/bash_result.rb

@@ -0,0 +1,56 @@
+require "open3"
+
+module Cutlass
+  # Value object containing the results of bash commands
+  #
+  # result = BashResult.run("echo 'lol')
+  # result.stdout # => "lol"
+  # result.status # => 0
+  # result.success? # => true
+  class BashResult
+    def self.run(command)
+      stdout, stderr, status = Open3.capture3(command)
+      BashResult.new(stdout: stdout, stderr: stderr, status: status)
+    end
+
+    # @return [String]
+    attr_reader :stdout
+
+    # @return [String]
+    attr_reader :stderr
+
+    # @return [Numeric]
+    attr_reader :status
+
+    # @param stdout [String]
+    # @param stderr [String]
+    # @param status [Numeric]
+    def initialize(stdout:, stderr:, status:)
+      @stdout = stdout
+      @stderr = stderr
+      @status = status.to_i
+    end
+
+    # @return [Boolean]
+    def success?
+      @status == 0
+    end
+
+    def failed?
+      !success?
+    end
+
+    # Testing helper methods
+    def include?(value)
+      stdout.include?(value)
+    end
+
+    def match?(value)
+      stdout.match?(value)
+    end
+
+    def match(value)
+      stdout.match(value)
+    end
+  end
+end

data/lib/cutlass/clean_test_env.rb

@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+
+require_relative "env_diff"
+require_relative "docker_diff"
+
+module Cutlass
+  # Ensure that your environment variables and docker images aren't leaking in tests
+  #
+  # Docker image leaking is disabled by default in development. Set CUTLASS_CHECK_DOCKER
+  # in CI.
+  #
+  #   CleanTestEnv.record
+  #   CleanTestEnv.check(docker: true)
+  #   # => nil
+  #
+  #   BashResult.run("docker build .")
+  #
+  #   CleanTestEnv.check(docker: true)
+  #   # => Error: Docker images have leaked
+  #
+  # The common practice is to use this in rspec hooks
+  #
+  #   config.before(:suite) do
+  #     Cutlass::CleanTestEnv.record
+  #   end
+  #
+  #   config.after(:suite) do
+  #     Cutlass::CleanTestEnv.check
+  #   end
+  class CleanTestEnv
+    @before_images = []
+    @skip_keys = ["HEROKU_API_KEY"]
+
+    def self.skip_key(key)
+      @skip_keys << key
+    end
+
+    def self.record
+      @env_diff = EnvDiff.new(skip_keys: @skip_keys)
+      @docker_diff = DockerDiff.new
+    end
+
+    def self.check(docker: ENV["CUTLASS_CHECK_DOCKER"])
+      check_env
+      check_images if docker
+    end
+
+    def self.check_env
+      raise "Must call `record` first" if @env_diff.nil?
+      return if @env_diff.same?
+
+      raise <<~EOM
+        Something mutated the environment on accident
+
+        Diff:
+        #{@env_diff}
+      EOM
+    end
+
+    def self.check_images
+      diff = @docker_diff.call
+      return if diff.same?
+
+      raise <<~EOM
+        Docker images have leaked
+
+        Your tests are generating docker images that were not cleaned up
+
+        #{diff}
+
+      EOM
+    end
+  end
+end