cutting_edge 0.0.1

data/README.md

@@ -0,0 +1,95 @@
+[![Build Status](https://travis-ci.org/repotag/cutting_edge.svg?branch=master)](https://travis-ci.org/repotag/cutting_edge)
+[![Coverage Status](https://coveralls.io/repos/github/repotag/cutting_edge/badge.svg?branch=master)](https://coveralls.io/github/repotag/cutting_edge?branch=master)
+
+# CuttingEdge
+
+## Sinatra App
+
+* start the app with `bundle exec ruby lib/app.rb`
+* Runs on http://localhost:4567
+* Routes under `/source/org/name`
+  * For example: http://localhost:4567/github/gollum/gollum/info
+
+## DependencyWorker
+
+The DependencyWorker currently performs the following actions:
+
+* Fetch gemfile and gemspec for a given Gem
+  * Currently, the `GithubGem` class specifies the needed information for a gem hosted on github, ditto for the `GitlabGem` class for gitlab.
+  * These are subclasses of `RepositoryGem`.
+* Parse both files for dependency requirements
+  * Does not bork if either of the files could not be retrieved.
+* Determine the latest version for each required gem
+  * By querying rubygems for a version of the gem `>= 0`.
+* Generate a Hash of results of the following form:
+```ruby
+{:gemspec=>
+  {:outdated_major=>
+    [{:name=>"kramdown",
+      :required=>"~> 1.9.0",
+      :latest=>"2.1.0",
+      :type=>:runtime},
+     {:name=>"sinatra",
+      :required=>"~> 1.4, >= 1.4.4",
+      :latest=>"2.0.8.1",
+      :type=>:runtime},
+     {:name=>"mustache",
+      :required=>">= 0.99.5, < 1.0.0",
+      :latest=>"1.1.1",
+      :type=>:runtime},
+     {:name=>"gemojione",
+      :required=>"~> 3.2",
+      :latest=>"4.3.2",
+      :type=>:runtime}],
+   :outdated_minor=>[],
+   :outdated_bump=>[],
+   :ok=>
+    [{:name=>"gollum-lib",
+      :required=>"~> 4.2, >= 4.2.10",
+      :latest=>"4.2.10",
+      :type=>:runtime},
+     {:name=>"useragent",
+      :required=>"~> 0.16.2",
+      :latest=>"0.16.10",
+      :type=>:runtime}],
+   :unknown=>[]},
+ :gemfile=>
+  {:outdated_major=>
+    [{:name=>"rake",
+      :required=>"~> 10.4",
+      :latest=>"13.0.1",
+      :type=>:runtime}],
+   :outdated_minor=>[],
+   :outdated_bump=>[],
+   :ok=>[],
+   :unknown=>[]}}
+
+```
+* These results are stored in a Moneta store under a key generated by `RepositoryGem#identifier` (for e.g. a `GithubGem`, the identifier will be of the form `'github/org/name'`).
+* The Moneta store used by the Worker is provided by the Sinatra app Class: `::CuttingEdge::App.store`.
+  * So we must do e.g. `CuttingEdge::App.set(:store, Moneta.new(:Memory))` to set the `#store` method on the `CuttingEdge` Class.
+
+### Example use of the DependencyWorker and Gem API
+
+See `test.rb` for a basic example (without Sinatra) of how the setup works. Run it with `bundle exec ruby test.rb`.
+
+```ruby
+require 'redis-objects'
+
+gem = GithubGem.new('gollum', 'gollum')
+
+Redis::Objects.redis = Redis.new
+gem_dependencies = Redis::Value.new(gem.identifier)
+
+puts gem_dependencies.value # Currently nil
+
+DependencyWorker.perform_async(gem.identifier, gem.gemspec_location, gem.gemfile_location) # Fire up a Sidekiq job
+
+# Sleep 5
+
+puts gem_dependencies.value # The JSON results hash
+```
+
+## License
+
+This work is licensed under the terms of the [GNU GPLv3.0](LICENSE).

data/Rakefile

@@ -0,0 +1,159 @@
+require 'rubygems'
+require 'date'
+require 'rspec/core/rake_task'
+
+task :default => :rspec
+
+desc "Run specs."
+RSpec::Core::RakeTask.new(:rspec) do |spec|
+  ruby_opts = "-w"
+  spec.pattern = 'spec/**/*_spec.rb'
+  spec.rspec_opts = ['--backtrace --color']
+end
+
+#############################################################################
+#
+# Helper functions
+#
+#############################################################################
+
+def name
+  @name ||= Dir['*.gemspec'].first.split('.').first
+end
+
+def version
+  line = File.read("lib/#{name}.rb")[/^\s*VERSION\s*=\s*.*/]
+  line.match(/.*VERSION\s*=\s*['"](.*)['"]/)[1]
+end
+
+# assumes x.y.z all digit version
+def next_version
+  # x.y.z
+  v = version.split '.'
+  # bump z
+  v[-1] = v[-1].to_i + 1
+  v.join '.'
+end
+
+def bump_version
+  old_file = File.read("lib/#{name}.rb")
+  old_version_line = old_file[/^\s*VERSION\s*=\s*.*/]
+  new_version = next_version
+  # replace first match of old vesion with new version
+  old_file.sub!(old_version_line, "  VERSION = '#{new_version}'")
+
+  File.write("lib/#{name}.rb", old_file)
+
+  new_version
+end
+
+def date
+  Date.today.to_s
+end
+
+def gemspec_file
+  "#{name}.gemspec"
+end
+
+desc "Build the gem file."
+task :build do
+  system "gem build gollum_git_adapter_specs.gemspec"
+end
+
+def gem_file
+  "#{name}-#{version}.gem"
+end
+
+def replace_header(head, header_name)
+  head.sub!(/(\.#{header_name}\s*= ').*'/) { "#{$1}#{send(header_name)}'"}
+end
+
+#############################################################################
+#
+# Custom tasks (add your own tasks here)
+#
+#############################################################################
+
+desc "Update version number and gemspec"
+task :bump do
+  puts "Updated version to #{bump_version}"
+  # Execute does not invoke dependencies.
+  # Manually invoke gemspec then validate.
+  Rake::Task[:gemspec].execute
+  Rake::Task[:validate].execute
+end
+
+#############################################################################
+#
+# Packaging tasks
+#
+#############################################################################
+
+desc 'Create a release build and push to rubygems'
+task :release => :build do
+  unless `git branch` =~ /^\* master$/
+    puts "You must be on the master branch to release!"
+    exit!
+  end
+  sh "git commit --allow-empty -a -m 'Release #{version}'"
+  sh "git pull --rebase origin master"
+  sh "git tag v#{version}"
+  sh "git push origin master"
+  sh "git push origin v#{version}"
+  sh "gem push pkg/#{name}-#{version}.gem"
+end
+
+desc 'Publish to rubygems. Same as release'
+task :publish => :release
+
+desc 'Build gem'
+task :build => :gemspec do
+  sh "mkdir -p pkg"
+  sh "gem build #{gemspec_file}"
+  sh "mv #{gem_file} pkg"
+end
+
+desc "Build and install"
+task :install => :build do
+  sh "gem install --local --no-document pkg/#{name}-#{version}.gem"
+end
+
+desc 'Update gemspec'
+task :gemspec => :validate do
+  # read spec file and split out manifest section
+  spec = File.read(gemspec_file)
+  head, manifest, tail = spec.split("  # = MANIFEST =\n")
+
+  # replace name version and date
+  replace_header(head, :name)
+  replace_header(head, :version)
+  replace_header(head, :date)
+
+  # determine file list from git ls-files
+  files = `git ls-files`.
+    split("\n").
+    sort.
+    reject { |file| file =~ /^\./ }.
+    reject { |file| file =~ /^(rdoc|pkg|test|Home\.md|\.gitattributes)/ }.
+    map { |file| "    #{file}" }.
+    join("\n")
+
+  # piece file back together and write
+  manifest = "  s.files = %w[\n#{files}\n  ]\n"
+  spec = [head, manifest, tail].join("  # = MANIFEST =\n")
+  File.open(gemspec_file, 'w') { |io| io.write(spec) }
+  puts "Updated #{gemspec_file}"
+end
+
+desc 'Validate lib files and version file'
+task :validate do
+  libfiles = Dir['lib/*'] - ["lib/#{name}.rb", "lib/#{name}"]
+  unless libfiles.empty?
+    puts "Directory `lib` should only contain a `#{name}.rb` file and `#{name}` dir."
+    exit!
+  end
+  unless Dir['VERSION*'].empty?
+    puts "A `VERSION` file at root level violates Gem best practices."
+    exit!
+  end
+end

data/bin/cutting_edge

@@ -0,0 +1,72 @@
+#!/usr/bin/env ruby
+
+require File.expand_path('../../lib/cutting_edge/app.rb', __FILE__)
+require 'yaml'
+require 'rufus-scheduler'
+
+config = <<YAML
+github:
+  gollum:
+    gollum:
+      api_token: secret
+    gollum-lib:
+      api_token: secret
+      locations: [gemspec.rb]
+      dependency_types: [runtime, development]
+  singingwolfboy:
+    flask-dance:
+      language: python
+  rust-lang:
+    crates.io:
+      language: rust
+      api_token: secret
+gitlab:
+  cthowl01:
+    team-chess-ruby:
+      api_token: secret
+YAML
+
+options = {
+  :port => 4567,
+  :bind => '0.0.0.0',
+}
+
+store = Moneta.new(:Memory)
+
+repositories = {}
+YAML.load(config).each do |source, orgs|
+  orgs.each do |org, value|
+    value.each do |name, settings|
+      cfg = settings.is_a?(Hash) ? settings : {}
+      repo = Object.const_get("CuttingEdge::#{source.capitalize}Repository").new(org, name, cfg.fetch('language', nil), cfg.fetch('locations', nil), cfg.fetch('branch', nil), cfg.fetch('api_token', nil))
+      repo.dependency_types = cfg['dependency_types'].map {|dep| dep.to_sym} if cfg['dependency_types'].is_a?(Array)
+      repositories["#{source}/#{org}/#{name}"] = repo
+    end
+  end
+end
+
+# Need to initialize the log like this once, because otherwise it only becomes available after the Sinatra app has received a request...
+::SemanticLogger.add_appender(file_name: "#{CuttingEdge::App.environment}.log")
+
+CuttingEdge::App.set(:repositories, repositories)
+CuttingEdge::App.set(:store, store)
+CuttingEdge::App.set(:enable_logging, true)
+
+puts "Scheduling Jobs..."
+scheduler = Rufus::Scheduler.new
+scheduler.every('1h') do
+  worker_fetch_all(repositories.values)
+end
+scheduler.every('1h5m') do
+  worker_all_badges(repositories.values)
+end
+
+puts "Running Workers a first time..."
+include CuttingEdgeHelpers
+worker_fetch_all(repositories.values)
+
+sleep 5
+worker_all_badges(repositories.values)
+
+puts "Starting Sinatra..."
+CuttingEdge::App.run!(options)

data/cutting_edge.gemspec

@@ -0,0 +1,57 @@
+Gem::Specification.new do |s|
+  s.specification_version = 2 if s.respond_to? :specification_version=
+  s.required_rubygems_version = Gem::Requirement.new('>= 0') if s.respond_to? :required_rubygems_version=
+  s.rubygems_version = '1.3.5'
+  s.required_ruby_version = '>= 2.4'
+
+  s.name              = 'cutting_edge'
+  s.version           = '0.0.1'
+  s.date              = '2020-02-19'
+  s.license           = 'GPL-3.0-only'
+
+  s.summary     = 'Self-hosted dependency monitoring, including shiny badges.'
+  s.description = 'Self-hosted dependency monitoring, including shiny badges.'
+
+  s.authors  = ['Dawa Ometto', 'Bart Kamphorst']
+  s.email    = 'd.ometto@gmail.com'
+  s.homepage = 'http://github.com/repotag/cutting_edge'
+
+  s.require_paths = %w[lib]
+
+  s.executables = ['cutting_edge']
+
+  s.add_dependency 'gemnasium-parser', '~> 0.1.9'
+  s.add_dependency 'http', '~> 4.3'
+  s.add_dependency 'sucker_punch', '~> 2.1'
+  s.add_dependency 'sinatra', '~> 2.0'
+  s.add_dependency 'moneta', '~> 1.2'
+  s.add_dependency 'victor', '~> 0.2.8'
+  s.add_dependency 'rufus-scheduler', '~> 3.6'
+  s.add_dependency 'sinatra-logger', '~> 0.3'
+  s.add_dependency 'toml-rb', '~> 2.0'
+  # = MANIFEST =
+  s.files = %w[
+    Gemfile
+    LICENSE
+    README.md
+    Rakefile
+    bin/cutting_edge
+    cutting_edge.gemspec
+    lib/cutting_edge.rb
+    lib/cutting_edge/app.rb
+    lib/cutting_edge/badge.rb
+    lib/cutting_edge/langs.rb
+    lib/cutting_edge/langs/python.rb
+    lib/cutting_edge/langs/ruby.rb
+    lib/cutting_edge/langs/rust.rb
+    lib/cutting_edge/repo.rb
+    lib/cutting_edge/versions.rb
+    lib/cutting_edge/workers/badge.rb
+    lib/cutting_edge/workers/dependency.rb
+    lib/cutting_edge/workers/helpers.rb
+    spec/langs/python_spec.rb
+    spec/langs/rust_spec.rb
+    spec/spec_helper.rb
+  ]
+  # = MANIFEST =
+end

data/lib/cutting_edge.rb

@@ -0,0 +1,3 @@
+module CuttingEdge
+  VERSION = '0.0.1'
+end

data/lib/cutting_edge/app.rb

@@ -0,0 +1,77 @@
+require 'rubygems'
+require 'sucker_punch'
+require 'sinatra'
+require 'sinatra/logger'
+require 'json'
+require 'moneta'
+
+require File.expand_path('../../cutting_edge.rb', __FILE__)
+require File.expand_path('../repo.rb', __FILE__)
+require File.expand_path('../workers/dependency.rb', __FILE__)
+require File.expand_path('../workers/badge.rb', __FILE__)
+
+module CuttingEdgeHelpers
+  def worker_all_badges(repositories)
+    repositories.each do |repo|
+      worker_generate_badge(repo)
+    end
+  end
+
+  def worker_generate_badge(repo)
+    BadgeWorker.perform_async(repo.identifier)
+  end
+
+  def worker_fetch_all(repositories)
+    repositories.each do |repo|
+      worker_fetch(repo)
+    end
+  end
+
+  def worker_fetch(repo)
+    DependencyWorker.perform_async(repo.identifier, repo.lang, repo.locations, repo.dependency_types)
+  end
+end
+
+
+module CuttingEdge
+   LAST_VERSION_TIMEOUT = 5
+  
+  class App < Sinatra::Base
+    include CuttingEdgeHelpers
+
+    logger filename: "#{settings.environment}.log", level: :trace
+
+    before do
+      @store = settings.store
+    end
+
+    get %r{/(.+)/(.+)/(.+)/info} do |source, org, name|
+      repo_defined?(source, org, name)
+      content_type :json
+      @store[@repo.identifier].merge({:language => @repo.lang}).to_json # Todo: check whether value exists yet? If not, call worker / wait / timeout?
+    end
+
+    get %r{/(.+)/(.+)/(.+)/svg} do |source, org, name|
+      repo_defined?(source, org, name)
+      content_type 'image/svg+xml'
+      @store["svg-#{@repo.identifier}"]
+    end
+
+    post %r{/(.+)/(.+)/(.+)/refresh} do |source, org, name|
+      repo_defined?(source, org, name)
+      if @repo.token && params[:token] == @repo.token
+        worker_fetch(@repo)
+        status 200
+      else
+        status 401
+      end
+    end
+
+    private
+
+    def repo_defined?(source, org, name)
+      halt 404, '404 Not Found' unless @repo = settings.repositories["#{source}/#{org}/#{name}"]
+    end
+
+  end
+end