gitlab-labkit 0.21.2 → 0.23.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '058e5c086c1e0408267aa37085b1badd34e04fdc30500a0d53bd081d275ae1c5'
4
- data.tar.gz: 04e3d07290e4d1dd2b5e311ed5f1754dd131b3600ed8670d642e87f099ac704c
3
+ metadata.gz: 374f599a7aab8870d5294f5920d5f8563d8b694ea6788c1fa42ad7e8a50fd34a
4
+ data.tar.gz: f3d81d73ec48bf35b8faaf6cb8e5f43c27feb32a411acab08d1b5caddf112acb
5
5
  SHA512:
6
- metadata.gz: 247a32b1cefef2f8a8ff5c5927048284976c8aef1eea14ad26a9c10b151760f0d412ece360ab7df0b82bb4596ceba7656aeb7c711caa14de039c531c43d298e8
7
- data.tar.gz: 40d0731363c80b02e658c252dfd0da1c7ad4b19688f66f35a8b146fdef024fb3e0754a453fe38a98207102f01801db14420e553c731eba7fc09f9bdcbc1c6447
6
+ metadata.gz: daf3ba2cc04096dbcfd4ce9acb9a719b4437eba9aa9b2e4d3a39885f5b47dbd8dd5dc2696e775ecfd961cc729426f8eca5b7abe978a9c023876d3aac9e29168f
7
+ data.tar.gz: fe9648bd7092ff6852fbda09f54ca6356c5b3c8eb3974ff16839b8bb7e9f28ffb3d145e626383ab8d09f1e19dc1b6b2b10fedc910296e74e9af82c5b39155c4f
data/.gitlab/CODEOWNERS CHANGED
@@ -1 +1 @@
1
- * @andrewn @ayufan @reprazent
1
+ * @andrewn @ayufan @reprazent @mkaeppler
data/.gitlab-ci.yml CHANGED
@@ -36,6 +36,17 @@ static-analysis:
36
36
  script:
37
37
  - rake verify
38
38
 
39
+ danger-review:
40
+ image: ruby:3.0
41
+ stage: test
42
+ except:
43
+ - tags
44
+ - master
45
+ before_script:
46
+ - bundle install
47
+ script:
48
+ - bundle exec danger --fail-on-errors=true --verbose
49
+
39
50
  deploy:
40
51
  stage: deploy
41
52
  script:
data/.rubocop.yml CHANGED
@@ -60,3 +60,6 @@ Lint/RedundantSafeNavigation: # (new in 0.93)
60
60
  Enabled: true
61
61
  Style/ClassEqualityComparison: # (new in 0.93)
62
62
  Enabled: true
63
+
64
+ CodeReuse/ActiveRecord:
65
+ Enabled: false
data/CONTRIBUTING.md ADDED
@@ -0,0 +1,40 @@
1
+ ## Developer Certificate of Origin and License
2
+
3
+ By contributing to GitLab B.V., you accept and agree to the following terms and
4
+ conditions for your present and future contributions submitted to GitLab B.V.
5
+ Except for the license granted herein to GitLab B.V. and recipients of software
6
+ distributed by GitLab B.V., you reserve all right, title, and interest in and to
7
+ your Contributions.
8
+
9
+ All contributions are subject to the Developer Certificate of Origin and license set out at [docs.gitlab.com/ce/legal/developer_certificate_of_origin](https://docs.gitlab.com/ce/legal/developer_certificate_of_origin).
10
+
11
+ _This notice should stay as the first item in the CONTRIBUTING.md file._
12
+
13
+ ## Code of conduct
14
+
15
+ As contributors and maintainers of this project, we pledge to respect all people
16
+ who contribute through reporting issues, posting feature requests, updating
17
+ documentation, submitting pull requests or patches, and other activities.
18
+
19
+ We are committed to making participation in this project a harassment-free
20
+ experience for everyone, regardless of level of experience, gender, gender
21
+ identity and expression, sexual orientation, disability, personal appearance,
22
+ body size, race, ethnicity, age, or religion.
23
+
24
+ Examples of unacceptable behavior by participants include the use of sexual
25
+ language or imagery, derogatory comments or personal attacks, trolling, public
26
+ or private harassment, insults, or other unprofessional conduct.
27
+
28
+ Project maintainers have the right and responsibility to remove, edit, or reject
29
+ comments, commits, code, wiki edits, issues, and other contributions that are
30
+ not aligned to this Code of Conduct. Project maintainers who do not follow the
31
+ Code of Conduct may be removed from the project team.
32
+
33
+ This code of conduct applies both within project spaces and in public spaces
34
+ when an individual is representing the project or its community.
35
+
36
+ Instances of abusive, harassing, or otherwise unacceptable behavior can be
37
+ reported by emailing contact@gitlab.com.
38
+
39
+ This Code of Conduct is adapted from the [Contributor Covenant](https://contributor-covenant.org), version 1.1.0,
40
+ available at [https://contributor-covenant.org/version/1/1/0/](https://contributor-covenant.org/version/1/1/0/).
data/Dangerfile ADDED
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'gitlab-dangerfiles'
4
+
5
+ Gitlab::Dangerfiles.for_project(self, 'labkit-ruby', &:import_defaults)
data/README.md CHANGED
@@ -16,10 +16,11 @@ The changelog is available via [**tagged release notes**](https://gitlab.com/git
16
16
 
17
17
  ## Functionality
18
18
 
19
- LabKit-Ruby provides functionality in three areas:
19
+ LabKit-Ruby provides functionality in a number of areas:
20
20
 
21
21
  1. `Labkit::Context` used for providing context information to log messages.
22
22
  1. `Labkit::Correlation` For accessing the correlation id. (Generated and propagated by `Labkit::Context`)
23
+ 1. `Labkit::FIPS` for checking for FIPS mode and using FIPS-compliant algorithms.
23
24
  1. `Labkit::Logging` for sanitizing log messages.
24
25
  1. `Labkit::Tracing` for handling and propagating distributed traces.
25
26
 
@@ -21,8 +21,8 @@ Gem::Specification.new do |spec|
21
21
  # Please maintain alphabetical order for dependencies
22
22
  spec.add_runtime_dependency "actionpack", ">= 5.0.0", "< 7.0.0"
23
23
  spec.add_runtime_dependency "activesupport", ">= 5.0.0", "< 7.0.0"
24
- spec.add_runtime_dependency "grpc", "~> 1.30" # Be sure to update the "grpc-tools" dev_dependency too
25
- spec.add_runtime_dependency "jaeger-client", "~> 1.1"
24
+ spec.add_runtime_dependency "grpc", ">= 1.37" # Be sure to update the "grpc-tools" dev_dependency too
25
+ spec.add_runtime_dependency "jaeger-client", "~> 1.1.0"
26
26
  spec.add_runtime_dependency "opentracing", "~> 0.4"
27
27
  spec.add_runtime_dependency "pg_query", "~> 2.1"
28
28
  spec.add_runtime_dependency "redis", ">3.0.0", "<5.0.0"
@@ -30,8 +30,9 @@ Gem::Specification.new do |spec|
30
30
  # Please maintain alphabetical order for dev dependencies
31
31
  spec.add_development_dependency "excon", "~> 0.78.1"
32
32
  spec.add_development_dependency "faraday", "~> 1.2.0"
33
+ spec.add_development_dependency "gitlab-dangerfiles", "~> 2.11.0"
33
34
  spec.add_development_dependency "gitlab-styles", "~> 6.2.0"
34
- spec.add_development_dependency "grpc-tools", "~> 1.30"
35
+ spec.add_development_dependency "grpc-tools", ">= 1.37"
35
36
  spec.add_development_dependency "httparty", "~> 0.17.3"
36
37
  spec.add_development_dependency "httpclient", "~> 2.8.3"
37
38
  spec.add_development_dependency "pry", "~> 0.12"
@@ -41,6 +42,6 @@ Gem::Specification.new do |spec|
41
42
  spec.add_development_dependency "rspec", "~> 3.10.0"
42
43
  spec.add_development_dependency "rspec-parameterized", "~> 0.4"
43
44
  spec.add_development_dependency "rufo", "0.9.0"
44
- spec.add_development_dependency "sidekiq", "~> 5.2.7"
45
+ spec.add_development_dependency "sidekiq", ">= 5.2"
45
46
  spec.add_development_dependency "webrick", "~> 1.7.0"
46
47
  end
data/lib/gitlab-labkit.rb CHANGED
@@ -9,6 +9,7 @@ module Labkit
9
9
 
10
10
  autoload :Correlation, "labkit/correlation"
11
11
  autoload :Context, "labkit/context"
12
+ autoload :FIPS, "labkit/fips"
12
13
  autoload :Tracing, "labkit/tracing"
13
14
  autoload :Logging, "labkit/logging"
14
15
  autoload :Middleware, "labkit/middleware"
@@ -9,7 +9,6 @@ require "active_support/core_ext/string/inflections"
9
9
  module Labkit
10
10
  # A context can be used to provide structured information on what resources
11
11
  # GitLab is working on within a service.
12
- # The currently supported keys are defined in the `KNOWN_KEYS` constant.
13
12
  #
14
13
  # Values can be provided by passing a hash. If one of the values is a Proc
15
14
  # the proc will only be called when the value is actually needed.
@@ -28,8 +27,6 @@ module Labkit
28
27
  CORRELATION_ID_KEY = "correlation_id"
29
28
  RAW_KEYS = [CORRELATION_ID_KEY].freeze
30
29
  HEADER_PREFIX = "X-Gitlab-"
31
- KNOWN_KEYS = %w[user project root_namespace subscription_plan caller_id
32
- remote_ip related_class feature_category client_id].freeze
33
30
 
34
31
  class << self
35
32
  def with_context(attributes = {})
@@ -122,7 +119,6 @@ module Labkit
122
119
 
123
120
  def assign_attributes(attributes)
124
121
  attributes = attributes.transform_keys(&method(:log_key))
125
- attributes = attributes.slice(*known_log_keys)
126
122
 
127
123
  data.merge!(attributes)
128
124
 
@@ -138,7 +134,7 @@ module Labkit
138
134
 
139
135
  private
140
136
 
141
- delegate :log_key, :known_log_keys, to: :class
137
+ delegate :log_key, to: :class
142
138
 
143
139
  attr_reader :data
144
140
 
@@ -0,0 +1,47 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Labkit
4
+ module Digest
5
+ module SHA2
6
+ def new(*args, &block)
7
+ bitlen = args.first || 256
8
+ ::OpenSSL::Digest.const_get("SHA#{bitlen}").new
9
+ end
10
+ end
11
+ end
12
+
13
+ class FIPS
14
+ OPENSSL_DIGESTS = %i[SHA1 SHA256 SHA384 SHA512].freeze
15
+
16
+ class << self
17
+ # Returns whether we should be running in FIPS mode or not
18
+ #
19
+ # @return [Boolean]
20
+ def enabled?
21
+ # Attempt to auto-detect FIPS mode from OpenSSL
22
+ return true if OpenSSL.fips_mode
23
+
24
+ # Otherwise allow it to be set manually via the env vars
25
+ return true if %w[1 true yes].include?(ENV["FIPS_MODE"])
26
+
27
+ false
28
+ end
29
+
30
+ # Swap Ruby's Digest::SHAx implementations for OpenSSL::Digest::SHAx.
31
+ def enable_fips_mode!
32
+ require "digest"
33
+ require "digest/sha2"
34
+
35
+ ::Digest::SHA2.singleton_class.prepend(Labkit::Digest::SHA2)
36
+ OPENSSL_DIGESTS.each { |alg| use_openssl_digest(alg, alg) }
37
+ end
38
+
39
+ private
40
+
41
+ def use_openssl_digest(ruby_algorithm, openssl_algorithm)
42
+ ::Digest.send(:remove_const, ruby_algorithm) # rubocop:disable GitlabSecurity/PublicSend
43
+ ::Digest.const_set(ruby_algorithm, OpenSSL::Digest.const_get(openssl_algorithm, false))
44
+ end
45
+ end
46
+ end
47
+ end
@@ -10,6 +10,7 @@ module Labkit
10
10
  def call(_worker_class, job, _queue)
11
11
  worker_name = (job["wrapped"].presence || job["class"]).to_s
12
12
  data = job.merge(Labkit::Context.log_key(:caller_id) => worker_name)
13
+ .select { |key, _| key.start_with?("#{Labkit::Context::LOG_KEY}.") || Labkit::Context::RAW_KEYS.include?(key.to_s) }
13
14
 
14
15
  Labkit::Context.with_context(data) do |_context|
15
16
  yield
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gitlab-labkit
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.21.2
4
+ version: 0.23.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Newdigate
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-09-08 00:00:00.000000000 Z
11
+ date: 2022-06-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: actionpack
@@ -54,30 +54,30 @@ dependencies:
54
54
  name: grpc
55
55
  requirement: !ruby/object:Gem::Requirement
56
56
  requirements:
57
- - - "~>"
57
+ - - ">="
58
58
  - !ruby/object:Gem::Version
59
- version: '1.30'
59
+ version: '1.37'
60
60
  type: :runtime
61
61
  prerelease: false
62
62
  version_requirements: !ruby/object:Gem::Requirement
63
63
  requirements:
64
- - - "~>"
64
+ - - ">="
65
65
  - !ruby/object:Gem::Version
66
- version: '1.30'
66
+ version: '1.37'
67
67
  - !ruby/object:Gem::Dependency
68
68
  name: jaeger-client
69
69
  requirement: !ruby/object:Gem::Requirement
70
70
  requirements:
71
71
  - - "~>"
72
72
  - !ruby/object:Gem::Version
73
- version: '1.1'
73
+ version: 1.1.0
74
74
  type: :runtime
75
75
  prerelease: false
76
76
  version_requirements: !ruby/object:Gem::Requirement
77
77
  requirements:
78
78
  - - "~>"
79
79
  - !ruby/object:Gem::Version
80
- version: '1.1'
80
+ version: 1.1.0
81
81
  - !ruby/object:Gem::Dependency
82
82
  name: opentracing
83
83
  requirement: !ruby/object:Gem::Requirement
@@ -154,6 +154,20 @@ dependencies:
154
154
  - - "~>"
155
155
  - !ruby/object:Gem::Version
156
156
  version: 1.2.0
157
+ - !ruby/object:Gem::Dependency
158
+ name: gitlab-dangerfiles
159
+ requirement: !ruby/object:Gem::Requirement
160
+ requirements:
161
+ - - "~>"
162
+ - !ruby/object:Gem::Version
163
+ version: 2.11.0
164
+ type: :development
165
+ prerelease: false
166
+ version_requirements: !ruby/object:Gem::Requirement
167
+ requirements:
168
+ - - "~>"
169
+ - !ruby/object:Gem::Version
170
+ version: 2.11.0
157
171
  - !ruby/object:Gem::Dependency
158
172
  name: gitlab-styles
159
173
  requirement: !ruby/object:Gem::Requirement
@@ -172,16 +186,16 @@ dependencies:
172
186
  name: grpc-tools
173
187
  requirement: !ruby/object:Gem::Requirement
174
188
  requirements:
175
- - - "~>"
189
+ - - ">="
176
190
  - !ruby/object:Gem::Version
177
- version: '1.30'
191
+ version: '1.37'
178
192
  type: :development
179
193
  prerelease: false
180
194
  version_requirements: !ruby/object:Gem::Requirement
181
195
  requirements:
182
- - - "~>"
196
+ - - ">="
183
197
  - !ruby/object:Gem::Version
184
- version: '1.30'
198
+ version: '1.37'
185
199
  - !ruby/object:Gem::Dependency
186
200
  name: httparty
187
201
  requirement: !ruby/object:Gem::Requirement
@@ -312,16 +326,16 @@ dependencies:
312
326
  name: sidekiq
313
327
  requirement: !ruby/object:Gem::Requirement
314
328
  requirements:
315
- - - "~>"
329
+ - - ">="
316
330
  - !ruby/object:Gem::Version
317
- version: 5.2.7
331
+ version: '5.2'
318
332
  type: :development
319
333
  prerelease: false
320
334
  version_requirements: !ruby/object:Gem::Requirement
321
335
  requirements:
322
- - - "~>"
336
+ - - ">="
323
337
  - !ruby/object:Gem::Version
324
- version: 5.2.7
338
+ version: '5.2'
325
339
  - !ruby/object:Gem::Dependency
326
340
  name: webrick
327
341
  requirement: !ruby/object:Gem::Requirement
@@ -351,6 +365,8 @@ files:
351
365
  - ".rubocop_todo.yml"
352
366
  - ".ruby-version"
353
367
  - ".rufo"
368
+ - CONTRIBUTING.md
369
+ - Dangerfile
354
370
  - Gemfile
355
371
  - LICENSE
356
372
  - README.md
@@ -365,6 +381,7 @@ files:
365
381
  - lib/labkit/correlation/grpc/grpc_common.rb
366
382
  - lib/labkit/correlation/grpc/server_interceptor.rb
367
383
  - lib/labkit/excon_publisher.rb
384
+ - lib/labkit/fips.rb
368
385
  - lib/labkit/httpclient_publisher.rb
369
386
  - lib/labkit/logging.rb
370
387
  - lib/labkit/logging/grpc.rb