gitlab-labkit 0.21.2 → 0.23.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitlab/CODEOWNERS +1 -1
- data/.gitlab-ci.yml +11 -0
- data/.rubocop.yml +3 -0
- data/CONTRIBUTING.md +40 -0
- data/Dangerfile +5 -0
- data/README.md +2 -1
- data/gitlab-labkit.gemspec +5 -4
- data/lib/gitlab-labkit.rb +1 -0
- data/lib/labkit/context.rb +1 -5
- data/lib/labkit/fips.rb +47 -0
- data/lib/labkit/middleware/sidekiq/context/server.rb +1 -0
- metadata +33 -16
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 374f599a7aab8870d5294f5920d5f8563d8b694ea6788c1fa42ad7e8a50fd34a
|
4
|
+
data.tar.gz: f3d81d73ec48bf35b8faaf6cb8e5f43c27feb32a411acab08d1b5caddf112acb
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: daf3ba2cc04096dbcfd4ce9acb9a719b4437eba9aa9b2e4d3a39885f5b47dbd8dd5dc2696e775ecfd961cc729426f8eca5b7abe978a9c023876d3aac9e29168f
|
7
|
+
data.tar.gz: fe9648bd7092ff6852fbda09f54ca6356c5b3c8eb3974ff16839b8bb7e9f28ffb3d145e626383ab8d09f1e19dc1b6b2b10fedc910296e74e9af82c5b39155c4f
|
data/.gitlab/CODEOWNERS
CHANGED
@@ -1 +1 @@
|
|
1
|
-
* @andrewn @ayufan @reprazent
|
1
|
+
* @andrewn @ayufan @reprazent @mkaeppler
|
data/.gitlab-ci.yml
CHANGED
@@ -36,6 +36,17 @@ static-analysis:
|
|
36
36
|
script:
|
37
37
|
- rake verify
|
38
38
|
|
39
|
+
danger-review:
|
40
|
+
image: ruby:3.0
|
41
|
+
stage: test
|
42
|
+
except:
|
43
|
+
- tags
|
44
|
+
- master
|
45
|
+
before_script:
|
46
|
+
- bundle install
|
47
|
+
script:
|
48
|
+
- bundle exec danger --fail-on-errors=true --verbose
|
49
|
+
|
39
50
|
deploy:
|
40
51
|
stage: deploy
|
41
52
|
script:
|
data/.rubocop.yml
CHANGED
data/CONTRIBUTING.md
ADDED
@@ -0,0 +1,40 @@
|
|
1
|
+
## Developer Certificate of Origin and License
|
2
|
+
|
3
|
+
By contributing to GitLab B.V., you accept and agree to the following terms and
|
4
|
+
conditions for your present and future contributions submitted to GitLab B.V.
|
5
|
+
Except for the license granted herein to GitLab B.V. and recipients of software
|
6
|
+
distributed by GitLab B.V., you reserve all right, title, and interest in and to
|
7
|
+
your Contributions.
|
8
|
+
|
9
|
+
All contributions are subject to the Developer Certificate of Origin and license set out at [docs.gitlab.com/ce/legal/developer_certificate_of_origin](https://docs.gitlab.com/ce/legal/developer_certificate_of_origin).
|
10
|
+
|
11
|
+
_This notice should stay as the first item in the CONTRIBUTING.md file._
|
12
|
+
|
13
|
+
## Code of conduct
|
14
|
+
|
15
|
+
As contributors and maintainers of this project, we pledge to respect all people
|
16
|
+
who contribute through reporting issues, posting feature requests, updating
|
17
|
+
documentation, submitting pull requests or patches, and other activities.
|
18
|
+
|
19
|
+
We are committed to making participation in this project a harassment-free
|
20
|
+
experience for everyone, regardless of level of experience, gender, gender
|
21
|
+
identity and expression, sexual orientation, disability, personal appearance,
|
22
|
+
body size, race, ethnicity, age, or religion.
|
23
|
+
|
24
|
+
Examples of unacceptable behavior by participants include the use of sexual
|
25
|
+
language or imagery, derogatory comments or personal attacks, trolling, public
|
26
|
+
or private harassment, insults, or other unprofessional conduct.
|
27
|
+
|
28
|
+
Project maintainers have the right and responsibility to remove, edit, or reject
|
29
|
+
comments, commits, code, wiki edits, issues, and other contributions that are
|
30
|
+
not aligned to this Code of Conduct. Project maintainers who do not follow the
|
31
|
+
Code of Conduct may be removed from the project team.
|
32
|
+
|
33
|
+
This code of conduct applies both within project spaces and in public spaces
|
34
|
+
when an individual is representing the project or its community.
|
35
|
+
|
36
|
+
Instances of abusive, harassing, or otherwise unacceptable behavior can be
|
37
|
+
reported by emailing contact@gitlab.com.
|
38
|
+
|
39
|
+
This Code of Conduct is adapted from the [Contributor Covenant](https://contributor-covenant.org), version 1.1.0,
|
40
|
+
available at [https://contributor-covenant.org/version/1/1/0/](https://contributor-covenant.org/version/1/1/0/).
|
data/Dangerfile
ADDED
data/README.md
CHANGED
@@ -16,10 +16,11 @@ The changelog is available via [**tagged release notes**](https://gitlab.com/git
|
|
16
16
|
|
17
17
|
## Functionality
|
18
18
|
|
19
|
-
LabKit-Ruby provides functionality in
|
19
|
+
LabKit-Ruby provides functionality in a number of areas:
|
20
20
|
|
21
21
|
1. `Labkit::Context` used for providing context information to log messages.
|
22
22
|
1. `Labkit::Correlation` For accessing the correlation id. (Generated and propagated by `Labkit::Context`)
|
23
|
+
1. `Labkit::FIPS` for checking for FIPS mode and using FIPS-compliant algorithms.
|
23
24
|
1. `Labkit::Logging` for sanitizing log messages.
|
24
25
|
1. `Labkit::Tracing` for handling and propagating distributed traces.
|
25
26
|
|
data/gitlab-labkit.gemspec
CHANGED
@@ -21,8 +21,8 @@ Gem::Specification.new do |spec|
|
|
21
21
|
# Please maintain alphabetical order for dependencies
|
22
22
|
spec.add_runtime_dependency "actionpack", ">= 5.0.0", "< 7.0.0"
|
23
23
|
spec.add_runtime_dependency "activesupport", ">= 5.0.0", "< 7.0.0"
|
24
|
-
spec.add_runtime_dependency "grpc", "
|
25
|
-
spec.add_runtime_dependency "jaeger-client", "~> 1.1"
|
24
|
+
spec.add_runtime_dependency "grpc", ">= 1.37" # Be sure to update the "grpc-tools" dev_dependency too
|
25
|
+
spec.add_runtime_dependency "jaeger-client", "~> 1.1.0"
|
26
26
|
spec.add_runtime_dependency "opentracing", "~> 0.4"
|
27
27
|
spec.add_runtime_dependency "pg_query", "~> 2.1"
|
28
28
|
spec.add_runtime_dependency "redis", ">3.0.0", "<5.0.0"
|
@@ -30,8 +30,9 @@ Gem::Specification.new do |spec|
|
|
30
30
|
# Please maintain alphabetical order for dev dependencies
|
31
31
|
spec.add_development_dependency "excon", "~> 0.78.1"
|
32
32
|
spec.add_development_dependency "faraday", "~> 1.2.0"
|
33
|
+
spec.add_development_dependency "gitlab-dangerfiles", "~> 2.11.0"
|
33
34
|
spec.add_development_dependency "gitlab-styles", "~> 6.2.0"
|
34
|
-
spec.add_development_dependency "grpc-tools", "
|
35
|
+
spec.add_development_dependency "grpc-tools", ">= 1.37"
|
35
36
|
spec.add_development_dependency "httparty", "~> 0.17.3"
|
36
37
|
spec.add_development_dependency "httpclient", "~> 2.8.3"
|
37
38
|
spec.add_development_dependency "pry", "~> 0.12"
|
@@ -41,6 +42,6 @@ Gem::Specification.new do |spec|
|
|
41
42
|
spec.add_development_dependency "rspec", "~> 3.10.0"
|
42
43
|
spec.add_development_dependency "rspec-parameterized", "~> 0.4"
|
43
44
|
spec.add_development_dependency "rufo", "0.9.0"
|
44
|
-
spec.add_development_dependency "sidekiq", "
|
45
|
+
spec.add_development_dependency "sidekiq", ">= 5.2"
|
45
46
|
spec.add_development_dependency "webrick", "~> 1.7.0"
|
46
47
|
end
|
data/lib/gitlab-labkit.rb
CHANGED
data/lib/labkit/context.rb
CHANGED
@@ -9,7 +9,6 @@ require "active_support/core_ext/string/inflections"
|
|
9
9
|
module Labkit
|
10
10
|
# A context can be used to provide structured information on what resources
|
11
11
|
# GitLab is working on within a service.
|
12
|
-
# The currently supported keys are defined in the `KNOWN_KEYS` constant.
|
13
12
|
#
|
14
13
|
# Values can be provided by passing a hash. If one of the values is a Proc
|
15
14
|
# the proc will only be called when the value is actually needed.
|
@@ -28,8 +27,6 @@ module Labkit
|
|
28
27
|
CORRELATION_ID_KEY = "correlation_id"
|
29
28
|
RAW_KEYS = [CORRELATION_ID_KEY].freeze
|
30
29
|
HEADER_PREFIX = "X-Gitlab-"
|
31
|
-
KNOWN_KEYS = %w[user project root_namespace subscription_plan caller_id
|
32
|
-
remote_ip related_class feature_category client_id].freeze
|
33
30
|
|
34
31
|
class << self
|
35
32
|
def with_context(attributes = {})
|
@@ -122,7 +119,6 @@ module Labkit
|
|
122
119
|
|
123
120
|
def assign_attributes(attributes)
|
124
121
|
attributes = attributes.transform_keys(&method(:log_key))
|
125
|
-
attributes = attributes.slice(*known_log_keys)
|
126
122
|
|
127
123
|
data.merge!(attributes)
|
128
124
|
|
@@ -138,7 +134,7 @@ module Labkit
|
|
138
134
|
|
139
135
|
private
|
140
136
|
|
141
|
-
delegate :log_key,
|
137
|
+
delegate :log_key, to: :class
|
142
138
|
|
143
139
|
attr_reader :data
|
144
140
|
|
data/lib/labkit/fips.rb
ADDED
@@ -0,0 +1,47 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Labkit
|
4
|
+
module Digest
|
5
|
+
module SHA2
|
6
|
+
def new(*args, &block)
|
7
|
+
bitlen = args.first || 256
|
8
|
+
::OpenSSL::Digest.const_get("SHA#{bitlen}").new
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
class FIPS
|
14
|
+
OPENSSL_DIGESTS = %i[SHA1 SHA256 SHA384 SHA512].freeze
|
15
|
+
|
16
|
+
class << self
|
17
|
+
# Returns whether we should be running in FIPS mode or not
|
18
|
+
#
|
19
|
+
# @return [Boolean]
|
20
|
+
def enabled?
|
21
|
+
# Attempt to auto-detect FIPS mode from OpenSSL
|
22
|
+
return true if OpenSSL.fips_mode
|
23
|
+
|
24
|
+
# Otherwise allow it to be set manually via the env vars
|
25
|
+
return true if %w[1 true yes].include?(ENV["FIPS_MODE"])
|
26
|
+
|
27
|
+
false
|
28
|
+
end
|
29
|
+
|
30
|
+
# Swap Ruby's Digest::SHAx implementations for OpenSSL::Digest::SHAx.
|
31
|
+
def enable_fips_mode!
|
32
|
+
require "digest"
|
33
|
+
require "digest/sha2"
|
34
|
+
|
35
|
+
::Digest::SHA2.singleton_class.prepend(Labkit::Digest::SHA2)
|
36
|
+
OPENSSL_DIGESTS.each { |alg| use_openssl_digest(alg, alg) }
|
37
|
+
end
|
38
|
+
|
39
|
+
private
|
40
|
+
|
41
|
+
def use_openssl_digest(ruby_algorithm, openssl_algorithm)
|
42
|
+
::Digest.send(:remove_const, ruby_algorithm) # rubocop:disable GitlabSecurity/PublicSend
|
43
|
+
::Digest.const_set(ruby_algorithm, OpenSSL::Digest.const_get(openssl_algorithm, false))
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
@@ -10,6 +10,7 @@ module Labkit
|
|
10
10
|
def call(_worker_class, job, _queue)
|
11
11
|
worker_name = (job["wrapped"].presence || job["class"]).to_s
|
12
12
|
data = job.merge(Labkit::Context.log_key(:caller_id) => worker_name)
|
13
|
+
.select { |key, _| key.start_with?("#{Labkit::Context::LOG_KEY}.") || Labkit::Context::RAW_KEYS.include?(key.to_s) }
|
13
14
|
|
14
15
|
Labkit::Context.with_context(data) do |_context|
|
15
16
|
yield
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: gitlab-labkit
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.23.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrew Newdigate
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-06-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: actionpack
|
@@ -54,30 +54,30 @@ dependencies:
|
|
54
54
|
name: grpc
|
55
55
|
requirement: !ruby/object:Gem::Requirement
|
56
56
|
requirements:
|
57
|
-
- - "
|
57
|
+
- - ">="
|
58
58
|
- !ruby/object:Gem::Version
|
59
|
-
version: '1.
|
59
|
+
version: '1.37'
|
60
60
|
type: :runtime
|
61
61
|
prerelease: false
|
62
62
|
version_requirements: !ruby/object:Gem::Requirement
|
63
63
|
requirements:
|
64
|
-
- - "
|
64
|
+
- - ">="
|
65
65
|
- !ruby/object:Gem::Version
|
66
|
-
version: '1.
|
66
|
+
version: '1.37'
|
67
67
|
- !ruby/object:Gem::Dependency
|
68
68
|
name: jaeger-client
|
69
69
|
requirement: !ruby/object:Gem::Requirement
|
70
70
|
requirements:
|
71
71
|
- - "~>"
|
72
72
|
- !ruby/object:Gem::Version
|
73
|
-
version:
|
73
|
+
version: 1.1.0
|
74
74
|
type: :runtime
|
75
75
|
prerelease: false
|
76
76
|
version_requirements: !ruby/object:Gem::Requirement
|
77
77
|
requirements:
|
78
78
|
- - "~>"
|
79
79
|
- !ruby/object:Gem::Version
|
80
|
-
version:
|
80
|
+
version: 1.1.0
|
81
81
|
- !ruby/object:Gem::Dependency
|
82
82
|
name: opentracing
|
83
83
|
requirement: !ruby/object:Gem::Requirement
|
@@ -154,6 +154,20 @@ dependencies:
|
|
154
154
|
- - "~>"
|
155
155
|
- !ruby/object:Gem::Version
|
156
156
|
version: 1.2.0
|
157
|
+
- !ruby/object:Gem::Dependency
|
158
|
+
name: gitlab-dangerfiles
|
159
|
+
requirement: !ruby/object:Gem::Requirement
|
160
|
+
requirements:
|
161
|
+
- - "~>"
|
162
|
+
- !ruby/object:Gem::Version
|
163
|
+
version: 2.11.0
|
164
|
+
type: :development
|
165
|
+
prerelease: false
|
166
|
+
version_requirements: !ruby/object:Gem::Requirement
|
167
|
+
requirements:
|
168
|
+
- - "~>"
|
169
|
+
- !ruby/object:Gem::Version
|
170
|
+
version: 2.11.0
|
157
171
|
- !ruby/object:Gem::Dependency
|
158
172
|
name: gitlab-styles
|
159
173
|
requirement: !ruby/object:Gem::Requirement
|
@@ -172,16 +186,16 @@ dependencies:
|
|
172
186
|
name: grpc-tools
|
173
187
|
requirement: !ruby/object:Gem::Requirement
|
174
188
|
requirements:
|
175
|
-
- - "
|
189
|
+
- - ">="
|
176
190
|
- !ruby/object:Gem::Version
|
177
|
-
version: '1.
|
191
|
+
version: '1.37'
|
178
192
|
type: :development
|
179
193
|
prerelease: false
|
180
194
|
version_requirements: !ruby/object:Gem::Requirement
|
181
195
|
requirements:
|
182
|
-
- - "
|
196
|
+
- - ">="
|
183
197
|
- !ruby/object:Gem::Version
|
184
|
-
version: '1.
|
198
|
+
version: '1.37'
|
185
199
|
- !ruby/object:Gem::Dependency
|
186
200
|
name: httparty
|
187
201
|
requirement: !ruby/object:Gem::Requirement
|
@@ -312,16 +326,16 @@ dependencies:
|
|
312
326
|
name: sidekiq
|
313
327
|
requirement: !ruby/object:Gem::Requirement
|
314
328
|
requirements:
|
315
|
-
- - "
|
329
|
+
- - ">="
|
316
330
|
- !ruby/object:Gem::Version
|
317
|
-
version: 5.2
|
331
|
+
version: '5.2'
|
318
332
|
type: :development
|
319
333
|
prerelease: false
|
320
334
|
version_requirements: !ruby/object:Gem::Requirement
|
321
335
|
requirements:
|
322
|
-
- - "
|
336
|
+
- - ">="
|
323
337
|
- !ruby/object:Gem::Version
|
324
|
-
version: 5.2
|
338
|
+
version: '5.2'
|
325
339
|
- !ruby/object:Gem::Dependency
|
326
340
|
name: webrick
|
327
341
|
requirement: !ruby/object:Gem::Requirement
|
@@ -351,6 +365,8 @@ files:
|
|
351
365
|
- ".rubocop_todo.yml"
|
352
366
|
- ".ruby-version"
|
353
367
|
- ".rufo"
|
368
|
+
- CONTRIBUTING.md
|
369
|
+
- Dangerfile
|
354
370
|
- Gemfile
|
355
371
|
- LICENSE
|
356
372
|
- README.md
|
@@ -365,6 +381,7 @@ files:
|
|
365
381
|
- lib/labkit/correlation/grpc/grpc_common.rb
|
366
382
|
- lib/labkit/correlation/grpc/server_interceptor.rb
|
367
383
|
- lib/labkit/excon_publisher.rb
|
384
|
+
- lib/labkit/fips.rb
|
368
385
|
- lib/labkit/httpclient_publisher.rb
|
369
386
|
- lib/labkit/logging.rb
|
370
387
|
- lib/labkit/logging/grpc.rb
|