RubyGems - gitlab-labkit - Versions diffs - 0.21.3 → 0.24.0 - Mend

gitlab-labkit 0.21.3 → 0.24.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml +4 -4
data/.rubocop.yml +3 -0
data/Dangerfile +1 -7
data/README.md +2 -1
data/gitlab-labkit.gemspec +4 -4
data/lib/gitlab-labkit.rb +1 -0
data/lib/labkit/context.rb +1 -5
data/lib/labkit/fips.rb +47 -0
data/lib/labkit/middleware/sidekiq/context/server.rb +1 -0
metadata +13 -14
data/danger/plugins/project_helper.rb +0 -15
data/danger/roulette/Dangerfile +0 -62

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 14048d91e2aa329e7917f040d355f7be56c2f489ebf127bfa20404a8f2f9be64
-  data.tar.gz: ad10bb2702dd57e5d14fccc95c22c42741ccbe61dda33ec84a9c8a53298cb356
+  metadata.gz: 6e86f57fe5a7804f3b930b86abd75f74f7e4a6b01d67eba235c036ba88646052
+  data.tar.gz: ea7d3fe526de0859b739b108adebdf86110cc49f6c59ae98b9b834c876794bb7
 SHA512:
-  metadata.gz: b47d6fe2f2cf24ab41a0829c0c70908f1f6848d077ad0d09cb57b1df5ea73bc42d279127ad944054ae2a3a8443369d64514b69f90b24f87a05045e55305a03c3
-  data.tar.gz: 41f04b4d054735c701e80b242cba69aa79723a620abe059e0888b423be0d868e9ab792b8fce08451bc304b8eb84b684d67bb9bcfb67befefdc707188d492c433
+  metadata.gz: 0a21a42f553c966c7bf5555afea1abaa72ab2837300bd09bae84c2b58f141a72c22cb3f2f20257c1ab1aadc789af47b2ed3104440b0ca3d66f37e67c17c32f0e
+  data.tar.gz: b8f72ab37a74c3523dfc8095d2ebe549c2710bed45741c9a6acb0211424a602695732340e94b7d9d7d3bcd3a1b95151540b3726462bf821ee03acc03951a3968

data/.rubocop.yml CHANGED Viewed

@@ -60,3 +60,6 @@ Lint/RedundantSafeNavigation: # (new in 0.93)
   Enabled: true
 Style/ClassEqualityComparison: # (new in 0.93)
   Enabled: true
+CodeReuse/ActiveRecord:
+  Enabled: false

data/Dangerfile CHANGED Viewed

@@ -2,10 +2,4 @@
 require 'gitlab-dangerfiles'
-gitlab_dangerfiles = Gitlab::Dangerfiles::Engine.new(self)
-gitlab_dangerfiles.import_plugins
-gitlab_dangerfiles.import_dangerfiles
-danger.import_plugin('danger/plugins/*.rb')
-danger.import_dangerfile(path: File.join('danger', 'roulette'))
+Gitlab::Dangerfiles.for_project(self, 'labkit-ruby', &:import_defaults)

data/README.md CHANGED Viewed

@@ -16,10 +16,11 @@ The changelog is available via [**tagged release notes**](https://gitlab.com/git
 ## Functionality
-LabKit-Ruby provides functionality in three areas:
+LabKit-Ruby provides functionality in a number of areas:
 1. `Labkit::Context` used for providing context information to log messages.
 1. `Labkit::Correlation` For accessing the correlation id. (Generated and propagated by `Labkit::Context`)
+1. `Labkit::FIPS` for checking for FIPS mode and using FIPS-compliant algorithms.
 1. `Labkit::Logging` for sanitizing log messages.
 1. `Labkit::Tracing` for handling and propagating distributed traces.

data/gitlab-labkit.gemspec CHANGED Viewed

@@ -19,10 +19,10 @@ Gem::Specification.new do |spec|
   spec.required_ruby_version = ">= 2.6.0"
   # Please maintain alphabetical order for dependencies
-  spec.add_runtime_dependency "actionpack", ">= 5.0.0", "< 7.0.0"
-  spec.add_runtime_dependency "activesupport", ">= 5.0.0", "< 7.0.0"
+  spec.add_runtime_dependency "actionpack", ">= 5.0.0", "< 8.0.0"
+  spec.add_runtime_dependency "activesupport", ">= 5.0.0", "< 8.0.0"
   spec.add_runtime_dependency "grpc", ">= 1.37" # Be sure to update the "grpc-tools" dev_dependency too
-  spec.add_runtime_dependency "jaeger-client", "~> 1.1"
+  spec.add_runtime_dependency "jaeger-client", "~> 1.1.0"
   spec.add_runtime_dependency "opentracing", "~> 0.4"
   spec.add_runtime_dependency "pg_query", "~> 2.1"
   spec.add_runtime_dependency "redis", ">3.0.0", "<5.0.0"
@@ -30,7 +30,7 @@ Gem::Specification.new do |spec|
   # Please maintain alphabetical order for dev dependencies
   spec.add_development_dependency "excon", "~> 0.78.1"
   spec.add_development_dependency "faraday", "~> 1.2.0"
-  spec.add_development_dependency "gitlab-dangerfiles"
+  spec.add_development_dependency "gitlab-dangerfiles", "~> 2.11.0"
   spec.add_development_dependency "gitlab-styles", "~> 6.2.0"
   spec.add_development_dependency "grpc-tools", ">= 1.37"
   spec.add_development_dependency "httparty", "~> 0.17.3"

data/lib/gitlab-labkit.rb CHANGED Viewed

@@ -9,6 +9,7 @@ module Labkit
   autoload :Correlation, "labkit/correlation"
   autoload :Context, "labkit/context"
+  autoload :FIPS, "labkit/fips"
   autoload :Tracing, "labkit/tracing"
   autoload :Logging, "labkit/logging"
   autoload :Middleware, "labkit/middleware"

data/lib/labkit/context.rb CHANGED Viewed

@@ -9,7 +9,6 @@ require "active_support/core_ext/string/inflections"
 module Labkit
   # A context can be used to provide structured information on what resources
   # GitLab is working on within a service.
-  # The currently supported keys are defined in the `KNOWN_KEYS` constant.
   #
   # Values can be provided by passing a hash. If one of the values is a Proc
   # the proc will only be called when the value is actually needed.
@@ -28,8 +27,6 @@ module Labkit
     CORRELATION_ID_KEY = "correlation_id"
     RAW_KEYS = [CORRELATION_ID_KEY].freeze
     HEADER_PREFIX = "X-Gitlab-"
-    KNOWN_KEYS = %w[user project root_namespace subscription_plan caller_id
-                    remote_ip related_class feature_category client_id].freeze
     class << self
       def with_context(attributes = {})
@@ -122,7 +119,6 @@ module Labkit
     def assign_attributes(attributes)
       attributes = attributes.transform_keys(&method(:log_key))
-      attributes = attributes.slice(*known_log_keys)
       data.merge!(attributes)
@@ -138,7 +134,7 @@ module Labkit
     private
-    delegate :log_key, :known_log_keys, to: :class
+    delegate :log_key, to: :class
     attr_reader :data

data/lib/labkit/fips.rb ADDED Viewed

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+module Labkit
+  module Digest
+    module SHA2
+      def new(*args, &block)
+        bitlen = args.first || 256
+        ::OpenSSL::Digest.const_get("SHA#{bitlen}").new
+      end
+    end
+  end
+  class FIPS
+    OPENSSL_DIGESTS = %i[SHA1 SHA256 SHA384 SHA512].freeze
+    class << self
+      # Returns whether we should be running in FIPS mode or not
+      #
+      # @return [Boolean]
+      def enabled?
+        # Attempt to auto-detect FIPS mode from OpenSSL
+        return true if OpenSSL.fips_mode
+        # Otherwise allow it to be set manually via the env vars
+        return true if %w[1 true yes].include?(ENV["FIPS_MODE"])
+        false
+      end
+      # Swap Ruby's Digest::SHAx implementations for OpenSSL::Digest::SHAx.
+      def enable_fips_mode!
+        require "digest"
+        require "digest/sha2"
+        ::Digest::SHA2.singleton_class.prepend(Labkit::Digest::SHA2)
+        OPENSSL_DIGESTS.each { |alg| use_openssl_digest(alg, alg) }
+      end
+      private
+      def use_openssl_digest(ruby_algorithm, openssl_algorithm)
+        ::Digest.send(:remove_const, ruby_algorithm) # rubocop:disable GitlabSecurity/PublicSend
+        ::Digest.const_set(ruby_algorithm, OpenSSL::Digest.const_get(openssl_algorithm, false))
+      end
+    end
+  end
+end

data/lib/labkit/middleware/sidekiq/context/server.rb CHANGED Viewed

@@ -10,6 +10,7 @@ module Labkit
           def call(_worker_class, job, _queue)
             worker_name = (job["wrapped"].presence || job["class"]).to_s
             data = job.merge(Labkit::Context.log_key(:caller_id) => worker_name)
+                      .select { |key, _| key.start_with?("#{Labkit::Context::LOG_KEY}.") || Labkit::Context::RAW_KEYS.include?(key.to_s) }
             Labkit::Context.with_context(data) do |_context|
               yield

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-labkit
 version: !ruby/object:Gem::Version
-  version: 0.21.3
+  version: 0.24.0
 platform: ruby
 authors:
 - Andrew Newdigate
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-11-22 00:00:00.000000000 Z
+date: 2022-06-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionpack
@@ -19,7 +19,7 @@ dependencies:
         version: 5.0.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: 7.0.0
+        version: 8.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: 5.0.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: 7.0.0
+        version: 8.0.0
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
@@ -39,7 +39,7 @@ dependencies:
         version: 5.0.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: 7.0.0
+        version: 8.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -49,7 +49,7 @@ dependencies:
         version: 5.0.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: 7.0.0
+        version: 8.0.0
 - !ruby/object:Gem::Dependency
   name: grpc
   requirement: !ruby/object:Gem::Requirement
@@ -70,14 +70,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
+        version: 1.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
+        version: 1.1.0
 - !ruby/object:Gem::Dependency
   name: opentracing
   requirement: !ruby/object:Gem::Requirement
@@ -158,16 +158,16 @@ dependencies:
   name: gitlab-dangerfiles
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.11.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.11.0
 - !ruby/object:Gem::Dependency
   name: gitlab-styles
   requirement: !ruby/object:Gem::Requirement
@@ -371,8 +371,6 @@ files:
 - LICENSE
 - README.md
 - Rakefile
-- danger/plugins/project_helper.rb
-- danger/roulette/Dangerfile
 - gitlab-labkit.gemspec
 - lib/gitlab-labkit.rb
 - lib/labkit/context.rb
@@ -383,6 +381,7 @@ files:
 - lib/labkit/correlation/grpc/grpc_common.rb
 - lib/labkit/correlation/grpc/server_interceptor.rb
 - lib/labkit/excon_publisher.rb
+- lib/labkit/fips.rb
 - lib/labkit/httpclient_publisher.rb
 - lib/labkit/logging.rb
 - lib/labkit/logging/grpc.rb

data/danger/plugins/project_helper.rb DELETED Viewed

@@ -1,15 +0,0 @@
-# frozen_string_literal: true
-module Danger
-  # Common helper functions for danger scripts
-  class ProjectHelper < ::Danger::Plugin
-    def changes
-      # We do not need to categorize files in this code base
-      helper.changes([])
-    end
-    def project_name
-      "labkit-ruby"
-    end
-  end
-end

data/danger/roulette/Dangerfile DELETED Viewed

@@ -1,62 +0,0 @@
-# frozen_string_literal: true
-MESSAGE = <<MARKDOWN
-## Reviewer roulette
-Changes that require review have been detected! A merge request is normally
-reviewed by both a reviewer and a maintainer in its primary category and by a
-maintainer in all other categories.
-MARKDOWN
-TABLE_MARKDOWN = <<MARKDOWN
-To spread load more evenly across eligible reviewers, Danger has picked a candidate for each
-review slot. Feel free to
-[override these selections](https://about.gitlab.com/handbook/engineering/projects/#labkit-ruby)
-if you think someone else would be better-suited
-or request help in the `#labkit` Slack channel.
-To read more on how to use the reviewer roulette, please take a look at the
-[Engineering workflow](https://about.gitlab.com/handbook/engineering/workflow/#basics)
-and [code review guidelines](https://docs.gitlab.com/ee/development/code_review.html).
-Once you've decided who will review this merge request, mention them as you
-normally would! Danger does not automatically notify them for you.
-| Reviewer | Maintainer |
-| -------- | ---------- |
-MARKDOWN
-def note_for_spins_role(spins, role)
-  spins.each do |spin|
-    note = note_for_spin_role(spin, role)
-    return note if note
-  end
-  'No %{role} available' % { role: role }
-end
-def note_for_spin_role(spin, role)
-  spin.public_send(role)&.markdown_name(author: roulette.team_mr_author) # rubocop:disable GitlabSecurity/PublicSend
-end
-def markdown_row_for_spins(spins_array)
-  reviewer_note = note_for_spins_role(spins_array, :reviewer)
-  maintainer_note = note_for_spins_role(spins_array, :maintainer)
-  "#{reviewer_note} | #{maintainer_note} |"
-end
-if project_helper.changes.any?
-  project = project_helper.project_name
-  random_roulette_spins = roulette.spin(project, [nil], timezone_experiment: false)
-  rows = random_roulette_spins.map do |spin|
-    markdown_row_for_spins([spin])
-  end
-  markdown(MESSAGE)
-  markdown(TABLE_MARKDOWN + rows.join("\n")) unless rows.empty?
-end