gitlab-labkit 0.22.0 → 0.25.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 447d8fe136f58c456c4e8dc1c90e3664a436915becf619f1b747d13af817afb6
4
- data.tar.gz: '0978b44b4a1c4bb6098ec545be92b3c0f8253c048361c479fd308f76e479de38'
3
+ metadata.gz: b1966ecde160ebd4af3cf1e131cdc2f5e7665e327bc0074128d293f4b33710c8
4
+ data.tar.gz: 0abde88973ac84a12862be74f5a438ae5a76852d805dc690852f121eb0466cce
5
5
  SHA512:
6
- metadata.gz: 4211c733283c75b13ee3a38d6d616bff31501138c6fcd92c261d9a8733d056c5017a7920029a5f391c3c3386618ec941e63fde3d439ff9993277c1047f3e206a
7
- data.tar.gz: dbbd0ac0b29b7a1ae401b94b32d5bcf0a959e09d7ed418977c1c1cb85ed3cf2ce4c2f7305cec9d931aa3199e8632ca71165a713993132e2db7d473f9efafe6e5
6
+ metadata.gz: 7a18b78e676c89304be5db049ea675fe2b8671d0f4eabfec557340328821dc14f56a9b4a6e80a86fa62c72a657e97dd5f667e63a5da2eedb419114ce68480eeb
7
+ data.tar.gz: 2aeb4a0f9b5cd31e89d169654992977bbab625539da4511de6e989ec8dfae31693a4180e0def980437cdc89b258d18ea577d5f9ca70b06797e7080ea4b7d5e08
data/.rubocop.yml CHANGED
@@ -60,3 +60,6 @@ Lint/RedundantSafeNavigation: # (new in 0.93)
60
60
  Enabled: true
61
61
  Style/ClassEqualityComparison: # (new in 0.93)
62
62
  Enabled: true
63
+
64
+ CodeReuse/ActiveRecord:
65
+ Enabled: false
data/README.md CHANGED
@@ -16,10 +16,11 @@ The changelog is available via [**tagged release notes**](https://gitlab.com/git
16
16
 
17
17
  ## Functionality
18
18
 
19
- LabKit-Ruby provides functionality in three areas:
19
+ LabKit-Ruby provides functionality in a number of areas:
20
20
 
21
21
  1. `Labkit::Context` used for providing context information to log messages.
22
22
  1. `Labkit::Correlation` For accessing the correlation id. (Generated and propagated by `Labkit::Context`)
23
+ 1. `Labkit::FIPS` for checking for FIPS mode and using FIPS-compliant algorithms.
23
24
  1. `Labkit::Logging` for sanitizing log messages.
24
25
  1. `Labkit::Tracing` for handling and propagating distributed traces.
25
26
 
@@ -19,18 +19,18 @@ Gem::Specification.new do |spec|
19
19
  spec.required_ruby_version = ">= 2.6.0"
20
20
 
21
21
  # Please maintain alphabetical order for dependencies
22
- spec.add_runtime_dependency "actionpack", ">= 5.0.0", "< 7.0.0"
23
- spec.add_runtime_dependency "activesupport", ">= 5.0.0", "< 7.0.0"
22
+ spec.add_runtime_dependency "actionpack", ">= 5.0.0", "< 8.0.0"
23
+ spec.add_runtime_dependency "activesupport", ">= 5.0.0", "< 8.0.0"
24
24
  spec.add_runtime_dependency "grpc", ">= 1.37" # Be sure to update the "grpc-tools" dev_dependency too
25
25
  spec.add_runtime_dependency "jaeger-client", "~> 1.1.0"
26
26
  spec.add_runtime_dependency "opentracing", "~> 0.4"
27
27
  spec.add_runtime_dependency "pg_query", "~> 2.1"
28
- spec.add_runtime_dependency "redis", ">3.0.0", "<5.0.0"
28
+ spec.add_runtime_dependency "redis", ">3.0.0", "<6.0.0"
29
29
 
30
30
  # Please maintain alphabetical order for dev dependencies
31
31
  spec.add_development_dependency "excon", "~> 0.78.1"
32
32
  spec.add_development_dependency "faraday", "~> 1.2.0"
33
- spec.add_development_dependency "gitlab-dangerfiles"
33
+ spec.add_development_dependency "gitlab-dangerfiles", "~> 2.11.0"
34
34
  spec.add_development_dependency "gitlab-styles", "~> 6.2.0"
35
35
  spec.add_development_dependency "grpc-tools", ">= 1.37"
36
36
  spec.add_development_dependency "httparty", "~> 0.17.3"
data/lib/gitlab-labkit.rb CHANGED
@@ -9,6 +9,7 @@ module Labkit
9
9
 
10
10
  autoload :Correlation, "labkit/correlation"
11
11
  autoload :Context, "labkit/context"
12
+ autoload :FIPS, "labkit/fips"
12
13
  autoload :Tracing, "labkit/tracing"
13
14
  autoload :Logging, "labkit/logging"
14
15
  autoload :Middleware, "labkit/middleware"
@@ -0,0 +1,47 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Labkit
4
+ module Digest
5
+ module SHA2
6
+ def new(*args, &block)
7
+ bitlen = args.first || 256
8
+ ::OpenSSL::Digest.const_get("SHA#{bitlen}").new
9
+ end
10
+ end
11
+ end
12
+
13
+ class FIPS
14
+ OPENSSL_DIGESTS = %i[SHA1 SHA256 SHA384 SHA512].freeze
15
+
16
+ class << self
17
+ # Returns whether we should be running in FIPS mode or not
18
+ #
19
+ # @return [Boolean]
20
+ def enabled?
21
+ # Attempt to auto-detect FIPS mode from OpenSSL
22
+ return true if OpenSSL.fips_mode
23
+
24
+ # Otherwise allow it to be set manually via the env vars
25
+ return true if %w[1 true yes].include?(ENV["FIPS_MODE"])
26
+
27
+ false
28
+ end
29
+
30
+ # Swap Ruby's Digest::SHAx implementations for OpenSSL::Digest::SHAx.
31
+ def enable_fips_mode!
32
+ require "digest"
33
+ require "digest/sha2"
34
+
35
+ ::Digest::SHA2.singleton_class.prepend(Labkit::Digest::SHA2)
36
+ OPENSSL_DIGESTS.each { |alg| use_openssl_digest(alg, alg) }
37
+ end
38
+
39
+ private
40
+
41
+ def use_openssl_digest(ruby_algorithm, openssl_algorithm)
42
+ ::Digest.send(:remove_const, ruby_algorithm) # rubocop:disable GitlabSecurity/PublicSend
43
+ ::Digest.const_set(ruby_algorithm, OpenSSL::Digest.const_get(openssl_algorithm, false))
44
+ end
45
+ end
46
+ end
47
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gitlab-labkit
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.22.0
4
+ version: 0.25.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Newdigate
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-02-02 00:00:00.000000000 Z
11
+ date: 2022-08-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: actionpack
@@ -19,7 +19,7 @@ dependencies:
19
19
  version: 5.0.0
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
- version: 7.0.0
22
+ version: 8.0.0
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
29
29
  version: 5.0.0
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
- version: 7.0.0
32
+ version: 8.0.0
33
33
  - !ruby/object:Gem::Dependency
34
34
  name: activesupport
35
35
  requirement: !ruby/object:Gem::Requirement
@@ -39,7 +39,7 @@ dependencies:
39
39
  version: 5.0.0
40
40
  - - "<"
41
41
  - !ruby/object:Gem::Version
42
- version: 7.0.0
42
+ version: 8.0.0
43
43
  type: :runtime
44
44
  prerelease: false
45
45
  version_requirements: !ruby/object:Gem::Requirement
@@ -49,7 +49,7 @@ dependencies:
49
49
  version: 5.0.0
50
50
  - - "<"
51
51
  - !ruby/object:Gem::Version
52
- version: 7.0.0
52
+ version: 8.0.0
53
53
  - !ruby/object:Gem::Dependency
54
54
  name: grpc
55
55
  requirement: !ruby/object:Gem::Requirement
@@ -115,7 +115,7 @@ dependencies:
115
115
  version: 3.0.0
116
116
  - - "<"
117
117
  - !ruby/object:Gem::Version
118
- version: 5.0.0
118
+ version: 6.0.0
119
119
  type: :runtime
120
120
  prerelease: false
121
121
  version_requirements: !ruby/object:Gem::Requirement
@@ -125,7 +125,7 @@ dependencies:
125
125
  version: 3.0.0
126
126
  - - "<"
127
127
  - !ruby/object:Gem::Version
128
- version: 5.0.0
128
+ version: 6.0.0
129
129
  - !ruby/object:Gem::Dependency
130
130
  name: excon
131
131
  requirement: !ruby/object:Gem::Requirement
@@ -158,16 +158,16 @@ dependencies:
158
158
  name: gitlab-dangerfiles
159
159
  requirement: !ruby/object:Gem::Requirement
160
160
  requirements:
161
- - - ">="
161
+ - - "~>"
162
162
  - !ruby/object:Gem::Version
163
- version: '0'
163
+ version: 2.11.0
164
164
  type: :development
165
165
  prerelease: false
166
166
  version_requirements: !ruby/object:Gem::Requirement
167
167
  requirements:
168
- - - ">="
168
+ - - "~>"
169
169
  - !ruby/object:Gem::Version
170
- version: '0'
170
+ version: 2.11.0
171
171
  - !ruby/object:Gem::Dependency
172
172
  name: gitlab-styles
173
173
  requirement: !ruby/object:Gem::Requirement
@@ -381,6 +381,7 @@ files:
381
381
  - lib/labkit/correlation/grpc/grpc_common.rb
382
382
  - lib/labkit/correlation/grpc/server_interceptor.rb
383
383
  - lib/labkit/excon_publisher.rb
384
+ - lib/labkit/fips.rb
384
385
  - lib/labkit/httpclient_publisher.rb
385
386
  - lib/labkit/logging.rb
386
387
  - lib/labkit/logging/grpc.rb