gitlab-security_report_schemas 0.1.0.min15.1.0.max15.1.0 → 0.1.1.min15.0.0.max15.1.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f4c389c7784c3bbbd5456fab0128a39755f46cd9decd3b6056c22e97861f0adf
-  data.tar.gz: a3a9d4d8fe97cebe404fc5d1a653d564aff3163abd7d0d5add42be64b598cf6a
+  metadata.gz: 83ef49533aa14d57d606e97177dd522e6ad3017504cd733b0e9176f7c02202f6
+  data.tar.gz: b3e12d90ce76650f2fbdfca751c0aff425c1b40ead2d631f3efd9e2e394d17a0
 SHA512:
-  metadata.gz: 778edd32130b9e3859a35dfdd3635c24d07dd8a0eef0e58ca01090c8035430a7199763c02fcba017f8dfd4793d0c92e82c09ae240215d5f5313d969c6f56fb8f
-  data.tar.gz: a250c4845733d632c13a002d7fa5e173221559876add385372a75e043835007ef2cd471a263904ff9121d83e68c30ebbe7f886b954366737e983642f90e1aa58
+  metadata.gz: a0001fca053530429d39dc2acded7cf33bbdb3722431c2a4525640c94277f86b523abd01a033845d1e581a8591b36b19fa3275f92fc073fee2e55df7ebe13fd4
+  data.tar.gz: 47bad16e12f3cd883e5709e41a28d35be222df315963a5dd995ea07597e1af9f579b8df02848ecc44aa91f4440f6c407d242fd61c87471ac37293b6e66a81b0f

data/Gemfile.lock

@@ -1,9 +1,9 @@
 PATH
   remote: .
   specs:
-    gitlab-security_report_schemas (0.1.0.min15.1.0.max15.1.0)
+    gitlab-security_report_schemas (0.1.1.min15.0.0.max15.1.4)
       activesupport (>= 6, < 8)
-      json_schemer (~> 0.2.18)
+      json_schemer (~> 2.3.0)
 
 GEM
   remote: https://rubygems.org/
@@ -14,23 +14,21 @@ GEM
       minitest (>= 5.1)
       tzinfo (~> 2.0)
     ast (2.4.2)
+    bigdecimal (3.1.8)
     coderay (1.1.3)
     concurrent-ruby (1.1.10)
     diff-lcs (1.5.0)
-    ecma-re-validator (0.4.0)
-      regexp_parser (~> 2.2)
     git (1.11.0)
       rchardet (~> 1.8)
     hana (1.3.7)
     i18n (1.12.0)
       concurrent-ruby (~> 1.0)
     json (2.6.2)
-    json_schemer (0.2.25)
-      ecma-re-validator (~> 0.3)
+    json_schemer (2.3.0)
+      bigdecimal
       hana (~> 1.3)
       regexp_parser (~> 2.0)
       simpleidn (~> 0.2)
-      uri_template (~> 0.7)
     method_source (1.0.0)
     minitest (5.16.2)
     parallel (1.22.1)
@@ -76,7 +74,6 @@ GEM
     tzinfo (2.0.5)
       concurrent-ruby (~> 1.0)
     unicode-display_width (2.2.0)
-    uri_template (0.7.0)
 
 PLATFORMS
   arm64-darwin-21
@@ -93,4 +90,4 @@ DEPENDENCIES
   shoulda-matchers (~> 5.0)
 
 BUNDLED WITH
-   2.3.15
+   2.5.14

data/README.md

@@ -47,21 +47,25 @@ bundle exec security-reports-schemas $FILE_PATH
 
 #### Credentials
 
-| Key                         | Description                                                                                                                 |
-|-----------------------------|-----------------------------------------------------------------------------------------------------------------------------|
-| `GITLAB_PUSH_ACCESS_TOKEN`  | Own project access token used to push new schema versions. Requires `write_repository` scope.                               |
-| `GITLAB_ISSUE_ACCESS_TOKEN` | Project access token used to create an issue on `gitlab-org/gitlab`. Requires `api` scopes. |
-| `GEM_HOST_API_KEY`          | rubygems.org API key                                                                                                        |
+| Key                         | Description                                                                                   |
+|-----------------------------|-----------------------------------------------------------------------------------------------|
+| `GITLAB_PUSH_ACCESS_TOKEN`  | Own project access token used to push new schema versions. Requires `write_repository` scope. |
+| `GITLAB_ISSUE_ACCESS_TOKEN` | Project access token used to create an issue on `gitlab-org/gitlab`. Requires `api` scopes.   |
+| `GEM_HOST_API_KEY`          | rubygems.org API key                                                                          |
 
 #### Configuration
 
-| Key                       | Default                                                | Description                |
-|---------------------------|--------------------------------------------------------|----------------------------|
-| `SCHEMAS_PATH`            | `./schemas`                                            | Schema storage location    |
-| `SCHEMA_PROJECT`          | `gitlab-org/security-products/security-report-schemas` | Where to source schemas    |
-| `GITLAB_PROJECT`          | `gitlab-org/gitlab`                                    | Project to open MRs for    |
+| Key                       | Default                                                | Description                            |
+|---------------------------|--------------------------------------------------------|----------------------------------------|
+| `SCHEMAS_PATH`            | `./schemas`                                            | Schema storage location                |
+| `SCHEMA_PROJECT`          | `gitlab-org/security-products/security-report-schemas` | Where to source schemas                |
+| `GITLAB_PROJECT`          | `gitlab-org/gitlab`                                    | Project to open MRs for                |
 | `ISSUE_TARGET_PROJECT_ID` | `278964` (`gitlab-org/gitlab`)                         | Project ID for which to open an issue. |
 
+## Maintenance
+
+See [`RUNBOOK.md`](./RUNBOOK.md) for solutions to common maintenance tasks.
+
 ## Development
 
 ### Updating the schemas

data/RUNBOOK.md

@@ -0,0 +1,28 @@
+# Common maintenance tasks
+
+### Problem
+
+* an upstream [security-report-schemas](https://gitlab.com/gitlab-org/security-products/security-report-schemas) pipeline failed to trigger the release pipeline
+* you want to add, remove or deprecate support for report schema versions
+* you need to release a new version of the gem without altering version ranges,
+  because for example:
+  * an existing gem release has a bug, and the bugfix release needs to cover the
+  same version range.
+  * there were breaking changes to the gem's public API that must be released
+  for the currently supported version range.
+
+### Solution
+
+1. Open and merge an MR targeting the default branch which may:
+    * change the [`supported_versions`](../supported_versions) file to set the
+      report schema version range that the release should include.
+    * change the `Gitlab::SecurityReportSchemas::Version::GEM_VERSION` constant
+      to set the MAJOR.MINOR.PATCH version components of the resulting release.
+2. Run a new pipeline for the default branch and set the `MANUAL_RELEASE` CI
+   variable.
+3. Trigger the manual `manual-release` job in the resulting pipeline.
+
+## Find the commit SHA for a RubyGem version
+
+Before a rubygems.org release is created, a git tag referencing the full
+v-prefixed release version is pushed, for example `v0.1.0.min15.0.0.max15.0.1`.

data/Rakefile

@@ -30,7 +30,7 @@ desc "Bundles the Security Report Schemas into the project and builds the gem"
 task :prepare, %i[versions] => %i[prepare_schemas build]
 
 desc "Checks the integrity of the schema files with upstream"
-task :integrity_check do
+task integrity_check: :prepare_schemas do
   require "gitlab/security_report_schemas"
   require "gitlab/security_report_schemas/cli/integrity_checker"
 

data/gem_version

@@ -1 +1 @@
-0.1.0.min15.1.0.max15.1.0
+0.1.1.min15.0.0.max15.1.4

data/gitlab-security_report_schemas.gemspec

@@ -29,5 +29,5 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_dependency "activesupport", ">= 6", "< 8"
-  spec.add_dependency "json_schemer", "~> 0.2.18"
+  spec.add_dependency "json_schemer", "~> 2.3.0"
 end

data/lib/gitlab/security_report_schemas/configuration.rb

@@ -9,8 +9,8 @@ module Gitlab
         deprecated_versions: -> { [] },
         schema_project: -> { "gitlab-org/security-products/security-report-schemas" },
         gitlab_project: -> { "gitlab-org/gitlab" },
-        issue_target_project_id: -> { ENV.fetch("GITLAB_MR_ACCESS_TOKEN", "278964") }, # gitlab-org/gitlab
-        gitlab_issue_access_token: -> { ENV["GITLAB_MR_ACCESS_TOKEN"] },
+        issue_target_project_id: -> { "278964" }, # gitlab-org/gitlab
+        gitlab_issue_access_token: nil,
         ci_server_host: nil
       }.freeze
 

data/lib/gitlab/security_report_schemas/version.rb

@@ -5,7 +5,7 @@ module Gitlab
     # Represents the version of the gem
     class Version
       VERSION_SPEC = "%<gem_version>s.min%<min_schema>s.max%<max_schema>s"
-      GEM_VERSION = "0.1.0"
+      GEM_VERSION = "0.1.1"
       MISSING_SCHEMA_VERSION = "0.0.0"
 
       class << self
@@ -16,8 +16,6 @@ module Gitlab
                  max_schema: max_schema)
         end
 
-        private
-
         def min_schema
           SecurityReportSchemas.supported_versions.first || MISSING_SCHEMA_VERSION
         end