kettle-dev 2.1.0 → 2.2.0

data/lib/kettle/dev/pre_release_cli.rb

@@ -14,8 +14,9 @@ module Kettle
   module Dev
     # PreReleaseCLI: run pre-release checks before invoking full release workflow.
     # Checks:
-    #   1) Normalize Markdown image URLs using Addressable normalization.
-    #   2) Validate Markdown image links resolve via HTTP(S) HEAD.
+    #   1) Ensure GitHub Actions workflow actions are pinned to current SHAs.
+    #   2) Normalize Markdown image URLs using Addressable normalization.
+    #   3) Validate Markdown image links resolve via HTTP(S) HEAD.
     #
     # Usage: Kettle::Dev::PreReleaseCLI.new(check_num: 1).run
     class PreReleaseCLI
@@ -151,6 +152,7 @@ module Kettle
       # @return [void]
       def run
         checks = []
+        checks << method(:check_github_actions_sha_pins!)
         checks << method(:check_markdown_uri_normalization!)
         checks << method(:check_markdown_images_http!)
 
@@ -166,11 +168,21 @@ module Kettle
         nil
       end
 
-      # Check 1: Normalize Markdown image URLs
+      # Check 1: Ensure GitHub Actions workflow action refs are current SHA pins.
+      # @return [void]
+      def check_github_actions_sha_pins!
+        puts "[kettle-pre-release] Check 1: Validate GitHub Actions SHA pins"
+        status = Kettle::Dev::GhaShaPinsCLI.new(["--root", Dir.pwd, "--check"]).run!
+        return nil if status.zero?
+
+        Kettle::Dev::ExitAdapter.abort("GitHub Actions SHA pin validation failed")
+      end
+
+      # Check 2: Normalize Markdown image URLs
       #   Compares URLs to Addressable-normalized form and rewrites Markdown when needed.
       # @return [void]
       def check_markdown_uri_normalization!
-        puts "[kettle-pre-release] Check 1: Normalize Markdown image URLs"
+        puts "[kettle-pre-release] Check 2: Normalize Markdown image URLs"
         files = Dir.glob(["**/*.md", "**/*.md.example"])
         changed = []
         total_candidates = 0
@@ -216,10 +228,10 @@ module Kettle
         nil
       end
 
-      # Check 2: Validate Markdown image links by HTTP HEAD (no rescue for parse failures)
+      # Check 3: Validate Markdown image links by HTTP HEAD (no rescue for parse failures)
       # @return [void]
       def check_markdown_images_http!
-        puts "[kettle-pre-release] Check 2: Validate Markdown image links (HTTP HEAD)"
+        puts "[kettle-pre-release] Check 3: Validate Markdown image links (HTTP HEAD)"
         urls = [
           Markdown.extract_image_urls_from_files("**/*.md"),
           Markdown.extract_image_urls_from_files("**/*.md.example")

data/lib/kettle/dev/rakelib/spec_test.rake

@@ -3,14 +3,19 @@
 require "fileutils"
 
 # rubocop:disable Rake/DuplicateTask
+minitest_files = FileList["test/*test*.rb", "test/**/*test*.rb"].to_a.uniq
+rspec_files = FileList["spec/*_spec.rb", "spec/**/*_spec.rb"].to_a.uniq
+minitest_project = !minitest_files.empty?
+rspec_project = !rspec_files.empty?
+
 # Set up MiniTest
 begin
   require "rake/testtask"
 
-  unless Rake::Task.task_defined?(:test)
+  if minitest_project && !Rake::Task.task_defined?(:test)
     Rake::TestTask.new(:test) do |t|
       t.libs << "test"
-      t.test_files = FileList["test/**/*test*.rb"]
+      t.test_files = minitest_files
       t.verbose = true
     end
     # The test task is invoked by the coverage task, so of the two, (i.e., when outside CI),
@@ -44,20 +49,23 @@ setup_spec_task = ->(default:) {
   end
 }
 
-# Setup RSpec
-if defined?(Kettle::Dev::IS_CI)
-  if Kettle::Dev::IS_CI
-    # then we should not have a coverage task, but do want a spec test.
-    setup_spec_task.call(default: true)
+# Setup RSpec only when this project has specs, or when no MiniTest suite exists
+# and the historical kettle-test/RSpec default remains the best available task.
+if rspec_project || !minitest_project
+  if defined?(Kettle::Dev::IS_CI)
+    if Kettle::Dev::IS_CI
+      # then we should not have a coverage task, but do want a spec test.
+      setup_spec_task.call(default: true)
+    else
+      # then we should have a coverage task.
+      # The coverage task will invoke the "test" task, which will invoke the spec task.
+      setup_spec_task.call(default: false)
+    end
   else
-    # then we should have a coverage task.
-    # The coverage task will invoke the "test" task, which will invoke the spec task.
-    setup_spec_task.call(default: false)
+    # then we do not have a coverage task setup by this gem, and are not in a coverage context.
+    # So setup a spec test.
+    setup_spec_task.call(default: true)
   end
-else
-  # then we do not have a coverage task setup by this gem, and are not in a coverage context.
-  # So setup a spec test.
-  setup_spec_task.call(default: true)
 end
 
 spec_registered = Kettle::Dev.default_registered?("spec")

data/lib/kettle/dev/release_cli.rb

@@ -70,14 +70,17 @@ module Kettle
 
       public
 
-      def initialize(start_step: 1)
+      def initialize(start_step: 1, local_ci: false)
         @root = Kettle::Dev::CIHelpers.project_root
         @git = Kettle::Dev::GitAdapter.new
         @start_step = (start_step || 1).to_i
         @start_step = 1 if @start_step < 1
+        @local_ci = !!local_ci
       end
 
       def run
+        run_pre_release_checks! if @start_step <= 1
+
         # 1. Ensure Bundler version ✓
         ensure_bundler_2_7_plus!
 
@@ -206,31 +209,33 @@ module Kettle
         end
 
         # 7. optional local CI via act
-        maybe_run_local_ci_before_push!(committed) if @start_step <= 7
+        maybe_run_local_ci_before_push!(committed, force: local_ci?) if @start_step <= 7
 
         # 8. ensure trunk synced
-        if @start_step <= 8
+        if @start_step <= 8 && !local_ci?
           trunk = detect_trunk_branch
           feature = current_branch
           puts "Trunk branch detected: #{trunk}"
           ensure_trunk_synced_before_push!(trunk, feature)
+        elsif @start_step <= 8
+          puts "Local CI release mode: skipping remote trunk sync before publishing."
         end
 
         # 9. push branches
-        push! if @start_step <= 9
+        push! if @start_step <= 9 && !local_ci?
 
         # 10. monitor CI after push
-        monitor_workflows_after_push! if @start_step <= 10
+        monitor_workflows_after_push! if @start_step <= 10 && !local_ci?
 
         # 11. merge feature into trunk and push
-        if @start_step <= 11
+        if @start_step <= 11 && !local_ci?
           trunk ||= detect_trunk_branch
           feature ||= current_branch
           merge_feature_into_trunk_and_push!(trunk, feature)
         end
 
         # 12. checkout trunk and pull
-        if @start_step <= 12
+        if @start_step <= 12 && !local_ci?
           trunk ||= detect_trunk_branch
           checkout!(trunk)
           pull!(trunk)
@@ -265,8 +270,13 @@ module Kettle
 
         # 15. release and tag
         if @start_step <= 15
-          puts "Running release (you may be prompted for signing key password and RubyGems MFA OTP)..."
-          run_cmd!("bundle exec rake release")
+          if local_ci?
+            version ||= detect_version
+            release_gem_and_tag_locally!(version)
+          else
+            puts "Running release (you may be prompted for signing key password and RubyGems MFA OTP)..."
+            run_cmd!("bundle exec rake release")
+          end
         end
 
         # 16. generate checksums
@@ -281,7 +291,10 @@ module Kettle
         end
 
         # 17. push checksum commit (gem_checksums already commits)
-        push! if @start_step <= 17
+        if @start_step <= 17
+          push!
+          push_tags! if local_ci?
+        end
 
         # 18. create GitHub release (optional)
         if @start_step <= 18
@@ -290,7 +303,7 @@ module Kettle
         end
 
         # 19. push tags to remotes (final step)
-        push_tags! if @start_step <= 19
+        push_tags! if @start_step <= 19 && !local_ci?
 
         # Final success message
         begin
@@ -306,6 +319,15 @@ module Kettle
 
       private
 
+      def local_ci?
+        @local_ci
+      end
+
+      def run_pre_release_checks!
+        puts "Running pre-release checks via kettle-pre-release..."
+        Kettle::Dev::PreReleaseCLI.new(check_num: 1).run
+      end
+
       # Update the README KLOC badge number based on the denominator in the current version's COVERAGE line in CHANGELOG.md.
       # - Parses the current version section of CHANGELOG.md
       # - Finds a line matching: "- COVERAGE: ... -- <tested>/<total> lines ..."
@@ -552,17 +574,22 @@ module Kettle
         end
       end
 
-      def maybe_run_local_ci_before_push!(committed)
+      def maybe_run_local_ci_before_push!(committed, force: false)
         mode = (ENV["K_RELEASE_LOCAL_CI"] || "").strip.downcase
-        run_it = case mode
-        when "true", "1", "yes", "y" then true
-        when "ask"
-          print("Run local CI with 'act' before pushing? [Y/n] ")
-          ans = Kettle::Dev::InputAdapter.gets&.strip
-          ans.nil? || ans.empty? || /\Ay(es)?\z/i.match?(ans)
-        else
-          false
-        end
+        run_it =
+          if force
+            true
+          else
+            case mode
+            when "true", "1", "yes", "y" then true
+            when "ask"
+              print("Run local CI with 'act' before pushing? [Y/n] ")
+              ans = Kettle::Dev::InputAdapter.gets&.strip
+              ans.nil? || ans.empty? || /\Ay(es)?\z/i.match?(ans)
+            else
+              false
+            end
+          end
         return unless run_it
 
         act_ok = begin
@@ -572,6 +599,8 @@ module Kettle
           false
         end
         unless act_ok
+          msg = "Local CI requires 'act'. Install https://github.com/nektos/act to enable."
+          abort(msg) if force
           puts "Skipping local CI: 'act' command not found. Install https://github.com/nektos/act to enable."
           return
         end
@@ -594,12 +623,16 @@ module Kettle
         end
 
         unless chosen
+          msg = "Local CI requires at least one workflow under .github/workflows."
+          abort(msg) if force
           puts "Skipping local CI: no workflows found under .github/workflows."
           return
         end
 
         file_path = File.join(workflows_dir, chosen)
         unless File.file?(file_path)
+          msg = "Local CI selected workflow not found: #{Kettle::Dev.display_path(file_path)}"
+          abort(msg) if force
           puts "Skipping local CI: selected workflow not found: #{Kettle::Dev.display_path(file_path)}"
           return
         end
@@ -618,6 +651,25 @@ module Kettle
         end
       end
 
+      def release_gem_and_tag_locally!(version)
+        tag = "v#{version}"
+        gem_path = gem_file_for_version(version)
+        unless gem_path && File.file?(gem_path)
+          abort("Unable to locate built gem for version #{version} in pkg/. Did the build succeed?")
+        end
+
+        _out, tag_exists = git_output(["rev-parse", "-q", "--verify", "refs/tags/#{tag}"])
+        if tag_exists
+          puts "Local tag #{tag} already exists."
+        else
+          puts "Creating local git tag #{tag} without pushing it."
+          run_cmd!("git tag -a #{Shellwords.escape(tag)} -m #{Shellwords.escape(tag)}")
+        end
+
+        puts "Publishing #{File.basename(gem_path)} to RubyGems without pushing git refs..."
+        run_cmd!("gem push #{Shellwords.escape(gem_path)}")
+      end
+
       def detect_version
         Kettle::Dev::Versioning.detect_version(@root)
       end

data/lib/kettle/dev/version.rb

@@ -3,7 +3,7 @@
 module Kettle
   module Dev
     module Version
-      VERSION = "2.1.0"
+      VERSION = "2.2.0"
     end
     VERSION = Version::VERSION # Traditional Constant Location
   end

data/lib/kettle/dev.rb

@@ -3,6 +3,16 @@
 require "version_gem"
 require_relative "dev/version"
 
+if Gem.ruby_version < Gem::Version.new("2.7")
+  begin
+    require "backports/2.7.0/enumerable/filter_map"
+  rescue LoadError => error
+    message = "kettle-dev on Ruby <= 2.6 requires the backports gem; " \
+      "add `gem \"backports\", \">= 3.25\"` to your Gemfile (#{error.message})"
+    raise LoadError, message
+  end
+end
+
 Kettle::Dev::Version.class_eval do
   extend VersionGem::Basic
 end
@@ -19,6 +29,7 @@ module Kettle
   autoload :EmojiRegex, "kettle/emoji_regex"
   module Dev
     autoload :ChangelogCLI, "kettle/dev/changelog_cli"
+    autoload :BumpCLI, "kettle/dev/bump_cli"
     autoload :CIHelpers, "kettle/dev/ci_helpers"
     autoload :CIMonitor, "kettle/dev/ci_monitor"
     autoload :CommitMsg, "kettle/dev/commit_msg"
@@ -27,6 +38,7 @@ module Kettle
     autoload :GemSpecReader, "kettle/dev/gem_spec_reader"
     autoload :GitAdapter, "kettle/dev/git_adapter"
     autoload :GitCommitFooter, "kettle/dev/git_commit_footer"
+    autoload :GhaShaPinsCLI, "kettle/dev/gha_sha_pins_cli"
     autoload :InputAdapter, "kettle/dev/input_adapter"
     autoload :ReadmeBackers, "kettle/dev/readme_backers"
     autoload :OpenCollectiveConfig, "kettle/dev/open_collective_config"

data/sig/kettle/dev/ci_helpers.rbs

@@ -5,6 +5,7 @@ module Kettle
       def self.project_root: () -> String
       def self.repo_info: () -> [String, String]?
       def self.current_branch: () -> String?
+      def self.current_head_sha: () -> String?
       def self.workflows_list: (?String root) -> Array[String]
       def self.exclusions: () -> Array[String]
 
@@ -13,8 +14,10 @@ module Kettle
         repo: String,
         workflow_file: String,
         ?branch: String?,
-        ?token: String?
-      ) -> { "status" => String, "conclusion" => String?, "html_url" => String, "id" => Integer }?
+        ?token: String?,
+        ?require_head: bool,
+        ?head_sha: String?
+      ) -> { "status" => String, "conclusion" => String?, "html_url" => String, "id" => Integer, "head_sha" => String? }?
 
       def self.success?: ({ "status" => String, "conclusion" => String? }?) -> bool
       def self.failed?: ({ "status" => String, "conclusion" => String? }?) -> bool

data/sig/kettle/dev/ci_monitor.rbs

@@ -9,6 +9,9 @@ module Kettle
       def self.monitor_and_prompt_for_release!: (?restart_hint: String) -> void
       def self.collect_github: () -> Array[untyped]?
       def self.collect_gitlab: () -> { status: String, url: String? }?
+      def self.monotonic_time: () -> Float
+      def self.github_start_timeout: () -> Integer
+      def self.github_poll_interval: () -> Float
     end
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: kettle-dev
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.2.0
 platform: ruby
 authors:
 - Peter H. Boling
@@ -46,7 +46,7 @@ dependencies:
         version: '2.0'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.0.2
+        version: 2.0.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -56,7 +56,7 @@ dependencies:
         version: '2.0'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.0.2
+        version: 2.0.4
 - !ruby/object:Gem::Dependency
   name: version_gem
   requirement: !ruby/object:Gem::Requirement
@@ -66,7 +66,7 @@ dependencies:
         version: '1.1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.1.10
+        version: 1.1.11
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -76,7 +76,7 @@ dependencies:
         version: '1.1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.1.10
+        version: 1.1.11
 - !ruby/object:Gem::Dependency
   name: bundler-audit
   requirement: !ruby/object:Gem::Requirement
@@ -134,7 +134,7 @@ dependencies:
         version: '3.1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.1.0
+        version: 3.1.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -144,7 +144,7 @@ dependencies:
         version: '3.1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.1.0
+        version: 3.1.1
 - !ruby/object:Gem::Dependency
   name: turbo_tests2
   requirement: !ruby/object:Gem::Requirement
@@ -154,7 +154,7 @@ dependencies:
         version: '3.1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.1.1
+        version: 3.1.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -164,7 +164,7 @@ dependencies:
         version: '3.1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.1.1
+        version: 3.1.2
 - !ruby/object:Gem::Dependency
   name: ruby-progressbar
   requirement: !ruby/object:Gem::Requirement
@@ -227,12 +227,14 @@ description: "\U0001F372 Kettle::Dev is a meta tool from kettle-rb to streamline
 email:
 - floss@galtzo.com
 executables:
+- kettle-bump
 - kettle-changelog
 - kettle-check-eof
 - kettle-commit-msg
 - kettle-dev-setup
 - kettle-dvcs
 - kettle-gh-release
+- kettle-gha-sha-pins
 - kettle-pre-release
 - kettle-readme-backers
 - kettle-release
@@ -258,6 +260,7 @@ files:
 - RUBOCOP.md
 - SECURITY.md
 - certs/pboling.pem
+- exe/kettle-bump
 - exe/kettle-changelog
 - exe/kettle-check-eof
 - exe/kettle-check-eof.sh
@@ -265,11 +268,13 @@ files:
 - exe/kettle-dev-setup
 - exe/kettle-dvcs
 - exe/kettle-gh-release
+- exe/kettle-gha-sha-pins
 - exe/kettle-pre-release
 - exe/kettle-readme-backers
 - exe/kettle-release
 - lib/kettle-dev.rb
 - lib/kettle/dev.rb
+- lib/kettle/dev/bump_cli.rb
 - lib/kettle/dev/changelog_cli.rb
 - lib/kettle/dev/ci_helpers.rb
 - lib/kettle/dev/ci_monitor.rb
@@ -277,6 +282,7 @@ files:
 - lib/kettle/dev/dvcs_cli.rb
 - lib/kettle/dev/exit_adapter.rb
 - lib/kettle/dev/gem_spec_reader.rb
+- lib/kettle/dev/gha_sha_pins_cli.rb
 - lib/kettle/dev/git_adapter.rb
 - lib/kettle/dev/git_commit_footer.rb
 - lib/kettle/dev/input_adapter.rb
@@ -332,10 +338,10 @@ licenses:
 - AGPL-3.0-only
 metadata:
   homepage_uri: https://kettle-dev.galtzo.com
-  source_code_uri: https://github.com/kettle-rb/kettle-dev/tree/v2.1.0
-  changelog_uri: https://github.com/kettle-rb/kettle-dev/blob/v2.1.0/CHANGELOG.md
+  source_code_uri: https://github.com/kettle-rb/kettle-dev/tree/v2.2.0
+  changelog_uri: https://github.com/kettle-rb/kettle-dev/blob/v2.2.0/CHANGELOG.md
   bug_tracker_uri: https://github.com/kettle-rb/kettle-dev/issues
-  documentation_uri: https://www.rubydoc.info/gems/kettle-dev/2.1.0
+  documentation_uri: https://www.rubydoc.info/gems/kettle-dev/2.2.0
   funding_uri: https://github.com/sponsors/pboling
   wiki_uri: https://github.com/kettle-rb/kettle-dev/wiki
   news_uri: https://www.railsbling.com/tags/kettle-dev