kettle-family 0.1.15 → 0.1.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/CHANGELOG.md +3 -0
- data/README.md +9 -0
- data/lib/kettle/family/cli.rb +16 -3
- data/lib/kettle/family/version.rb +1 -1
- data/lib/kettle/family/workflow.rb +48 -3
- data.tar.gz.sig +0 -0
- metadata +4 -4
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 927846e1574bcad8790c8cabb3a7c06cd9afbf8e0637354cd52bd8d5c08e959b
|
|
4
|
+
data.tar.gz: 958338770647aabe0a916d81a9ec7ed76fac09feec4670d53a25c57120b1e59b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b750b13b10b5433d06d79a35a62bc7169e9321a3ca44b0af45bffb30b5fa713a12e4f026612c336a2bb761ef66f92abef17c66f35d0ebeceaf2ff3b75d9d8f6a
|
|
7
|
+
data.tar.gz: f36e586239ca4a3560dbae7d79357ac0ee2d6482e40b375c9e8c262849424b97395a230afc27f97d2770788cc81bc2a69b9ae5142670162c4abc66caea7d9709
|
checksums.yaml.gz.sig
CHANGED
|
Binary file
|
data/CHANGELOG.md
CHANGED
|
@@ -22,6 +22,9 @@ Please file a bug if you notice a violation of semantic versioning.
|
|
|
22
22
|
|
|
23
23
|
- `kettle-family push`, `kettle-family pull`, and `kettle-family up` now plan
|
|
24
24
|
or execute family-wide git synchronization commands.
|
|
25
|
+
- `kettle-family gha-sha-pins` now plans or executes
|
|
26
|
+
`kettle-gha-sha-pins` across family members, including branch stacks that
|
|
27
|
+
include `main`.
|
|
25
28
|
- `kettle-family bump-version` now accepts the same relative bump targets as
|
|
26
29
|
`kettle-bump` (`major`, `minor`, `patch`, and `pre`) and applies them per
|
|
27
30
|
member from each member's current version.
|
data/README.md
CHANGED
|
@@ -242,6 +242,15 @@ The release-state report lists each gem's current `version.rb`, latest published
|
|
|
242
242
|
release, latest versioned `CHANGELOG.md` section, and whether pending changelog
|
|
243
243
|
work exists in either `Unreleased` or an unpublished prepared release section.
|
|
244
244
|
|
|
245
|
+
Plan or update GitHub Actions workflow SHA pins across the selected family
|
|
246
|
+
members:
|
|
247
|
+
|
|
248
|
+
```console
|
|
249
|
+
kettle-family gha-sha-pins
|
|
250
|
+
kettle-family gha-sha-pins --execute
|
|
251
|
+
kettle-family gha-sha-pins --execute --upgrade minor
|
|
252
|
+
```
|
|
253
|
+
|
|
245
254
|
Run release prep/build phases without publishing:
|
|
246
255
|
|
|
247
256
|
```console
|
data/lib/kettle/family/cli.rb
CHANGED
|
@@ -6,8 +6,8 @@ require "optparse"
|
|
|
6
6
|
module Kettle
|
|
7
7
|
module Family
|
|
8
8
|
class CLI
|
|
9
|
-
COMMANDS = %w[discover plan report metadata check test lint docs template install bump-version add-changelog release push pull up branch-lanes release-state].freeze
|
|
10
|
-
WORKFLOW_COMMANDS = %w[check test lint docs template release push pull up].freeze
|
|
9
|
+
COMMANDS = %w[discover plan report metadata check test lint docs template gha-sha-pins install bump-version add-changelog release push pull up branch-lanes release-state].freeze
|
|
10
|
+
WORKFLOW_COMMANDS = %w[check test lint docs template gha-sha-pins release push pull up].freeze
|
|
11
11
|
MAIN_BRANCH_SKIPPING_COMMANDS = %w[install release].freeze
|
|
12
12
|
|
|
13
13
|
def self.call(argv, out: $stdout, err: $stderr)
|
|
@@ -61,6 +61,7 @@ module Kettle
|
|
|
61
61
|
lint Plan or execute configured lint command per member
|
|
62
62
|
docs Plan or execute configured docs command per member
|
|
63
63
|
template Plan or execute kettle-jem templating per member
|
|
64
|
+
gha-sha-pins Plan or execute kettle-gha-sha-pins per member
|
|
64
65
|
install Build and install selected local family gems
|
|
65
66
|
bump-version Check, plan, or execute family version alignment
|
|
66
67
|
add-changelog Add an entry to an existing Unreleased changelog section
|
|
@@ -83,8 +84,9 @@ module Kettle
|
|
|
83
84
|
--env KEY=VALUE Override an environment variable for each member workflow command
|
|
84
85
|
--section NAME Changelog section for add-changelog
|
|
85
86
|
--entry TEXT Changelog entry for add-changelog
|
|
86
|
-
--check Check whether bump-version would need edits
|
|
87
|
+
--check Check whether bump-version or gha-sha-pins would need edits
|
|
87
88
|
--from VERSION Require selected members to currently match VERSION
|
|
89
|
+
--upgrade LEVEL GitHub Actions SHA pin upgrade strategy: major, minor, patch
|
|
88
90
|
--publish Use publish release command instead of build command
|
|
89
91
|
--build-only Use build release command (default)
|
|
90
92
|
--start-step N Pass start_step=N through to kettle-release commands
|
|
@@ -115,6 +117,7 @@ module Kettle
|
|
|
115
117
|
changelog_entry: nil,
|
|
116
118
|
check: false,
|
|
117
119
|
from_version: nil,
|
|
120
|
+
gha_sha_pins_upgrade: "patch",
|
|
118
121
|
publish: false,
|
|
119
122
|
release_start_step: nil,
|
|
120
123
|
release_local_ci: false,
|
|
@@ -138,6 +141,7 @@ module Kettle
|
|
|
138
141
|
parser.on("--entry TEXT") { |value| options[:changelog_entry] = value }
|
|
139
142
|
parser.on("--check") { options[:check] = true }
|
|
140
143
|
parser.on("--from VERSION") { |value| options[:from_version] = value }
|
|
144
|
+
parser.on("--upgrade LEVEL") { |value| options[:gha_sha_pins_upgrade] = parse_gha_sha_pins_upgrade(value) }
|
|
141
145
|
parser.on("--publish") { options[:publish] = true }
|
|
142
146
|
parser.on("--build-only") { options[:publish] = false }
|
|
143
147
|
parser.on("--start-step N", Integer) { |value| options[:release_start_step] = value }
|
|
@@ -216,6 +220,8 @@ module Kettle
|
|
|
216
220
|
start_step: options[:release_start_step],
|
|
217
221
|
local_ci: options[:release_local_ci],
|
|
218
222
|
continue_ci_failures: options[:release_continue_ci_failures],
|
|
223
|
+
gha_sha_pins_upgrade: options[:gha_sha_pins_upgrade],
|
|
224
|
+
gha_sha_pins_check: options[:check],
|
|
219
225
|
env_overrides: options[:workflow_env]
|
|
220
226
|
).results
|
|
221
227
|
end
|
|
@@ -309,6 +315,13 @@ module Kettle
|
|
|
309
315
|
env[key] = env_value
|
|
310
316
|
end
|
|
311
317
|
|
|
318
|
+
def parse_gha_sha_pins_upgrade(value)
|
|
319
|
+
normalized = value.to_s.downcase
|
|
320
|
+
return normalized if %w[major minor patch].include?(normalized)
|
|
321
|
+
|
|
322
|
+
raise OptionParser::InvalidArgument, "--upgrade must be one of: major, minor, patch"
|
|
323
|
+
end
|
|
324
|
+
|
|
312
325
|
def bump_version_results(members:, options:)
|
|
313
326
|
results = VersionBump.new(
|
|
314
327
|
members: members,
|
|
@@ -12,7 +12,8 @@ module Kettle
|
|
|
12
12
|
"template" => "bundle exec kettle-jem install",
|
|
13
13
|
"test" => "bundle exec kettle-test",
|
|
14
14
|
"lint" => "bundle exec rake rubocop_gradual",
|
|
15
|
-
"docs" => "bundle exec rake yard"
|
|
15
|
+
"docs" => "bundle exec rake yard",
|
|
16
|
+
"gha-sha-pins" => "bundle exec kettle-gha-sha-pins"
|
|
16
17
|
}.freeze
|
|
17
18
|
GIT_SYNC_COMMANDS = {
|
|
18
19
|
"push" => [["push", %w[git push]]],
|
|
@@ -21,7 +22,7 @@ module Kettle
|
|
|
21
22
|
}.freeze
|
|
22
23
|
MAIN_BRANCH_SKIPPING_COMMANDS = %w[release].freeze
|
|
23
24
|
|
|
24
|
-
def initialize(command:, config:, members:, execute: false, commit: true, allow_dirty: false, publish: false, push: false, tag: false, start_step: nil, local_ci: false, continue_ci_failures: false, env_overrides: {}, gem_signing_password: nil)
|
|
25
|
+
def initialize(command:, config:, members:, execute: false, commit: true, allow_dirty: false, publish: false, push: false, tag: false, start_step: nil, local_ci: false, continue_ci_failures: false, gha_sha_pins_upgrade: "patch", gha_sha_pins_check: false, env_overrides: {}, gem_signing_password: nil)
|
|
25
26
|
@command = command
|
|
26
27
|
@config = config
|
|
27
28
|
@members = members
|
|
@@ -34,6 +35,8 @@ module Kettle
|
|
|
34
35
|
@start_step = start_step
|
|
35
36
|
@local_ci = local_ci
|
|
36
37
|
@continue_ci_failures = continue_ci_failures
|
|
38
|
+
@gha_sha_pins_upgrade = gha_sha_pins_upgrade
|
|
39
|
+
@gha_sha_pins_check = gha_sha_pins_check
|
|
37
40
|
@env_overrides = env_overrides
|
|
38
41
|
@gem_signing_password = gem_signing_password
|
|
39
42
|
end
|
|
@@ -48,7 +51,7 @@ module Kettle
|
|
|
48
51
|
|
|
49
52
|
private
|
|
50
53
|
|
|
51
|
-
attr_reader :command, :config, :members, :execute, :commit, :allow_dirty, :publish, :push, :tag, :start_step, :local_ci, :continue_ci_failures, :env_overrides
|
|
54
|
+
attr_reader :command, :config, :members, :execute, :commit, :allow_dirty, :publish, :push, :tag, :start_step, :local_ci, :continue_ci_failures, :gha_sha_pins_upgrade, :gha_sha_pins_check, :env_overrides
|
|
52
55
|
|
|
53
56
|
def current_branch_results(workflow_members)
|
|
54
57
|
return check_results(workflow_members) if command == "check"
|
|
@@ -72,6 +75,7 @@ module Kettle
|
|
|
72
75
|
break memo unless result.ok?
|
|
73
76
|
|
|
74
77
|
normalize_lockfiles(member: member, runner: runner, memo: memo, phase: "normalize_lockfiles") if command == "template"
|
|
78
|
+
commit_gha_sha_pins(member: member, runner: runner, memo: memo) if command == "gha-sha-pins"
|
|
75
79
|
end
|
|
76
80
|
end
|
|
77
81
|
|
|
@@ -141,6 +145,8 @@ module Kettle
|
|
|
141
145
|
start_step: start_step,
|
|
142
146
|
local_ci: local_ci,
|
|
143
147
|
continue_ci_failures: continue_ci_failures,
|
|
148
|
+
gha_sha_pins_upgrade: gha_sha_pins_upgrade,
|
|
149
|
+
gha_sha_pins_check: gha_sha_pins_check,
|
|
144
150
|
env_overrides: env_overrides,
|
|
145
151
|
gem_signing_password: @gem_signing_password
|
|
146
152
|
)
|
|
@@ -358,10 +364,34 @@ module Kettle
|
|
|
358
364
|
|
|
359
365
|
def workflow_command(member = nil)
|
|
360
366
|
return template_command(member) if command == "template"
|
|
367
|
+
return gha_sha_pins_command if command == "gha-sha-pins"
|
|
361
368
|
|
|
362
369
|
command_for(command)
|
|
363
370
|
end
|
|
364
371
|
|
|
372
|
+
def gha_sha_pins_command
|
|
373
|
+
command_text = command_for(command)
|
|
374
|
+
args = []
|
|
375
|
+
args << (gha_sha_pins_check ? "--check" : "--write") unless command_includes_any?(command_text, %w[--check --write])
|
|
376
|
+
args.concat(["--upgrade", gha_sha_pins_upgrade]) unless command_includes_arg?(command_text, "--upgrade")
|
|
377
|
+
append_command_args(command_text, args)
|
|
378
|
+
end
|
|
379
|
+
|
|
380
|
+
def append_command_args(command_text, args)
|
|
381
|
+
return command_text if args.empty?
|
|
382
|
+
return [*command_text, *args] if command_text.is_a?(Array)
|
|
383
|
+
|
|
384
|
+
"#{command_text} #{args.join(" ")}"
|
|
385
|
+
end
|
|
386
|
+
|
|
387
|
+
def command_includes_any?(command_text, args)
|
|
388
|
+
args.any? { |arg| command_includes_arg?(command_text, arg) }
|
|
389
|
+
end
|
|
390
|
+
|
|
391
|
+
def command_includes_arg?(command_text, arg)
|
|
392
|
+
command_text.is_a?(Array) ? command_text.map(&:to_s).include?(arg) : command_text.to_s.include?(arg)
|
|
393
|
+
end
|
|
394
|
+
|
|
365
395
|
def command_for(name)
|
|
366
396
|
configured = config.command_for(name)
|
|
367
397
|
configured || DEFAULT_COMMANDS.fetch(name)
|
|
@@ -457,6 +487,21 @@ module Kettle
|
|
|
457
487
|
end
|
|
458
488
|
end
|
|
459
489
|
|
|
490
|
+
def commit_gha_sha_pins(member:, runner:, memo:)
|
|
491
|
+
return if gha_sha_pins_check || !commit
|
|
492
|
+
|
|
493
|
+
result = runner.call(
|
|
494
|
+
member: member,
|
|
495
|
+
phase: "commit_gha_sha_pins",
|
|
496
|
+
command: [
|
|
497
|
+
"sh",
|
|
498
|
+
"-lc",
|
|
499
|
+
"if ! git diff --quiet -- .github/workflows; then git add -- .github/workflows && git commit -m '🔒 Pin GitHub Actions SHAs'; fi"
|
|
500
|
+
]
|
|
501
|
+
)
|
|
502
|
+
memo << result
|
|
503
|
+
end
|
|
504
|
+
|
|
460
505
|
def family_member
|
|
461
506
|
Member.new(
|
|
462
507
|
name: config.family_name,
|
data.tar.gz.sig
CHANGED
|
Binary file
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: kettle-family
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.16
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Peter H. Boling
|
|
@@ -309,10 +309,10 @@ licenses:
|
|
|
309
309
|
- AGPL-3.0-only
|
|
310
310
|
metadata:
|
|
311
311
|
homepage_uri: https://kettle-family.galtzo.com
|
|
312
|
-
source_code_uri: https://github.com/kettle-dev/kettle-family/tree/v0.1.
|
|
313
|
-
changelog_uri: https://github.com/kettle-dev/kettle-family/blob/v0.1.
|
|
312
|
+
source_code_uri: https://github.com/kettle-dev/kettle-family/tree/v0.1.16
|
|
313
|
+
changelog_uri: https://github.com/kettle-dev/kettle-family/blob/v0.1.16/CHANGELOG.md
|
|
314
314
|
bug_tracker_uri: https://github.com/kettle-dev/kettle-family/issues
|
|
315
|
-
documentation_uri: https://www.rubydoc.info/gems/kettle-family/0.1.
|
|
315
|
+
documentation_uri: https://www.rubydoc.info/gems/kettle-family/0.1.16
|
|
316
316
|
funding_uri: https://github.com/sponsors/pboling
|
|
317
317
|
wiki_uri: https://github.com/kettle-dev/kettle-family/wiki
|
|
318
318
|
news_uri: https://www.railsbling.com/tags/kettle-family
|
metadata.gz.sig
CHANGED
|
Binary file
|