metadata_json_deps 0.2.0 → 0.5.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2bcbe32a5563efc72e3d20dca1bde1f7b6fd04daed604ac244b1b7b3a5248c0f
4
- data.tar.gz: fdae66bfdaebacb7e019ccb762b63c85bce412f2b5b24e45319a241bd7321b35
3
+ metadata.gz: 6179bcf58c7d31443f14ee253a6138a39eb9cc5ee6522ad3ce90808af18b72c9
4
+ data.tar.gz: df68258de0fe2b4a056fd0bf71b00652f97ff127e5a925c99fc11cf0bb72ca82
5
5
  SHA512:
6
- metadata.gz: 69e42cca04c2f04382d09f3e387684624395e5ebace94842fe721ae56fbdfc13a8609e8b82ccfc9388fbc7d1da8d218808a3ff760b5ddcc7c64bb088b55790f2
7
- data.tar.gz: 0f354fcca5932a92401c14615de0a8b62bfdd91008719cb5e53bb64a8cf0a6b063244d77dfce02de39210558e42e2abc0ea8d30bfaddcf6d90a25520e1d9ec04
6
+ metadata.gz: 7386a095e6ae88bae37389863f813d07748bb8bd4a194f0d9a27b6156202670f2f93bd9b10b856d8d16f35f3e8be7da6386bc255d06d3f9cd31b7445d94ded0e
7
+ data.tar.gz: a02885daa2cae0fc442dbb92041a9db103a8fa72f10cf0bb3b46d75b1021198f9c24c40e7f563b119105f71b6eafccf4088ba55754daa58a0842754e3db12e25
data/LICENSE ADDED
@@ -0,0 +1,20 @@
1
+ Copyright (c) 2017-2021 Ewoud Kohl van Wijngaarden
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md CHANGED
@@ -28,6 +28,20 @@ On the command line, run `metadata-json-deps` with the path(s) of your `metadata
28
28
  metadata-json-deps /path/to/metadata.json
29
29
  ```
30
30
 
31
+ Example output:
32
+
33
+ ```console
34
+ $ metadata-json-deps modules/*/*/metadata.json
35
+ Checking modules/theforeman/puppet-candlepin/metadata.json
36
+ puppetlabs/stdlib (>= 4.2.0 < 8.0.0) doesn't match 8.1.0
37
+ puppet/extlib (>= 3.0.0 < 6.0.0) doesn't match 6.0.0
38
+ Checking modules/theforeman/puppet-certs/metadata.json
39
+ puppetlabs-stdlib (>= 4.25.0 < 8.0.0) doesn't match 8.1.0
40
+ puppet-extlib (>= 3.0.0 < 6.0.0) doesn't match 6.0.0
41
+ Checking modules/theforeman/puppet-dhcp/metadata.json
42
+ Checking modules/theforeman/puppet-dns/metadata.json
43
+ ```
44
+
31
45
  It can also be run verbosely to show valid dependencies:
32
46
 
33
47
  ```shell
@@ -47,3 +61,19 @@ task :metadata_deps do
47
61
  MetadataJsonDeps::run(files)
48
62
  end
49
63
  ```
64
+
65
+ ### Bumping dependency upper bounds
66
+
67
+ After detecting outdated dependencies, it's important to do something about this. Taking the earlier example, you can see some modules should allow newer dependencies (candlepin and certs) while others are up to date (dhcp and dns).
68
+
69
+ The next step is to look into the newer dependencies. In this case stdlib and extlib had a major version bump. It is then important to look at the changes and see if it does affect modules. Sometimes it doesn't, like when a module drops support for Puppet 5 but our modules already dropped Puppet 5. In that case, it's safe to raise the upper version bound.
70
+
71
+ To update the upper bounds, [bump-dependency-upper-bound](https://github.com/voxpupuli/modulesync_config/blob/master/bin/bump-dependency-upper-bound) can be used. For example, to allow puppetlabs/stdlib 8.x, the new upper bound is 9.0.0:
72
+
73
+ ```console
74
+ $ bump-dependency-upper-bound puppetlabs/stdlib 9.0.0 modules/*/*/metadata.json
75
+ Updated modules/theforeman/puppet-candlepin/metadata.json: '>= 4.2.0 < 8.0.0' to '>= 4.2.0 < 9.0.0'
76
+ Updated modules/theforeman/puppet-certs/metadata.json: '>= 4.25.0 < 8.0.0' to '>= 4.25.0 < 9.0.0'
77
+ modules/theforeman/puppet-dhcp/metadata.json already matches 9.0.0
78
+ modules/theforeman/puppet-dns/metadata.json already matches 9.0.0
79
+ ```
@@ -0,0 +1,32 @@
1
+ #!/usr/bin/env ruby
2
+ require 'optparse'
3
+ require 'metadata_json_deps'
4
+
5
+ def main
6
+ parser = OptionParser.new do |opts|
7
+ opts.banner = "Usage: #{opts.program_name} module_name new_upper_bound metadata"
8
+ end
9
+
10
+ parser.parse!
11
+ if ARGV.length < 3
12
+ STDERR.puts parser.help
13
+ exit 1
14
+ end
15
+
16
+ module_name, upper_bound, *paths = ARGV
17
+ module_name = PuppetForge::V3.normalize_name(module_name)
18
+ paths.each do |path|
19
+ begin
20
+ old, new = MetadataJsonDeps.bump_dependency(path, module_name, upper_bound)
21
+ if old != new
22
+ puts "Updated #{path}: '#{old}' to '#{new}'"
23
+ else
24
+ puts "#{path} already matches #{upper_bound}"
25
+ end
26
+ rescue Exception => e
27
+ puts "Failed to update #{path}: #{e}"
28
+ end
29
+ end
30
+ end
31
+
32
+ main
@@ -0,0 +1,16 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require 'optparse'
4
+ require 'metadata_json_deps'
5
+
6
+ parser = OptionParser.new do |opts|
7
+ opts.banner = "Usage: #{opts.program_name} metadata"
8
+ end
9
+
10
+ parser.parse!
11
+ if ARGV.empty?
12
+ puts parser.help
13
+ exit 1
14
+ end
15
+
16
+ MetadataJsonDeps.build_fixtures(ARGV.first)
@@ -5,9 +5,7 @@ require 'metadata_json_deps'
5
5
 
6
6
  options = {}
7
7
  OptionParser.new do |opts|
8
- opts.on("-v", "--[no-]verbose", "Run verbosely") do |v|
9
- options[:verbose] = v
10
- end
11
- end.parse!
8
+ opts.on("-v", "--[no-]verbose", "Run verbosely")
9
+ end.parse!(into: options)
12
10
 
13
11
  MetadataJsonDeps.run(ARGV, options[:verbose])
@@ -7,12 +7,72 @@ module MetadataJsonDeps
7
7
  @cache = cache
8
8
  end
9
9
 
10
- def get_current_version(name)
11
- name = name.sub('/', '-')
12
- @cache[name] ||= PuppetForge::Module.find(name).current_release.version
10
+ def get_module(name)
11
+ name = PuppetForge::V3.normalize_name(name)
12
+ @cache[name] ||= PuppetForge::Module.find(name)
13
13
  end
14
14
  end
15
15
 
16
+ def self.build_fixtures(filename)
17
+ require 'yaml'
18
+
19
+ result = {}
20
+
21
+ dependencies = PuppetMetadata.read(filename).dependencies
22
+ if dependencies.any?
23
+ forge = ForgeVersions.new
24
+
25
+ repositories = {}
26
+ result['fixtures'] = {'repositories' => repositories}
27
+
28
+ dependencies.each do |dependency, _constraint|
29
+ mod = forge.get_module(dependency)
30
+ # TODO: The forge should expose the source URL directly
31
+ repositories[mod.name] = mod.current_release.metadata[:source]
32
+ end
33
+ end
34
+
35
+ puts result.to_yaml
36
+ end
37
+
38
+ # Bump a dependency in a filename
39
+ #
40
+ # @param [String] filename A path to a metadata file. An error is raised if
41
+ # it's invalid metadata.
42
+ # @param [String] module_name The module name listed in dependencies. It must
43
+ # be normalized to the forge style (using a dash). It can fall back to a
44
+ # slash if metadata uses a slash.
45
+ # @param [String] upper_bound The new upper bound for the module name
46
+ # @return [Array<String>] An array with the old and new version. Can be used
47
+ # to determine if a change was made.
48
+ # @see PuppetMetadata.read
49
+ def self.bump_dependency(filename, module_name, upper_bound)
50
+ metadata = PuppetMetadata.read(filename)
51
+
52
+ requirement = metadata.dependencies[module_name]
53
+ unless requirement
54
+ # TODO: normalize keys in puppet_metadata so we don't need 2 lookups?
55
+ module_name = module_name.tr('-', '/')
56
+ requirement = metadata.dependencies[module_name]
57
+ raise Exception.new("Dependency #{module_name} not found") unless requirement
58
+ end
59
+
60
+ return [requirement.to_s, requirement.to_s] if requirement.end == upper_bound
61
+
62
+ new = ">= #{requirement.begin} < #{upper_bound}"
63
+
64
+ new_metadata = metadata.metadata.clone
65
+ new_metadata['dependencies'].each do |dependency|
66
+ if dependency['name'] == module_name
67
+ dependency['version_requirement'] = new
68
+ end
69
+ end
70
+
71
+ File.write(filename, JSON.pretty_generate(new_metadata) + "\n")
72
+
73
+ [requirement.to_s, new]
74
+ end
75
+
16
76
  def self.run(filenames, verbose = false)
17
77
  forge = ForgeVersions.new
18
78
 
@@ -21,14 +81,26 @@ module MetadataJsonDeps
21
81
  metadata = PuppetMetadata.read(filename)
22
82
 
23
83
  metadata.dependencies.map do |dependency, constraint|
24
- current = forge.get_current_version(dependency)
84
+ mod = forge.get_module(dependency)
25
85
 
26
- if metadata.satisfies_dependency?(dependency, current)
27
- if verbose
28
- puts " #{dependency} (#{constraint}) matches #{current}"
86
+ if mod.deprecated_at
87
+ if mod.superseded_by
88
+ puts " #{dependency} was superseded by #{mod.superseded_by[:slug]}"
89
+ elsif mod.deprecated_for
90
+ puts " #{dependency} was deprecated: #{mod.deprecated_for}"
91
+ else
92
+ puts " #{dependency} was deprecated"
29
93
  end
30
94
  else
31
- puts " #{dependency} (#{constraint}) doesn't match #{current}"
95
+ current = mod.current_release.version
96
+
97
+ if metadata.satisfies_dependency?(dependency, current)
98
+ if verbose
99
+ puts " #{dependency} (#{constraint}) matches #{current}"
100
+ end
101
+ else
102
+ puts " #{dependency} (#{constraint}) doesn't match #{current}"
103
+ end
32
104
  end
33
105
  end
34
106
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: metadata_json_deps
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ewoud Kohl van Wijngaarden
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-08-05 00:00:00.000000000 Z
11
+ date: 2022-03-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: puppet_forge
@@ -34,25 +34,64 @@ dependencies:
34
34
  name: puppet_metadata
35
35
  requirement: !ruby/object:Gem::Requirement
36
36
  requirements:
37
- - - "~>"
37
+ - - ">="
38
38
  - !ruby/object:Gem::Version
39
39
  version: 0.3.0
40
+ - - "<"
41
+ - !ruby/object:Gem::Version
42
+ version: '2'
40
43
  type: :runtime
41
44
  prerelease: false
42
45
  version_requirements: !ruby/object:Gem::Requirement
43
46
  requirements:
44
- - - "~>"
47
+ - - ">="
45
48
  - !ruby/object:Gem::Version
46
49
  version: 0.3.0
50
+ - - "<"
51
+ - !ruby/object:Gem::Version
52
+ version: '2'
53
+ - !ruby/object:Gem::Dependency
54
+ name: rspec
55
+ requirement: !ruby/object:Gem::Requirement
56
+ requirements:
57
+ - - "~>"
58
+ - !ruby/object:Gem::Version
59
+ version: '3.0'
60
+ type: :development
61
+ prerelease: false
62
+ version_requirements: !ruby/object:Gem::Requirement
63
+ requirements:
64
+ - - "~>"
65
+ - !ruby/object:Gem::Version
66
+ version: '3.0'
67
+ - !ruby/object:Gem::Dependency
68
+ name: rake
69
+ requirement: !ruby/object:Gem::Requirement
70
+ requirements:
71
+ - - "~>"
72
+ - !ruby/object:Gem::Version
73
+ version: '13.0'
74
+ type: :development
75
+ prerelease: false
76
+ version_requirements: !ruby/object:Gem::Requirement
77
+ requirements:
78
+ - - "~>"
79
+ - !ruby/object:Gem::Version
80
+ version: '13.0'
47
81
  description: Verify all your dependencies allow the latest versions on Puppet Forge
48
82
  email: ewoud+rubygems@kohlvanwijngaarden.nl
49
83
  executables:
84
+ - bump-dependency-upper-bound
85
+ - generate-fixtures-yaml
50
86
  - metadata-json-deps
51
87
  extensions: []
52
88
  extra_rdoc_files:
53
89
  - README.md
54
90
  files:
91
+ - LICENSE
55
92
  - README.md
93
+ - bin/bump-dependency-upper-bound
94
+ - bin/generate-fixtures-yaml
56
95
  - bin/metadata-json-deps
57
96
  - lib/metadata_json_deps.rb
58
97
  homepage: https://github.com/ekohl/metadata_json_deps