metadata_json_deps 0.4.0 → 0.6.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 376a5a0f5181d0d6095b02fd5eb968c8acc887c8f85c1127c80d3fd622ed4a14
4
- data.tar.gz: 2a8978e1c706f98b80a82c04e9bc4cb5721d72026ab7089b044d0981e1db16c7
3
+ metadata.gz: 957053c39314e5fae78a9a48640c3babf2ba4a0f160a616c8dc41464c8f7592d
4
+ data.tar.gz: 926feeae2bd1b0764a6f0eff29272fab9b78afac8f6b831ff50a4c64789f16fa
5
5
  SHA512:
6
- metadata.gz: d7a981df5b61c4ff15f7f016ce4f90ad5045f47c3556db8d686c6cd5ada2eff218daa240507f73c071f249c255bae1c39073ba04a675bb4426158ca3f9b56b68
7
- data.tar.gz: 28fabc4c9c1cfe758875314d137117a7c7b437d39f15e94b160469f2a7fade2a3a59eba9eaa39e4d5f71e054d9aa1df9b760f3c1a7a63db860fbb27d9c0dcdb4
6
+ metadata.gz: 501218e7ffd20f2e10cadf62176f80ae92707a677867a384071723d259c2bfb8e71c98e4521c8cf6010da01ea34bfdd592a64a4f7cafb6f549eb962ed4e3188e
7
+ data.tar.gz: 89b909bcdb29105edf8ee88059a58363852f910df43c583e8f4d050b95d14b923e69ad4897e17858cd3224ea99200bc923c05c385f29d26cb0c5a13d6cffda7e
data/README.md CHANGED
@@ -28,6 +28,20 @@ On the command line, run `metadata-json-deps` with the path(s) of your `metadata
28
28
  metadata-json-deps /path/to/metadata.json
29
29
  ```
30
30
 
31
+ Example output:
32
+
33
+ ```console
34
+ $ metadata-json-deps modules/*/*/metadata.json
35
+ Checking modules/theforeman/puppet-candlepin/metadata.json
36
+ puppetlabs/stdlib (>= 4.2.0 < 8.0.0) doesn't match 8.1.0
37
+ puppet/extlib (>= 3.0.0 < 6.0.0) doesn't match 6.0.0
38
+ Checking modules/theforeman/puppet-certs/metadata.json
39
+ puppetlabs-stdlib (>= 4.25.0 < 8.0.0) doesn't match 8.1.0
40
+ puppet-extlib (>= 3.0.0 < 6.0.0) doesn't match 6.0.0
41
+ Checking modules/theforeman/puppet-dhcp/metadata.json
42
+ Checking modules/theforeman/puppet-dns/metadata.json
43
+ ```
44
+
31
45
  It can also be run verbosely to show valid dependencies:
32
46
 
33
47
  ```shell
@@ -47,3 +61,19 @@ task :metadata_deps do
47
61
  MetadataJsonDeps::run(files)
48
62
  end
49
63
  ```
64
+
65
+ ### Bumping dependency upper bounds
66
+
67
+ After detecting outdated dependencies, it's important to do something about this. Taking the earlier example, you can see some modules should allow newer dependencies (candlepin and certs) while others are up to date (dhcp and dns).
68
+
69
+ The next step is to look into the newer dependencies. In this case stdlib and extlib had a major version bump. It is then important to look at the changes and see if it does affect modules. Sometimes it doesn't, like when a module drops support for Puppet 5 but our modules already dropped Puppet 5. In that case, it's safe to raise the upper version bound.
70
+
71
+ To update the upper bounds, [bump-dependency-upper-bound](https://github.com/voxpupuli/modulesync_config/blob/master/bin/bump-dependency-upper-bound) can be used. For example, to allow puppetlabs/stdlib 8.x, the new upper bound is 9.0.0:
72
+
73
+ ```console
74
+ $ bump-dependency-upper-bound puppetlabs/stdlib 9.0.0 modules/*/*/metadata.json
75
+ Updated modules/theforeman/puppet-candlepin/metadata.json: '>= 4.2.0 < 8.0.0' to '>= 4.2.0 < 9.0.0'
76
+ Updated modules/theforeman/puppet-certs/metadata.json: '>= 4.25.0 < 8.0.0' to '>= 4.25.0 < 9.0.0'
77
+ modules/theforeman/puppet-dhcp/metadata.json already matches 9.0.0
78
+ modules/theforeman/puppet-dns/metadata.json already matches 9.0.0
79
+ ```
@@ -0,0 +1,32 @@
1
+ #!/usr/bin/env ruby
2
+ require 'optparse'
3
+ require 'metadata_json_deps'
4
+
5
+ def main
6
+ parser = OptionParser.new do |opts|
7
+ opts.banner = "Usage: #{opts.program_name} module_name new_upper_bound metadata"
8
+ end
9
+
10
+ parser.parse!
11
+ if ARGV.length < 3
12
+ STDERR.puts parser.help
13
+ exit 1
14
+ end
15
+
16
+ module_name, upper_bound, *paths = ARGV
17
+ module_name = PuppetForge::V3.normalize_name(module_name)
18
+ paths.each do |path|
19
+ begin
20
+ old, new = MetadataJsonDeps.bump_dependency(path, module_name, upper_bound)
21
+ if old != new
22
+ puts "Updated #{path}: '#{old}' to '#{new}'"
23
+ else
24
+ puts "#{path} already matches #{upper_bound}"
25
+ end
26
+ rescue Exception => e
27
+ puts "Failed to update #{path}: #{e}"
28
+ end
29
+ end
30
+ end
31
+
32
+ main
@@ -35,6 +35,44 @@ module MetadataJsonDeps
35
35
  puts result.to_yaml
36
36
  end
37
37
 
38
+ # Bump a dependency in a filename
39
+ #
40
+ # @param [String] filename A path to a metadata file. An error is raised if
41
+ # it's invalid metadata.
42
+ # @param [String] module_name The module name listed in dependencies. It must
43
+ # be normalized to the forge style (using a dash). It can fall back to a
44
+ # slash if metadata uses a slash.
45
+ # @param [String] upper_bound The new upper bound for the module name
46
+ # @return [Array<String>] An array with the old and new version. Can be used
47
+ # to determine if a change was made.
48
+ # @see PuppetMetadata.read
49
+ def self.bump_dependency(filename, module_name, upper_bound)
50
+ metadata = PuppetMetadata.read(filename)
51
+
52
+ requirement = metadata.dependencies[module_name]
53
+ unless requirement
54
+ # TODO: normalize keys in puppet_metadata so we don't need 2 lookups?
55
+ module_name = module_name.tr('-', '/')
56
+ requirement = metadata.dependencies[module_name]
57
+ raise Exception.new("Dependency #{module_name} not found") unless requirement
58
+ end
59
+
60
+ return [requirement.to_s, requirement.to_s] if requirement.end == upper_bound
61
+
62
+ new = ">= #{requirement.begin} < #{upper_bound}"
63
+
64
+ new_metadata = metadata.metadata.clone
65
+ new_metadata['dependencies'].each do |dependency|
66
+ if dependency['name'] == module_name
67
+ dependency['version_requirement'] = new
68
+ end
69
+ end
70
+
71
+ File.write(filename, JSON.pretty_generate(new_metadata) + "\n")
72
+
73
+ [requirement.to_s, new]
74
+ end
75
+
38
76
  def self.run(filenames, verbose = false)
39
77
  forge = ForgeVersions.new
40
78
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: metadata_json_deps
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.0
4
+ version: 0.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ewoud Kohl van Wijngaarden
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-02-09 00:00:00.000000000 Z
11
+ date: 2022-12-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: puppet_forge
@@ -19,7 +19,7 @@ dependencies:
19
19
  version: '2.2'
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
- version: '4'
22
+ version: '5'
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
29
29
  version: '2.2'
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
- version: '4'
32
+ version: '5'
33
33
  - !ruby/object:Gem::Dependency
34
34
  name: puppet_metadata
35
35
  requirement: !ruby/object:Gem::Requirement
@@ -81,6 +81,7 @@ dependencies:
81
81
  description: Verify all your dependencies allow the latest versions on Puppet Forge
82
82
  email: ewoud+rubygems@kohlvanwijngaarden.nl
83
83
  executables:
84
+ - bump-dependency-upper-bound
84
85
  - generate-fixtures-yaml
85
86
  - metadata-json-deps
86
87
  extensions: []
@@ -89,6 +90,7 @@ extra_rdoc_files:
89
90
  files:
90
91
  - LICENSE
91
92
  - README.md
93
+ - bin/bump-dependency-upper-bound
92
94
  - bin/generate-fixtures-yaml
93
95
  - bin/metadata-json-deps
94
96
  - lib/metadata_json_deps.rb
@@ -112,7 +114,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
112
114
  - !ruby/object:Gem::Version
113
115
  version: '0'
114
116
  requirements: []
115
- rubygems_version: 3.2.22
117
+ rubygems_version: 3.3.7
116
118
  signing_key:
117
119
  specification_version: 4
118
120
  summary: Check your Puppet metadata dependencies