modulorails 1.1.0 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0eea438f121d0e403eee3f6c137338eb030fd7dd5dae376dcd4031a84d4a7fb5
-  data.tar.gz: 7b89b7e8ccb4662fea9be88c200681dacac7a90d2b83ae625e29924c0920910d
+  metadata.gz: 74b7d68847f4e32d43a53990e8e400702a1c667334ad7c862e2e9f6d4197c31b
+  data.tar.gz: 4aedbb6cc5e066b49f710d43a721f8b3a5a4e6869c98979815f8564b1a34fa5d
 SHA512:
-  metadata.gz: e558f3457c6bb1689e27c9f65df05dd6cc21b75c4ce21e0d455dd65485143be8ccd48ca82f22785576415cc3527f21bfa8c0c70d67c453151c445dc504d88f8a
-  data.tar.gz: 81232ed88216f39e467cb4a50038d88b8b89924ebcabb8b4a818d97002c3e4b9ff958be097c17836192e42241247554097b686946c1273354cf8bdb0e31cc9d6
+  metadata.gz: b079774bb4f3e9cfb2eb18bd31745f641d68712426498a859ac6bb8033b1ab274f1fbb708ff9d8519484d39b2dd28676845ed2809b1d04e622bf849a696bcfe8
+  data.tar.gz: d29668cb45b4078b5d7b780d25281cd700cdb96f1d24e6679af5e6aa8871ae23ce1cc71b613ad1b8522c85b23ddd3c60fad766d62f61916bcbb0f0363e1b4fce

data/.rubocop.yml

@@ -26,19 +26,18 @@ AllCops:
 
   # Excluding most directories with generated files and directories with configuration files.
   Exclude:
-    - '/**/vendor/**/*'
-    - '/**/db/**/*'
-    - '/**/tmp/**/*'
-    - '/**/bin/**/*'
-    - '/**/builds/**/*'
-    - '/**/Gemfile'
-    - '/**/Guardfile'
-    - '/**/Capfile'
-    - '/**/Rakefile'
-    - '/**/config/**/*'
-    - '/**/test/**/*'
-    - '/**/node_modules/**/*'
-    - '/**/spec/**/*'
+    - 'vendor/**/*'
+    - 'db/**/*'
+    - 'tmp/**/*'
+    - 'bin'
+    - '**/Gemfile'
+    - '**/Guardfile'
+    - '**/Capfile'
+    - '**/Rakefile'
+    - 'config/**/*'
+    - 'test/**/*'
+    - 'node_modules/**/*'
+    - 'spec/**/*'
 
 # Instructing rubocop about all standard Modulotech environments.
 Rails/UnknownEnv:
@@ -234,7 +233,7 @@ Style/EmptyMethod:
 Metrics/BlockLength:
   Enabled: true
   Exclude:
-    - '/**/app/admin/**/*'
+    - 'app/admin/**/*'
 
 # Checks if empty lines around the bodies of classes match the configuration.
 Layout/EmptyLinesAroundClassBody:

data/CHANGELOG.md

@@ -2,6 +2,15 @@
 
 This file is used to list changes made in each version of the gem.
 
+# 1.2.0
+
+The 'audit' release.
+
+- Add bundler-audit in CI.
+- Make the rubocop configuration work during CI.
+- Fix generation of .gitlab-ci.yml for PG databases.
+- Remove deprecated `--deployment` flag from Dockerfile.prod
+
 # 1.1.0
 
 The 'new project' release.

data/lib/generators/modulorails/bundleraudit/bundleraudit_generator.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require 'rails/generators'
+
+class Modulorails::BundlerauditGenerator < Rails::Generators::Base
+
+  source_root File.expand_path('templates', __dir__)
+  desc 'This generator creates a configuration for Bundler-Audit'
+
+  def create_config_files
+    gitlab_config_path       = Rails.root.join('.gitlab-ci.yml')
+
+    return if File.read(gitlab_config_path).match?(/\s+extends:\s+.bundleraudit\s*$/)
+
+    append_file gitlab_config_path do
+      <<~YAML
+        # Scan Gemfile.lock for Common Vulnerabilities and Exposures
+        # https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures
+        # https://www.cve.org/
+        bundleraudit:
+          extends: .bundleraudit
+      YAML
+    end
+  end
+
+end

data/lib/generators/modulorails/docker/templates/Dockerfile.prod.tt

@@ -20,7 +20,8 @@ RUN apk add --update --no-cache \
 RUN gem install bundler -v <%= Modulorails.data.bundler_version %>
 
 COPY Gemfile Gemfile.lock ./
-RUN bundle check || bundle install --deployment --jobs=2 \
+RUN bundle config set --local deployment 'true'
+RUN bundle check || bundle install --jobs=2 \
     && rm -rf vendor/bundle/ruby/*/cache/*
 
 COPY package.json yarn.lock ./

data/lib/generators/modulorails/gitlabci/templates/.gitlab-ci.yml.tt

@@ -17,9 +17,16 @@ services:
 
 variables:
   IMAGE_NAME: <%= image_name %>
+  <%- if adapter =~ /mysql/ -%>
   MYSQL_DATABASE: <%= image_name %>_test
   MYSQL_ALLOW_EMPTY_PASSWORD: 'true'
   <%= image_name.upcase %>_DATABASE_HOST: mysql
+  <%- else -%>
+  POSTGRES_DB: <%= image_name %>_test
+  POSTGRES_USER: postgres
+  POSTGRES_PASSWORD: postgres
+  <%= image_name.upcase %>_DATABASE_HOST: postgres
+  <%- end -%>
 
 stages:
   - test

data/lib/generators/modulorails/rubocop/templates/rubocop.yml.tt

@@ -9,10 +9,259 @@
 #
 # See https://docs.rubocop.org/rubocop/configuration
 
-inherit_gem:
-  modulorails: .rubocop.yml
+# Enabling Rails-specific cops.
+require: rubocop-rails
 
-# Take into account the exclude list from the gem
 inherit_mode:
   merge:
     - Exclude
+    - Include
+
+AllCops:
+  # No suggestions since the gem is the sole truth for rubocop configuration.
+  SuggestExtensions: false
+
+  # Enable new cops by default
+  NewCops: enable
+
+  # Excluding most directories with generated files and directories with configuration files.
+  Exclude:
+    - 'vendor/**/*'
+    - 'db/**/*'
+    - 'tmp/**/*'
+    - 'bin'
+    - '**/Gemfile'
+    - '**/Guardfile'
+    - '**/Capfile'
+    - '**/Rakefile'
+    - 'config/**/*'
+    - 'test/**/*'
+    - 'node_modules/**/*'
+    - 'spec/**/*'
+
+# Instructing rubocop about all standard Modulotech environments.
+Rails/UnknownEnv:
+  Environments:
+    - production
+    - development
+    - test
+    - staging
+    - preprod
+
+# Checks if String literals are using single quotes when no interpolation is required
+Style/StringLiterals:
+  Enabled: true
+  EnforcedStyle: single_quotes
+  ConsistentQuotesInMultiline: false
+
+# Checks if the quotes used for quoted symbols are single quotes when no interpolation is required
+Style/QuotedSymbols:
+  Enabled: true
+  EnforcedStyle: same_as_string_literals
+
+# This cop checks for uses of literal strings converted to a symbol where a literal symbol could be used instead.
+Lint/SymbolConversion:
+  Enabled: true
+  EnforcedStyle: strict
+
+# Useless cop. It checks for unnecessary safe navigations.
+# Example:
+# obj&.a && obj.b
+# Triggers rubocop error: it requires to add safe navigation for "obj.b" call => "obj&.b".
+# but it is not necessary. obj&.a will return nil if obj is nil, and it will stop
+# execution of the operation because `&&` right part executes only when left part is truthy.
+Lint/SafeNavigationConsistency:
+  Enabled: false
+
+# Checks for places where keyword arguments can be used instead of boolean arguments when defining methods.
+# Disabled because moving from default arguments to keywords is not that easy.
+Style/OptionalBooleanParameter:
+  Enabled: false
+
+# Checks for use of the lambda.(args) syntax.
+# Disabled while the Ruby team has not voted on this.
+Style/LambdaCall:
+  Enabled: false
+  EnforcedStyle: braces
+
+# Checks for presence or absence of braces around hash literal as a last array item depending on configuration.
+# Disabled because it would break a lot of permitted_params definitions
+Style/HashAsLastArrayItem:
+  Enabled: false
+
+# Checks for grouping of accessors in class and module bodies.
+# Useless.
+Style/AccessorGrouping:
+  Enabled: false
+
+# Makes our lives happier: we don't need to disable it in each case/when method
+# with more than 5 "when"s.
+Metrics/CyclomaticComplexity:
+  Max: 10
+
+# Commonly used screens these days easily fit more than 80 characters.
+Layout/LineLength:
+  Max: 100
+
+# Too short methods lead to extraction of single-use methods, which can make
+# the code easier to read (by naming things), but can also clutter the class
+Metrics/MethodLength:
+  Max: 20
+
+# The guiding principle of classes is SRP, SRP can't be accurately measured by LoC
+Metrics/ClassLength:
+  Max: 1500
+
+# No space makes the method definition shorter and differentiates
+# from a regular assignment.
+Layout/SpaceAroundEqualsInParameterDefault:
+  EnforcedStyle: no_space
+
+# We do not need to support Ruby 1.9, so this is good to use.
+Style/SymbolArray:
+  Enabled: true
+
+# Most readable form.
+Layout/HashAlignment:
+  EnforcedHashRocketStyle: table
+  EnforcedColonStyle: table
+
+# Mixing the styles looks just silly.
+Style/HashSyntax:
+  EnforcedStyle: ruby19_no_mixed_keys
+
+# has_key? and has_value? are far more readable than key? and value?
+Style/PreferredHashMethods:
+  Enabled: false
+
+# String#% is by far the least verbose and only object oriented variant.
+Style/FormatString:
+  EnforcedStyle: percent
+
+# Annotated or template are too verbose and rarely needed.
+Style/FormatStringToken:
+  EnforcedStyle: unannotated
+
+Style/CollectionMethods:
+  Enabled: true
+  PreferredMethods:
+    # inject seems more common in the community.
+    reduce: "inject"
+
+# Either allow this style or don't. Marking it as safe with parenthesis
+# is silly. Let's try to live without them for now.
+Style/ParenthesesAroundCondition:
+  AllowSafeAssignment: false
+Lint/AssignmentInCondition:
+  AllowSafeAssignment: false
+
+# A specialized exception class will take one or more arguments and construct the message from it.
+# So both variants make sense.
+Style/RaiseArgs:
+  Enabled: false
+
+# Indenting the chained dots beneath each other is not supported by this cop,
+# see https://github.com/bbatsov/rubocop/issues/1633
+Layout/MultilineOperationIndentation:
+  Enabled: false
+
+# Fail is an alias of raise. Avoid aliases, it's more cognitive load for no gain.
+# The argument that fail should be used to abort the program is wrong too,
+# there's Kernel#abort for that.
+Style/SignalException:
+  EnforcedStyle: only_raise
+
+# Suppressing exceptions can be perfectly fine, and be it to avoid to
+# explicitly type nil into the rescue since that's what you want to return,
+# or suppressing LoadError for optional dependencies
+Lint/SuppressedException:
+  Enabled: false
+
+# { ... } for multi-line blocks is okay, follow Weirichs rule instead:
+# https://web.archive.org/web/20140221124509/http://onestepback.org/index.cgi/Tech/Ruby/BraceVsDoEnd.rdoc
+Style/BlockDelimiters:
+  Enabled: false
+
+# do / end blocks should be used for side effects,
+# methods that run a block for side effects and have
+# a useful return value are rare, assign the return
+# value to a local variable for those cases.
+Style/MethodCalledOnDoEndBlock:
+  Enabled: true
+
+# Enforcing the names of variables? To single letter ones? Just no.
+Style/SingleLineBlockParams:
+  Enabled: false
+
+# Shadowing outer local variables with block parameters is often useful
+# to not reinvent a new name for the same thing, it highlights the relation
+# between the outer variable and the parameter. The cases where it's actually
+# confusing are rare, and usually bad for other reasons already, for example
+# because the method is too long.
+Lint/ShadowingOuterLocalVariable:
+  Enabled: false
+
+# Check with yard instead.
+Style/Documentation:
+  Enabled: false
+
+# This is just silly. Calling the argument `other` in all cases makes no sense.
+Naming/BinaryOperatorParameterName:
+  Enabled: false
+
+# Disable frozen string
+Style/FrozenStringLiteralComment:
+  Enabled: false
+
+# Disable No ASCII char in comments
+Style/AsciiComments:
+  Enabled: false
+
+# Disable ordered Gems By ascii
+Bundler/OrderedGems:
+  Enabled: false
+
+# Change ABC max value
+Metrics/AbcSize:
+  Max: 35
+
+# Disable empty method in one line
+Style/EmptyMethod:
+  EnforcedStyle: expanded
+
+# Disable max height block
+Metrics/BlockLength:
+  Enabled: true
+  Exclude:
+    - 'app/admin/**/*'
+    - 'lib/tasks/**/*'
+
+# Checks if empty lines around the bodies of classes match the configuration.
+Layout/EmptyLinesAroundClassBody:
+  EnforcedStyle: empty_lines
+# Checks if empty lines around the bodies of modules match the configuration.
+Layout/EmptyLinesAroundModuleBody:
+  EnforcedStyle: empty_lines
+
+# Enforces the consistent usage of %-literal delimiters.
+Style/PercentLiteralDelimiters:
+  PreferredDelimiters:
+    default: '()'
+    '%i': '[]'
+    '%I': '[]'
+    '%r': '{}'
+    '%w': '[]'
+    '%W': '[]'
+
+# Unnecessary cop. In what universe "A || B && C" or "A && B || C && D" is ambiguous? looks
+# like a cop for those who can't in boolean.
+Lint/AmbiguousOperatorPrecedence:
+  Enabled: false
+
+# Checks for simple usages of parallel assignment.
+Style/ParallelAssignment:
+  Enabled: false
+
+# Checks the style of children definitions at classes and modules.
+Style/ClassAndModuleChildren:
+  Enabled: false

data/lib/modulorails/railtie.rb

@@ -51,6 +51,9 @@ module Modulorails
         # Add/update Rubocop config
         Modulorails.generate_rubocop_template
 
+        # Add/update Bundler-audit config
+        Modulorails.generate_bundleraudit_template
+
         # Gem's self-update if a new version was released
         Modulorails.self_update
       end

data/lib/modulorails/version.rb

@@ -1,6 +1,6 @@
 module Modulorails
 
-  VERSION = '1.1.0'.freeze
+  VERSION = '1.2.0'.freeze
 
   # Useful to compare the current Ruby version
   COMPARABLE_RUBY_VERSION = Gem::Version.new(RUBY_VERSION)

data/lib/modulorails.rb

@@ -7,6 +7,7 @@ require 'generators/modulorails/gitlabci/gitlabci_generator'
 require 'generators/modulorails/healthcheck/health_check_generator'
 require 'generators/modulorails/self_update/self_update_generator'
 require 'generators/modulorails/rubocop/rubocop_generator'
+require 'generators/modulorails/bundleraudit/bundleraudit_generator'
 require 'httparty'
 require 'modulorails/error_data'
 require 'modulorails/success_data'
@@ -165,6 +166,13 @@ module Modulorails
       Modulorails::RubocopGenerator.new([], {}, {}).invoke_all
     end
 
+    # @author Matthieu 'ciappa_m' Ciappara
+    #
+    # Generate a bundler-audit configuration.
+    def generate_bundleraudit_template
+      Modulorails::BundlerauditGenerator.new([], {}, {}).invoke_all
+    end
+
   end
 
 end

data/modulorails.gemspec

@@ -36,6 +36,7 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency 'railties', '>= 4.2.0'
   spec.add_runtime_dependency 'rubocop', '>= 1.28.2'
   spec.add_runtime_dependency 'rubocop-rails', '>= 2.14.2'
+  spec.add_runtime_dependency 'bundler-audit', '~> 0.9.1'
 
   spec.add_development_dependency 'activerecord', '>= 4.2.0'
   spec.add_development_dependency 'appraisal'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: modulorails
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Matthieu Ciappara
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-07-21 00:00:00.000000000 Z
+date: 2022-09-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: git
@@ -114,6 +114,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 2.14.2
+- !ruby/object:Gem::Dependency
+  name: bundler-audit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.1
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
@@ -184,6 +198,7 @@ files:
 - gemfiles/rails_60.gemfile
 - gemfiles/rails_61.gemfile
 - gemfiles/rails_70.gemfile
+- lib/generators/modulorails/bundleraudit/bundleraudit_generator.rb
 - lib/generators/modulorails/docker/docker_generator.rb
 - lib/generators/modulorails/docker/templates/Dockerfile.prod.tt
 - lib/generators/modulorails/docker/templates/Dockerfile.tt