netsoft-danger 0.3.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: ed4179318732a96ccb2143ed81c4883f5b3d09b510430dc90444e30d5884bb6d
+  data.tar.gz: 960344a9abbf87cf2822b69df41732f1e4f656c496e3e2b7397c82b6995bcf7d
+SHA512:
+  metadata.gz: d55935c5a579644f9fc95cb649a51ab00d200fecea37ef19cb7e30ca88cb672bb90e37bfa74f256507cb4e07fd6e3af9260851d9d95e6ca012bc108968f16ff2
+  data.tar.gz: 8ec910b5a74b6b419cfb1bbac8ab87d0eab232c97f3e0550257a0957e01282dff2e2f42c9cb20f9385586f7a5dffb19c88480b6656f58e12ce72eea04674e99d

data/.circleci/config.yml

@@ -0,0 +1,130 @@
+version: 2
+
+defaults: &defaults
+  docker: &ruby_image
+    - &ruby_image
+      image: circleci/ruby:2.4.4-stretch
+      environment:
+        RUBYOPT: '-KU -E utf-8:utf-8'
+        BUNDLE_PATH: vendor/bundle
+        BUNDLE_VERSION: 1.15.2
+        BUNDLE_JOBS: 4
+        BUNDLE_RETRY: 3
+
+filters:
+  test: &filter_test
+    filters:
+      tags:
+        ignore: /^v.*/
+  beta: &filter_beta
+    filters:
+      branches:
+        ignore: /.*/
+      tags:
+        only: /^v[0-9]+(\.[0-9]+)+(\.[a-z].+).*/
+  release: &filter_release
+    filters:
+      branches:
+        ignore: /.*/
+      tags:
+        only: /^v[0-9]+(\.[0-9]+)+/
+
+workflows:
+  version: 2
+  build_test:
+    jobs:
+      - "Checkout":
+          <<: *filter_test
+          context: org-global
+      - "Build":
+          <<: *filter_test
+          context: org-global
+          requires:
+            - "Checkout"
+  build_test_beta:
+    jobs:
+      - "Checkout":
+          <<: *filter_beta
+          context: org-global
+      - "Build":
+          <<: *filter_beta
+          context: org-global
+          requires:
+            - "Checkout"
+      - "Publish":
+          <<: *filter_beta
+          context: org-global
+          requires:
+            - "Build"
+  build_test_release:
+    jobs:
+      - "Checkout":
+          <<: *filter_release
+          context: org-global
+      - "Build":
+          <<: *filter_release
+          context: org-global
+          requires:
+            - "Checkout"
+      - "Publish":
+          <<: *filter_release
+          context: org-global
+          requires:
+            - "Build"
+
+jobs:
+  "Checkout":
+    <<: *defaults
+    steps:
+      - attach_workspace:
+          at: .
+      - checkout
+
+      - restore_cache:
+          keys:
+            - netsoft-danger-bundle-v2-{{ checksum "Gemfile" }}-{{ checksum "netsoft-danger.gemspec" }}
+      - run:
+          name: Install bundler
+          command: gem install bundler --version=$BUNDLE_VERSION
+      - run:
+          name: Bundle Install
+          command: |-
+            bundle _${BUNDLE_VERSION}_ check || bundle _${BUNDLE_VERSION}_ install --retry=$BUNDLE_RETRY
+      - save_cache:
+          key: netsoft-danger-bundle-v2-{{ checksum "Gemfile" }}-{{ checksum "netsoft-danger.gemspec" }}
+          paths:
+            - vendor/bundle
+            - Gemfile.lock
+
+      - persist_to_workspace:
+          root: .
+          paths: .
+  "Build":
+    <<: *defaults
+    steps:
+      - attach_workspace:
+          at: .
+      - run:
+          name: Install bundler
+          command: gem install bundler --version=$BUNDLE_VERSION
+      - run:
+          name: Build gem
+          command: |-
+            gem build *.gemspec
+      - run:
+          name: Run Danger
+          command: |-
+            bundle exec danger
+  "Publish":
+    <<: *defaults
+    steps:
+      - attach_workspace:
+          at: .
+      - run:
+          name: Deploy to gem server
+          command: |-
+            ./bin/tag_check.sh
+            rm -rf pkg
+            gem install geminabox
+            rake build
+            gem inabox -g ${HUBSTAFF_GEM_SERVER} pkg/*

data/.gitignore

@@ -0,0 +1,5 @@
+/.idea
+/Gemfile.lock
+/.ruby-*
+/pkg
+/node_modules

data/Dangerfile

@@ -0,0 +1,105 @@
+# Don't let testing shortcuts get into master by accident
+if Dir.exists?('spec')
+  fail("fdescribe left in tests") if `grep -r -e '\\bfdescribe\\b' spec/ |grep -v 'danger ok' `.length > 1
+  fail("fcontext left in tests") if `grep -r -e '\\bfcontext\\b' spec/ |grep -v 'danger ok' `.length > 1
+  fail("fit left in tests") if `grep -r -e '\\bfit\\b' spec/ | grep -v 'danger ok' `.length > 1
+  fail("ap left in tests") if `grep -r -e '\\bap\\b' spec/ | grep -v 'danger ok' `.length > 1
+  fail("puts left in tests") if `grep -r -e '\\bputs\\b' spec/ | grep -v 'danger ok' `.length > 1
+end
+
+if File.exists?('Gemfile')
+  if `grep -r -e "^ *gem 'hubstaff_[a-z]\\+" Gemfile | grep -e ",.\\+[a-zA-Z]" `.length > 1
+    fail("[gemfile] Beta hubstaff_* gems are not allowed in master/production")
+  end
+  if `grep -r -e "^ *gem 'hubstaff_[a-z]\\+" Gemfile | grep -e ",.\\+'[~>=]\\+.\\+[a-zA-Z]" `.length > 1
+    fail("[gemfile] Beta hubstaff_* gems should be the exact version")
+  end
+  if `grep -r -e "^ *gem 'hubstaff_[a-z]\\+" Gemfile | grep -e ",.\\+[' ][0-9.]\\+'" | grep -v '~>' `.length > 1
+    fail("[gemfile] Release hubstaff_* gems should be using a ~> version")
+  end
+end
+
+git.commits.each do |c|
+  short = " ( #{c.sha[0..7]} )"
+  has_migrations = c.diff_parent.any? {|f| f.path =~ /db\/migrate\// }
+  has_schema_changes = c.diff_parent.any? {|f| f.path =~ /db\/schema\.rb/ }
+  has_migration_msg = c.message =~ /^\[migration\]/
+  no_schema_ok = ENV['DANGER_NO_SCHEMA_OK'] || false
+  if has_migrations || has_schema_changes
+    unless has_migration_msg
+      fail '[migration] Schema migration commits need to be prefixed with [migration]' + short
+    end
+    if has_migrations && !has_schema_changes && !no_schema_ok
+      fail '[migration] Please checkin your schema.rb changes with your migration' + short
+    end
+    if !has_migrations && has_schema_changes
+      warn '[migration] Please checkin your migrations with your schema.rb changes' + short
+    end
+    if c.diff_parent.any? {|f| !( f.path =~ /db\/migrate\// or f.path =~ /db\/schema.rb/ ) }
+      fail '[migration] Migration commit contains non-migration changes' + short
+    end
+  elsif has_migration_msg
+    fail '[migration] Migration commit with no migrations!' + short
+  end
+
+  has_hubstaff_icon_changes = c.diff_parent.any? {|f| f.path =~ /hubstaff(icons|font)/ || f.path =~ /fontcustom-manifest/ }
+  if has_hubstaff_icon_changes
+    if c.diff_parent.any? {|f| !( f.path =~ /hubstaff-(icons|font)/ || f.path =~ /fontcustom-manifest/ ) }
+      fail '[hubstaff-icons] Put hubstaff-icon changes into their own commit' + short
+    end
+  end
+
+  has_gemfile_changes = c.diff_parent.any? {|f| f.path =~ /Gemfile/ || f.path =~ /gemspec/ }
+  has_gemfile_msg = c.message =~ /^\[gemfile\]/
+  if has_gemfile_changes
+    unless has_gemfile_msg
+      fail '[gemfile] Gemfile commits need to be prefixed with [gemfile] ' + short
+    end
+    if c.diff_parent.any? {|f| !( f.path =~ /Gemfile/ || f.path =~ /gemspec/ ) }
+      fail '[gemfile] Gemfile commit contains non-gemfile changes' + short
+    end
+    if c.diff_parent.any? {|f| f.path == 'Gemfile.lock' }
+      unless `grep -e '^   1.15.2$' Gemfile.lock`.length > 1
+        fail("[gemfile] Gemfile not bundled with bundler 1.15.2")
+      end
+    end
+  elsif has_gemfile_msg
+    fail '[gemfile] Gemfile commit has no gemfile changes!' + short
+  end
+end
+
+require 'open-uri'
+
+artifact_url = "https://circleci.com/api/v1.1/project/github/#{ENV['CIRCLE_PROJECT_USERNAME']}/#{ENV["CIRCLE_PROJECT_REPONAME"]}/#{ENV['CIRCLE_BUILD_NUM']}/artifacts?circle-token=#{ENV['CIRCLE_TOKEN']}"
+artifacts = JSON.load(open(artifact_url).read).map{|a| a["url"]}
+
+jest = artifacts.find{ |artifact| artifact.end_with?('jest/index.html') }
+coverage = artifacts.find{ |artifact| artifact.end_with?('coverage/index.html') }
+rubocop = artifacts.find{ |artifact| artifact.end_with?('rubocop/report.html') }
+eslint = artifacts.find{ |artifact| artifact.end_with?('eslint/report.html') }
+rspec_files = artifacts.select{ |artifact| artifact =~ /rspec-(.+)\.html$/ }
+
+{}.tap do |hash|
+  hash['Ruby coverage report'] = coverage if coverage
+  hash['RSpec test report'] = rspec_files unless rspec_files.empty?
+  hash['RuboCop inspection report'] = rubocop if rubocop
+  hash['ESLint inspection report'] = eslint if eslint
+  hash['Jest coverage report'] = jest if jest
+end.each do |msg, links|
+  links = [*links]
+  if links.size == 1
+    message("[#{msg}](#{links[0]})")
+  else
+    r         = /rspec-(.+)\.html$/
+    the_links = links.map do |l|
+      m = r.match(l)
+      if m
+        "[#{m[1]}](#{l})"
+      else
+        "[link](#{l})"
+      end
+    end.join(', ')
+
+    message("#{msg} - #{the_links}")
+  end
+end

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/README.md

@@ -0,0 +1,4 @@
+# README
+
+This is Netsoft's Dangerfile configuration for managing our pull requests
+

data/Rakefile

@@ -0,0 +1,5 @@
+require 'bundler'
+Bundler::GemHelper.install_tasks
+
+desc 'Default: run build.'
+task :default => :build

data/bin/netsoft-circle

@@ -0,0 +1,86 @@
+#!/usr/bin/env ruby
+
+require 'thor'
+require 'fileutils'
+
+class NetsoftCircle < Thor
+  desc 'setup', 'Setup Heroku for deployment'
+  def setup
+
+    File.open("#{ENV['HOME']}/.netrc", 'a+') do |file|
+      file << <<-EOF
+
+machine api.heroku.com
+  login #{ENV['HEROKU_LOGIN']}
+  password #{ENV['HEROKU_API_KEY']}
+machine git.heroku.com
+  login #{ENV['HEROKU_LOGIN']}
+  password #{ENV['HEROKU_API_KEY']}
+EOF
+    end
+
+    Dir.mkdir("#{ENV['HOME']}/.ssh") unless Dir.exists?("#{ENV['HOME']}/.ssh")
+    File.open("#{ENV['HOME']}/.ssh/config", 'a+') do |file|
+      file << <<-EOF
+
+VerifyHostKeyDNS yes
+StrictHostKeyChecking no
+EOF
+    end
+
+    system('git config --global url."https://git.heroku.com/".insteadOf heroku:')
+    exit(1) unless $?.success?
+  end
+
+  desc 'merge', 'Merges several simplecov json result files'
+  option :output, type: :string, aliases: '-o', desc: 'Specify an alternate output directory for the produced coverage data'
+  def merge(*files)
+    require 'simplecov'
+    return if files.empty?
+    results = []
+
+    files.each do |file|
+      json = JSON.parse(File.read(file))
+      json.each do |command_name, data|
+        result = SimpleCov::Result.from_hash(command_name => data)
+        results << result
+      end
+    end
+
+    merged_result = SimpleCov::ResultMerger.merge_results(*results)
+    SimpleCov.coverage_dir options[:output] unless options[:output].nil?
+    SimpleCov::Formatter::HTMLFormatter.new.format(merged_result)
+  end
+
+  desc 'rspec', 'Run rspec'
+  def rspec
+    system <<-EOF
+      bundle _${BUNDLE_VERSION}_ exec rspec \
+        --color \
+        --format RspecJunitFormatter \
+        --out $CIRCLE_TEST_REPORTS/rspec/junit.xml \
+        --format html \
+        --out $CIRCLE_ARTIFACTS/rspec.html \
+        --format progress \
+        $(circleci tests glob "spec/**/*_spec.rb" | circleci tests split --split-by=timings)
+    EOF
+    exit(1) unless $?.success?
+  end
+
+  desc 'rubocop', 'Run rubocop'
+  def rubocop
+    system <<-EOF
+      bundle _${BUNDLE_VERSION}_ exec rubocop \
+        --format progress \
+        --format html \
+        --out $CIRCLE_ARTIFACTS/rubocop/report.html
+    EOF
+    exit(1) unless $?.success?
+  end
+
+  def self.exit_on_failure?
+    true
+  end
+end
+
+NetsoftCircle.start

data/bin/tag_check.sh

@@ -0,0 +1,17 @@
+#!/bin/sh
+
+tag=`git describe --tags --exact-match  HEAD 2> /dev/null`
+
+if [ $? -eq 0 ]; then
+  version=`grep VERSION lib/netsoft-danger/version.rb | sed -e "s/.*'\([^']*\)'.*/\1/"`
+  
+  if [ "v$version" = "$tag" ]; then
+    echo "Revision $tag Matches $version"
+  else
+    echo "Revision $tag does not match $version"
+    exit 2
+  fi
+else
+  echo "No tag found"
+  exit 1
+fi

data/dangerfiles/issue.js

@@ -0,0 +1,3 @@
+import {message} from "danger"
+
+// message("Hello from Peril on your new issue.")

data/dangerfiles/pr.js

@@ -0,0 +1,49 @@
+import {danger, warn, fail, message} from "danger";
+
+if (!danger.github.issue.labels.length) {
+  fail('Please add labels to this PR');
+}
+
+var labels = danger.github.issue.labels.map(l => l.name);
+
+// Make it more obvious that a PR is a work in progress and shouldn't be merged yet
+if (labels.includes('work in progress') || danger.git.commits.find(c => c && c.message.includes('WIP'))) {
+  fail("PR is a Work in Progress");
+}
+
+if ((danger.github.pr.body || '').length < 5) {
+  fail("Please provide a summary in the Pull Request description");
+}
+
+if (!labels.includes('review passed')) {
+  fail("Has not passed code-review");
+}
+
+if (!labels.includes('QA passed')) {
+  fail("Has not passed QA");
+}
+
+if (!danger.github.pr.base.ref.includes('master')) {
+  warn("PR base is not set to master!");
+}
+
+// Warn when there is a big PR
+if (500 < (danger.github.pr.additions + danger.github.pr.deletions)) {
+  warn(':exclamation: Big PR');
+}
+
+if (danger.git.commits.find(c => c && c.message.match(/Merge branch/))) {
+  fail('Please rebase to remove merge commits in this PR');
+}
+
+if (danger.git.commits.find(c => c && c.message.match(/(fixup|squash)!/))) {
+  fail("Contains a fixup or squash commit");
+}
+
+if (!danger.github.pr.milestone) {
+  fail('Requires a milestone before merging!');
+} else {
+  // we can do additional checks on the milestone name if we want.
+  // e.g. inspect milestone.title or milestone.description
+}
+

data/lib/netsoft-danger/cops/netsoft/auth_http_positional_arguments.rb

@@ -0,0 +1,142 @@
+# frozen_string_literal: true
+
+require 'rubocop/cop/mixin/target_rails_version'
+
+module RuboCop
+  module Cop
+    module Netsoft
+      # This cop is used to identify usages of http methods like `get`, `post`,
+      # `put`, `patch` without the usage of keyword arguments in your tests and
+      # change them to use keyword args. This cop only applies to Rails >= 5.
+      # If you are running Rails < 5 you should disable the
+      # Netsoft/HttpPositionalArguments cop or set your TargetRailsVersion in your
+      # .rubocop.yml file to 4.0, etc.
+      #
+      # @example
+      #   # bad
+      #   get :new, { user_id: 1}
+      #
+      #   # good
+      #   get :new, params: { user_id: 1 }
+      class AuthHttpPositionalArguments < Cop
+        extend RuboCop::Cop::TargetRailsVersion
+
+        MSG = 'Use keyword arguments instead of ' \
+              'positional arguments for http call: `%<verb>s`.'.freeze
+        KEYWORD_ARGS = %i[
+          method params session body flash xhr as headers env
+        ].freeze
+        HTTP_METHODS = %i[get post put patch delete head].freeze
+        HTTP_AUTH_METHODS = %i[get_with post_with put_with patch_with delete_with].freeze
+
+        minimum_target_rails_version 5.0
+
+        def_node_matcher :http_request?, <<-PATTERN
+          (send nil? {#{HTTP_METHODS.map(&:inspect).join(' ')}} !nil? $_ ...)
+        PATTERN
+
+        def_node_matcher :http_auth_request?, <<-PATTERN
+          (send nil? {#{HTTP_AUTH_METHODS.map(&:inspect).join(' ')}} !nil? !nil? $_ ...)
+        PATTERN
+
+        def on_send(node)
+          http_request?(node) do |data|
+            return unless needs_conversion?(data)
+
+            add_offense(node, location: :selector,
+                        message: format(MSG, verb: node.method_name))
+          end
+
+          http_auth_request?(node) do |data|
+            return unless auth_needs_conversion?(data)
+
+            add_offense(node, location: :selector,
+                        message: format(MSG, verb: node.method_name))
+          end
+        end
+
+        # given a pre Rails 5 method: get :new, {user_id: @user.id}, {}
+        #
+        # @return lambda of auto correct procedure
+        # the result should look like:
+        #     get :new, params: { user_id: @user.id }, session: {}
+        # the http_method is the method used to call the controller
+        # the controller node can be a symbol, method, object or string
+        # that represents the path/action on the Rails controller
+        # the data is the http parameters and environment sent in
+        # the Rails 5 http call
+        def autocorrect(node)
+          has_auth = HTTP_AUTH_METHODS.include?(node.method_name.to_sym)
+          if has_auth
+            user, http_path, *data = *node.arguments
+          else
+            http_path, *data = *node.arguments
+          end
+
+          controller_action = http_path.source
+          params = convert_hash_data(data.first, 'params')
+          session = convert_hash_data(data.last, 'session') if data.size > 1
+          # the range of the text to replace, which is the whole line
+          code_to_replace = node.loc.expression
+          # what to replace with
+          format = parentheses_format(node)
+          new_code = format(format, name: node.method_name,
+                            action: has_auth ? [user.source, controller_action].join(',') : controller_action,
+                            params: params, session: session)
+          ->(corrector) { corrector.replace(code_to_replace, new_code) }
+        end
+
+        private
+
+        def needs_conversion?(data)
+          return true unless data.hash_type?
+
+          data.each_pair.none? do |pair|
+            special_keyword_arg?(pair.key) ||
+                format_arg?(pair.key) && data.pairs.one?
+          end
+        end
+
+        def auth_needs_conversion?(data)
+          return true unless data.hash_type?
+
+          data.each_pair.none? do |pair|
+            special_keyword_arg?(pair.key) ||
+                format_arg?(pair.key) && data.pairs.one?
+          end
+        end
+
+        def special_keyword_arg?(node)
+          node.sym_type? && KEYWORD_ARGS.include?(node.value)
+        end
+
+        def format_arg?(node)
+          node.sym_type? && node.value == :format
+        end
+
+        def convert_hash_data(data, type)
+          return '' if data.hash_type? && data.empty?
+
+          hash_data = if data.hash_type?
+                        format('{ %<data>s }',
+                               data: data.pairs.map(&:source).join(', '))
+                      else
+                        # user supplies an object,
+                        # no need to surround with braces
+                        data.source
+                      end
+
+          format(', %<type>s: %<hash_data>s', type: type, hash_data: hash_data)
+        end
+
+        def parentheses_format(node)
+          if parentheses?(node)
+            '%<name>s(%<action>s%<params>s%<session>s)'
+          else
+            '%<name>s %<action>s%<params>s%<session>s'
+          end
+        end
+      end
+    end
+  end
+end

data/lib/netsoft-danger/cops.rb

@@ -0,0 +1 @@
+require_relative 'cops/netsoft/auth_http_positional_arguments'

data/lib/netsoft-danger/version.rb

@@ -0,0 +1,3 @@
+module NetsoftDanger
+  VERSION = '0.3.0'.freeze
+end

data/lib/netsoft-danger.rb

@@ -0,0 +1,3 @@
+require 'rubocop'
+
+require_relative 'netsoft-danger/cops'

data/netsoft-danger.gemspec

@@ -0,0 +1,25 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path('../lib', __FILE__)
+require 'netsoft-danger/version'
+
+Gem::Specification.new do |s|
+  s.name        = 'netsoft-danger'
+  s.version     = NetsoftDanger::VERSION
+  s.authors     = ['urkle']
+  s.email       = []
+  s.homepage    = 'https://github.com/NetsoftHoldings/danger'
+  s.summary     = 'Danger.systems conventions for Netsoft projects.'
+  s.description = 'Packages a Dangerfile to be used with Danger.'
+  s.executables << 'netsoft-circle'
+
+  s.files         = `git ls-files`.split("\n")
+  s.require_paths = ['lib']
+
+  s.add_development_dependency 'rake'
+  s.add_runtime_dependency 'danger', '~> 5.0'
+  s.add_runtime_dependency 'rubocop', '~> 0.74.0'
+  s.add_runtime_dependency 'rubocop-rails', '~> 2.2.1'
+  s.add_runtime_dependency 'rubocop-performance', '~> 1.4.1'
+  s.add_runtime_dependency 'rubocop-rspec', '~> 1.35.0'
+  s.add_runtime_dependency 'thor'
+end

data/package.json

@@ -0,0 +1,5 @@
+{
+  "devDependencies": {
+    "danger": "^3.7.16"
+  }
+}

data/rubocop/config-2019-08-12.yml

@@ -0,0 +1,46 @@
+require:
+  - netsoft-danger
+  - rubocop-rails
+  - rubocop-performance
+  - rubocop-rspec
+
+AllCops:
+  TargetRubyVersion: 2.4
+  TargetRailsVersion: 5.2
+  DisplayStyleGuide: true
+  StyleGuideBaseURL: https://rubystyle.guide
+  Exclude:
+    - 'db/**/*'
+    - 'coverage/**/*'
+    - 'log/**/*'
+    - 'public/**/*'
+    - 'tmp/**/*'
+    - 'spec/dummy/**/*'
+Rails:
+  Enabled: true
+Rails/HttpPositionalArguments:
+  Enabled: false
+Netsoft/AuthHttpPositionalArguments:
+  Enabled: true
+  Include:
+    - 'spec/controllers/**/*'
+RSpec/NotToNot:
+  EnforcedStyle: to_not
+RSpec/ExpectChange:
+  EnforcedStyle: block
+Style/TrailingCommaInArrayLiteral:
+  EnforcedStyleForMultiline: comma
+Style/TrailingCommaInHashLiteral:
+  EnforcedStyleForMultiline: comma
+Layout/SpaceInsideBlockBraces:
+  EnforcedStyle: no_space
+  SpaceBeforeBlockParameters: false
+Layout/AlignHash:
+  EnforcedHashRocketStyle: table
+  EnforcedColonStyle: table
+Layout/IndentFirstHashElement:
+  IndentationWidth: 4
+Layout/SpaceInsideHashLiteralBraces:
+  EnforcedStyle: no_space
+Layout/IndentAssignment:
+  IndentationWidth: 4

data/settings-peril.json

@@ -0,0 +1,10 @@
+{
+  "settings": {
+  },
+  "rules": {
+    "pull_request": "NetsoftHoldings/danger@dangerfiles/pr.js",
+    "issues": "NetsoftHoldings/danger@dangerfiles/issue.js"
+  },
+  "repos" : {
+  }
+}