puppetfile-resolver 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7369652a185b5b8cbd2cbcbf4c0a728303a03779e8c5fc363430855de1f90f31
-  data.tar.gz: 7b9457a73ad065fed6edefd3c756ed4b90a1c660548a88ba2b1411d07668e8fd
+  metadata.gz: b1199057b00e6f612fd02343cc707cc1e6a4dba3ab20a6956b270c92387a66c7
+  data.tar.gz: d5e706548dc0a8a31fa8573ef96fd130c84307a9a3ca74e97a9966612c731baf
 SHA512:
-  metadata.gz: c7af088bf31a4c96bd1fe3cf2a3853297d079c2fdd15d7c49a4aeb3f1e1290c88c58298ab7a63c326420e67fc74c86051f6858ed98b9337ddcf0e73a25603c15
-  data.tar.gz: 0d32efc05cd6a1ffcb6825ce4a78fd919aa8705a5b45cd930912ac723d9271988e912a2985c91b4603a2610be4edc9fb687d644e4ac8df0cb53197fc776a1ad1
+  metadata.gz: c1424077c5301bd3b7bdc95bee51576c469d27a29d0637b7bada2d7a04f22b744b560cd84c47652e0ca9ff780d1d07252bffd103a096c1b5e931ca20fda58bb3
+  data.tar.gz: 6492e8028bbb1e4c91ea2a3fe9825a3554cdf30826a3d5eff16a519589422b452cd0faebf1663ca8cd53bbe24ba70ee84ac14f16f067234166b73df3471801ff

data/README.md

@@ -1,4 +1,5 @@
-[![Build Status](https://travis-ci.com/lingua-pupuli/puppetfile-resolver.svg?branch=master)](https://travis-ci.com/lingua-pupuli/puppetfile-resolver)
+[![Build Status](https://travis-ci.com/glennsarti/puppetfile-resolver.svg?branch=master)](https://travis-ci.com/glennsarti/puppetfile-resolver)
+[![Gem Version](https://img.shields.io/gem/v/puppetfile-resolver)](https://rubygems.org/gems/puppetfile-resolver)
 
 # Puppetfile Resolver
 
@@ -12,158 +13,10 @@ This library includes all of the code to parse a Puppetfile and then calculate a
 
 **Note** This is still in active development. Git history may be re-written until an initial version is released
 
-## To Do
+## Documentation
 
-- Could do with more tests
-- Add YARD documentation
-
-## Why a library and not a CLI tool?
-
-Due to all of the different needs of tool developers, this is offered as a library instead of full blown CLI tool. For example, the needs of a VSCode Extensions developer are very different than that of the Puppet Developer Kit developer.
-
-Therefore this is a library which is intended to be used by tool developers to create useful tools for users, and not really for direct use by users.
-
-Note that a CLI is included (`puppetfile-cli.rb`) only as an example of how to create a tool using this library.
-
-## Architecture
-
-``` text
-                    +-----------------+   +-----------------+   +-----------------+
-                    | Forge Searcher  |   | Github Searcher |   | Local Searcher  |
-                    +-------+---------+   +--------+--------+   +-------+---------+
-                            |                      |                    |
-                            +----------------------+--------------------+
-                                                   |
-                                                   |
-                                                   V
-            +--------+                        +----------+                          +-------------------+
--- Text --> | Parser | -- Document Model -+-> | Resolver | -- Dependency Graph -+-> | Resolution Result |
-            +--------+                    |   +----------+                      |   +-------------------+
-                                          |                                     |
-                                          |                                     |
-                                          V                                     V
-                                    +-----------+                         +------------+
-                                    | Document  |                         | Resolution |
-                                    | Validator |                         | Validator  |
-                                    +-----------+                         +------------+
-```
-
-### Puppetfile Parser
-
-The parser converts the content of a Puppetfile into a document model (`PuppetfileResolver::Puppetfile`).
-
-Currently only one Parser is available, `R10KEval`, which uses the same parsing logic as the [R10K Parser](https://github.com/puppetlabs/r10k/blob/master/lib/r10k/puppetfile.rb). In the future other parsers may be added, such as a [Ruby AST based parser](https://github.com/puppetlabs/r10k/pull/885).
-
-#### R10KEval Parser
-
-Sometimes it necessary to instruct the Resolver to ignore certain rules, for example ignoring the Puppet restrictions on a module because it has old metadata. The R10KEval Parser can read ruby comments which have special meanings, similar to how [rubocop](https://docs.rubocop.org/en/stable/) uses [magic comments](https://docs.rubocop.org/en/stable/configuration/#disabling-cops-within-source-code).
-
-The R10KEval Parser uses the magic comment of `# resolver:disable` to disable tasks.  For example;
-
-You can set a comment for one module like this:
-
-``` ruby
-mod 'puppetlabs-stdlib', :latest # resolver:disable Dependency/All
-```
-
-or for many modules by wrapping the modules like this:
-
-``` ruby
-# resolver:disable Dependency/All
-mod 'puppetlabs-stdlib', :latest
-mod 'puppetlabs-apache', '1.0.0'
-# resolver:ensable Dependency/All
-```
-
-You can also set multiple items by using a comma like this:
-
-``` ruby
-mod 'puppetlabs-stdlib', :latest # resolver:disable Dependency/All,Dependency/Puppet
-```
-
-Note there is no space between items.
-
-The available settings are:
-
-| Setting Name        | Description |
-| --------------------| ----------- |
-| `Dependency/Puppet` | Instructs the resolver to ignore any Puppet version in its dependency traversal for the specified modules. Useful for modules with outdated metadata.json information |
-| `Dependency/All`    | Instructs the resolver to ignore any, and all, dependencies in its dependency traversal of the specified module. Useful for modules with outdated metadata.json information. |
-
-### Puppetfile Document Validation
-
-Even though a Puppetfile can be parsed, doesn't mean it's valid. For example, defining a module twice.
-
-### Puppetfile Resolution
-
-Given a Puppetfile document model, the library can attempt to recursively resolve all of the modules and their dependencies. The resolver be default will not be strict, that is, missing dependencies will not throw an error, and will attempt to also be resolved. When in strict mode, any missing dependencies will throw errors.
-
-### Module Searchers
-
-The Puppetfile resolution needs information about all of the available modules and versions, and does this through calling various Specification Searchers. Currently Puppet Forge, Github and Local FileSystem searchers are implemented. Additional searchers could be added, for example GitLab or SVN.
-
-The result is a dependency graph listing all of the modules, dependencies and version information.
-
-### Resolution validation
-
-Even though a Puppetfile can be resolved, doesn't mean it is valid. For example, missing module dependencies are not considered valid.
-
-### Dependency Graph
-
-The resolver uses the [Molinillo](https://github.com/CocoaPods/Molinillo) ruby gem for dependency resolution. Molinillo is used in Bundler, among other gems, so it's well used and maintained project.
-
-### Example workflow
-
-1. Load the contents of a Puppetfile from disk
-
-2. Parse the Puppetfile into a document model
-
-3. Verify that the document model is valid
-
-4. Create a resolver object with the document model, and the required Puppet version (optional)
-
-5. Start the resolution
-
-6. Validate the resolution against the document model
-
-### Example usage
-
-``` ruby
-puppetfile_path = '/path/to/Puppetfile'
-
-# Parse the Puppetfile into an object model
-content = File.open(puppetfile_path, 'rb') { |f| f.read }
-require 'puppetfile-resolver/puppetfile/parser/r10k_eval'
-puppetfile = ::PuppetfileResolver::Puppetfile::Parser::R10KEval.parse(content)
-
-# Make sure the Puppetfile is valid
-unless puppetfile.valid?
-  puts 'Puppetfile is not valid'
-  puppetfile.validation_errors.each { |err| puts err }
-  exit 1
-end
-
-# Create the resolver
-# - Use the document we just parsed (puppetfile)
-# - Don't restrict by Puppet version (nil)
-resolver = PuppetfileResolver::Resolver.new(puppetfile, nil)
-
-# Configure the resolver
-cache                 = nil  # Use the default inmemory cache
-ui                    = nil  # Don't output any information
-module_paths          = []   # List of paths to search for modules on the local filesystem
-allow_missing_modules = true # Allow missing dependencies to be resolved
-opts = { cache: cache, ui: ui, module_paths: module_paths, allow_missing_modules: allow_missing_modules }
-
-# Resolve
-result = resolver.resolve(opts)
-
-# Output resolution validation errors
-result.validation_errors.each { |err| puts "Resolution Validation Error: #{err}\n"}
-```
-
-## Known issues
-
-- The Forge module searcher will only use the internet facing forge ([https://forge.puppet.com](https://forge.puppet.com/)). Self-hosted forges are not supported
-
-- The Git module searcher will only search public Github based modules. Private repositories or other VCS systems are not supported
+- [About](https://glennsarti.github.io/puppetfile-resolver/)
+- [Architecture](https://glennsarti.github.io/puppetfile-resolver/architecture)
+- [Parsers](https://glennsarti.github.io/puppetfile-resolver/parsers)
+- [Example Usage](https://glennsarti.github.io/puppetfile-resolver/example_usage)
+- [Known Issues](https://glennsarti.github.io/puppetfile-resolver/known_issues)

data/lib/puppetfile-resolver/data/ruby_ca_certs.pem

@@ -1,7 +1,7 @@
 ##
 ## Bundle of CA Root Certificates
 ##
-## Certificate data from Mozilla as of: Wed Oct 16 03:12:09 2019 GMT
+## Certificate data from Mozilla as of: Wed Jan  1 04:12:10 2020 GMT
 ##
 ## This is a bundle of X.509 certificates of public Certificate Authorities
 ## (CA). These were automatically extracted from Mozilla's root certificates
@@ -14,7 +14,7 @@
 ## Just configure this file as the SSLCACertificateFile.
 ##
 ## Conversion done with mk-ca-bundle.pl version 1.27.
-## SHA256: c979c6f35714a0fedb17d9e5ba37adecbbc91a8faf4186b4e23d6f9ca44fd6cb
+## SHA256: f3bdcd74612952da8476a9d4147f50b29ad0710b7dd95b4c8690500209986d70
 ##
 
 
@@ -3430,3 +3430,37 @@ hcErulWuBurQB7Lcq9CClnXO0lD+mefPL5/ndtFhKvshuzHQqp9HpLIiyhY6UFfEW0NnxWViA0kB
 60PZ2Pierc+xYw5F9KBaLJstxabArahH9CdMOA0uG0k7UvToiIMrVCjU8jVStDKDYmlkDJGcn5fq
 dBb9HxEGmpv0
 -----END CERTIFICATE-----
+
+Entrust Root Certification Authority - G4
+=========================================
+-----BEGIN CERTIFICATE-----
+MIIGSzCCBDOgAwIBAgIRANm1Q3+vqTkPAAAAAFVlrVgwDQYJKoZIhvcNAQELBQAwgb4xCzAJBgNV
+BAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3Qu
+bmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxNSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1
+dGhvcml6ZWQgdXNlIG9ubHkxMjAwBgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1
+dGhvcml0eSAtIEc0MB4XDTE1MDUyNzExMTExNloXDTM3MTIyNzExNDExNlowgb4xCzAJBgNVBAYT
+AlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0
+L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxNSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhv
+cml6ZWQgdXNlIG9ubHkxMjAwBgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhv
+cml0eSAtIEc0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsewsQu7i0TD/pZJH4i3D
+umSXbcr3DbVZwbPLqGgZ2K+EbTBwXX7zLtJTmeH+H17ZSK9dE43b/2MzTdMAArzE+NEGCJR5WIoV
+3imz/f3ET+iq4qA7ec2/a0My3dl0ELn39GjUu9CH1apLiipvKgS1sqbHoHrmSKvS0VnM1n4j5pds
+8ELl3FFLFUHtSUrJ3hCX1nbB76W1NhSXNdh4IjVS70O92yfbYVaCNNzLiGAMC1rlLAHGVK/XqsEQ
+e9IFWrhAnoanw5CGAlZSCXqc0ieCU0plUmr1POeo8pyvi73TDtTUXm6Hnmo9RR3RXRv06QqsYJn7
+ibT/mCzPfB3pAqoEmh643IhuJbNsZvc8kPNXwbMv9W3y+8qh+CmdRouzavbmZwe+LGcKKh9asj5X
+xNMhIWNlUpEbsZmOeX7m640A2Vqq6nPopIICR5b+W45UYaPrL0swsIsjdXJ8ITzI9vF01Bx7owVV
+7rtNOzK+mndmnqxpkCIHH2E6lr7lmk/MBTwoWdPBDFSoWWG9yHJM6Nyfh3+9nEg2XpWjDrk4JFX8
+dWbrAuMINClKxuMrLzOg2qOGpRKX/YAr2hRC45K9PvJdXmd0LhyIRyk0X+IyqJwlN4y6mACXi0mW
+Hv0liqzc2thddG5msP9E36EYxr5ILzeUePiVSj9/E15dWf10hkNjc0kCAwEAAaNCMEAwDwYDVR0T
+AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJ84xFYjwznooHFs6FRM5Og6sb9n
+MA0GCSqGSIb3DQEBCwUAA4ICAQAS5UKme4sPDORGpbZgQIeMJX6tuGguW8ZAdjwD+MlZ9POrYs4Q
+jbRaZIxowLByQzTSGwv2LFPSypBLhmb8qoMi9IsabyZIrHZ3CL/FmFz0Jomee8O5ZDIBf9PD3Vht
+7LGrhFV0d4QEJ1JrhkzO3bll/9bGXp+aEJlLdWr+aumXIOTkdnrG0CSqkM0gkLpHZPt/B7NTeLUK
+YvJzQ85BK4FqLoUWlFPUa19yIqtRLULVAJyZv967lDtX/Zr1hstWO1uIAeV8KEsD+UmDfLJ/fOPt
+jqF/YFOOVZ1QNBIPt5d7bIdKROf1beyAN/BYGW5KaHbwH5Lk6rWS02FREAutp9lfx1/cH6NcjKF+
+m7ee01ZvZl4HliDtC3T7Zk6LERXpgUl+b7DUUH8i119lAg2m9IUe2K4GS0qn0jFmwvjO5QimpAKW
+RGhXxNUzzxkvFMSUHHuk2fCfDrGA4tGeEWSpiBE6doLlYsKA2KSD7ZPvfC+QsDJMlhVoSFLUmQjA
+JOgc47OlIQ6SwJAfzyBfyjs4x7dtOvPmRLgOMWuIjnDrnBdSqEGULoe256YSxXXfW8AKbnuk5F6G
++TaU33fD6Q3AOfF5u0aOq0NZJ7cguyPpVkAh7DE9ZapD8j3fcEThuk0mEDuYn/PIjhs4ViFqUZPT
+kcpG2om3PVODLAgfi49T3f+sHw==
+-----END CERTIFICATE-----

data/lib/puppetfile-resolver/puppetfile.rb

@@ -6,9 +6,11 @@ module PuppetfileResolver
     #
     # DISABLE_PUPPET_DEPENDENCY_FLAG - Instructs the resolver to not consider Puppet version in its dependency traversal. Useful for modules with outdated metadata.json information.
     # DISABLE_ALL_DEPENDENCIES_FLAG - Instructs the resolver to ignore any dependencies in its dependency traversal. Useful for modules with outdated metadata.json information.
+    # DISABLE_LATEST_VALIDATION_FLAG - Instructs the resolution validator to ignore modules that have a version of :latest
     #
     DISABLE_PUPPET_DEPENDENCY_FLAG = :disable_puppet_dependency
     DISABLE_ALL_DEPENDENCIES_FLAG = :disable_all_dependencies
+    DISABLE_LATEST_VALIDATION_FLAG = :disable_latest_validation
   end
 end
 
@@ -20,3 +22,4 @@ require 'puppetfile-resolver/puppetfile/git_module'
 require 'puppetfile-resolver/puppetfile/invalid_module'
 require 'puppetfile-resolver/puppetfile/local_module'
 require 'puppetfile-resolver/puppetfile/svn_module'
+require 'puppetfile-resolver/puppetfile/parser/r10k_eval'

data/lib/puppetfile-resolver/puppetfile/document.rb

@@ -75,6 +75,7 @@ module PuppetfileResolver
           next unless mod.version == :latest
           resolved_module = resolution_result.specifications[mod.name]
           next if resolved_module.nil? || resolved_module.is_a?(PuppetfileResolver::Models::MissingModuleSpecification)
+          next if mod.resolver_flags.include?(PuppetfileResolver::Puppetfile::DISABLE_LATEST_VALIDATION_FLAG)
           @validation_errors << DocumentLatestVersionError.new(
             "Latest version of #{mod.name} is #{resolved_module.version}",
             mod,

data/lib/puppetfile-resolver/puppetfile/parser/r10k_eval.rb

@@ -105,6 +105,8 @@ module PuppetfileResolver
               PuppetfileResolver::Puppetfile::DISABLE_PUPPET_DEPENDENCY_FLAG
             when 'dependency/all'
               PuppetfileResolver::Puppetfile::DISABLE_ALL_DEPENDENCIES_FLAG
+            when 'validation/latestversion'
+              PuppetfileResolver::Puppetfile::DISABLE_LATEST_VALIDATION_FLAG
             else # rubocop:disable Style/EmptyElse We will be adding something here later
               # TODO: Should we log a warning/info here?
               nil

data/lib/puppetfile-resolver/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PuppetfileResolver
-  VERSION ||= '0.1.0'
+  VERSION ||= '0.2.0'
 end

data/spec/unit/puppetfile-resolver/puppetfile/document_spec.rb

@@ -126,6 +126,7 @@ describe 'PuppetfileResolver::Puppetfile::Document' do
       @document_modules = document_fixtures.map do |doc_mod|
         mod = doc_mod[:class].new(doc_mod[:name])
         mod.version = doc_mod[:version]
+        mod.resolver_flags = doc_mod[:flags] unless doc_mod[:flags].nil?
         subject.add_module(mod)
         mod
       end
@@ -207,6 +208,19 @@ describe 'PuppetfileResolver::Puppetfile::Document' do
           puppet_module: @document_modules[0]
         )
       end
+
+      context 'and using the DISABLE_LATEST_VALIDATION_FLAG flag' do
+        let(:document_fixtures) do
+          [
+            { class: PuppetfileResolver::Puppetfile::ForgeModule, name: 'foo', version: :latest, flags: [PuppetfileResolver::Puppetfile::DISABLE_LATEST_VALIDATION_FLAG] }
+          ]
+        end
+
+        it 'should not return a DocumentLatestVersionError' do
+          errors = subject.resolution_validation_errors(resolution_result)
+          expect(errors.count).to eq(0)
+        end
+      end
     end
 
     context 'Given a document with a missing module' do

data/spec/unit/puppetfile-resolver/puppetfile/parser/r10k_eval_spec.rb

@@ -351,6 +351,7 @@ RSpec.shared_examples "a puppetfile parser with magic comments" do
 
       mod 'puppetlabs-magic1', :latest # resolver:disable Dependency/Puppet
       mod 'puppetlabs-magic2', :latest # resolver:disable Dependency/all
+      mod 'puppetlabs-magic3', :latest # resolver:disable Validation/LatestVersion
       EOT
     end
     let(:puppetfile) { subject.parse(puppetfile_content) }
@@ -364,6 +365,11 @@ RSpec.shared_examples "a puppetfile parser with magic comments" do
       mod = get_module(puppetfile, 'puppetlabs-magic2')
       expect(mod.resolver_flags).to eq([PuppetfileResolver::Puppetfile::DISABLE_ALL_DEPENDENCIES_FLAG])
     end
+
+    it 'should add the DISABLE_LATEST_VALIDATION_FLAG flag for Validation/LatestVersion' do
+      mod = get_module(puppetfile, 'puppetlabs-magic3')
+      expect(mod.resolver_flags).to eq([PuppetfileResolver::Puppetfile::DISABLE_LATEST_VALIDATION_FLAG])
+    end
   end
 end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: puppetfile-resolver
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Glenn Sarti
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-03-04 00:00:00.000000000 Z
+date: 2020-03-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: molinillo
@@ -93,7 +93,7 @@ files:
 - spec/unit/puppetfile-resolver/puppetfile/document_spec.rb
 - spec/unit/puppetfile-resolver/puppetfile/parser/r10k_eval_spec.rb
 - spec/unit/puppetfile-resolver/resolver_spec.rb
-homepage: https://github.com/lingua-pupuli/puppetfile-resolver/
+homepage: https://glennsarti.github.io/puppetfile-resolver/
 licenses:
 - Apache-2.0
 metadata: {}