riemann-client 1.0.1 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/dependabot.yml +11 -0
- data/.github/workflows/ci.yml +8 -7
- data/.github/workflows/codeql-analysis.yml +72 -0
- data/.rspec +2 -0
- data/.rubocop.yml +2 -0
- data/CHANGELOG.md +20 -2
- data/Rakefile +1 -1
- data/SECURITY.md +42 -0
- data/lib/riemann/client/tcp_socket.rb +1 -1
- data/lib/riemann/client.rb +32 -12
- data/lib/riemann/version.rb +1 -1
- data/riemann-client.gemspec +2 -1
- data/spec/client_spec.rb +66 -0
- data/spec/shared_examples.rb +531 -0
- data/spec/spec_helper.rb +38 -0
- metadata +32 -10
- data/spec/client.rb +0 -384
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 33657c1dcec6dce903bd90154f17f3a31174b6e0fa146609941dc36960c2b6e2
|
|
4
|
+
data.tar.gz: 372a73585a2046e5af3a16ddd84254af64e6f6d17c6911183cf6c408eb22ac07
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 694404b98fe75bb304f8d8da0903eb128d2600ecd83bc3b6c3d4e2b41eef2695a82e6df00c0f9c3a59115837e58314e6cdb88d56c1b10c959bd912d69ace479c
|
|
7
|
+
data.tar.gz: 874fdd45638f808e1bf9641616fe5342c01c3a51245f9d66542a9aec60751a093462e70c123e027a463dcedfcb608dfc98087ae4ad189fd02aa97210b8e90fdd
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
# To get started with Dependabot version updates, you'll need to specify which
|
|
2
|
+
# package ecosystems to update and where the package manifests are located.
|
|
3
|
+
# Please see the documentation for all configuration options:
|
|
4
|
+
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
|
|
5
|
+
|
|
6
|
+
version: 2
|
|
7
|
+
updates:
|
|
8
|
+
- package-ecosystem: "bundler" # See documentation for possible values
|
|
9
|
+
directory: "/" # Location of package manifests
|
|
10
|
+
schedule:
|
|
11
|
+
interval: "daily"
|
data/.github/workflows/ci.yml
CHANGED
|
@@ -13,7 +13,7 @@ jobs:
|
|
|
13
13
|
lint:
|
|
14
14
|
runs-on: ubuntu-latest
|
|
15
15
|
steps:
|
|
16
|
-
- uses: actions/checkout@
|
|
16
|
+
- uses: actions/checkout@v3
|
|
17
17
|
- name: Setup ruby
|
|
18
18
|
uses: ruby/setup-ruby@v1
|
|
19
19
|
with:
|
|
@@ -27,12 +27,13 @@ jobs:
|
|
|
27
27
|
strategy:
|
|
28
28
|
matrix:
|
|
29
29
|
ruby-version:
|
|
30
|
-
- 2.6
|
|
31
|
-
- 2.7
|
|
32
|
-
- 3.0
|
|
33
|
-
- 3.1
|
|
30
|
+
- '2.6'
|
|
31
|
+
- '2.7'
|
|
32
|
+
- '3.0'
|
|
33
|
+
- '3.1'
|
|
34
|
+
- '3.2'
|
|
34
35
|
steps:
|
|
35
|
-
- uses: actions/checkout@
|
|
36
|
+
- uses: actions/checkout@v3
|
|
36
37
|
- name: Setup Ruby
|
|
37
38
|
uses: ruby/setup-ruby@v1
|
|
38
39
|
with:
|
|
@@ -55,4 +56,4 @@ jobs:
|
|
|
55
56
|
|
|
56
57
|
while ! nc -z localhost 5555; do sleep 1; done
|
|
57
58
|
- name: Run the test suite
|
|
58
|
-
run: bundle exec
|
|
59
|
+
run: bundle exec rspec
|
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
# For most projects, this workflow file will not need changing; you simply need
|
|
2
|
+
# to commit it to your repository.
|
|
3
|
+
#
|
|
4
|
+
# You may wish to alter this file to override the set of languages analyzed,
|
|
5
|
+
# or to provide custom queries or build logic.
|
|
6
|
+
#
|
|
7
|
+
# ******** NOTE ********
|
|
8
|
+
# We have attempted to detect the languages in your repository. Please check
|
|
9
|
+
# the `language` matrix defined below to confirm you have the correct set of
|
|
10
|
+
# supported CodeQL languages.
|
|
11
|
+
#
|
|
12
|
+
name: "CodeQL"
|
|
13
|
+
|
|
14
|
+
on:
|
|
15
|
+
push:
|
|
16
|
+
branches: [ "main" ]
|
|
17
|
+
pull_request:
|
|
18
|
+
# The branches below must be a subset of the branches above
|
|
19
|
+
branches: [ "main" ]
|
|
20
|
+
schedule:
|
|
21
|
+
- cron: '33 17 * * 6'
|
|
22
|
+
|
|
23
|
+
jobs:
|
|
24
|
+
analyze:
|
|
25
|
+
name: Analyze
|
|
26
|
+
runs-on: ubuntu-latest
|
|
27
|
+
permissions:
|
|
28
|
+
actions: read
|
|
29
|
+
contents: read
|
|
30
|
+
security-events: write
|
|
31
|
+
|
|
32
|
+
strategy:
|
|
33
|
+
fail-fast: false
|
|
34
|
+
matrix:
|
|
35
|
+
language: [ 'ruby' ]
|
|
36
|
+
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
|
|
37
|
+
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
|
|
38
|
+
|
|
39
|
+
steps:
|
|
40
|
+
- name: Checkout repository
|
|
41
|
+
uses: actions/checkout@v3
|
|
42
|
+
|
|
43
|
+
# Initializes the CodeQL tools for scanning.
|
|
44
|
+
- name: Initialize CodeQL
|
|
45
|
+
uses: github/codeql-action/init@v2
|
|
46
|
+
with:
|
|
47
|
+
languages: ${{ matrix.language }}
|
|
48
|
+
# If you wish to specify custom queries, you can do so here or in a config file.
|
|
49
|
+
# By default, queries listed here will override any specified in a config file.
|
|
50
|
+
# Prefix the list here with "+" to use these queries and those in the config file.
|
|
51
|
+
|
|
52
|
+
# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
|
|
53
|
+
# queries: security-extended,security-and-quality
|
|
54
|
+
|
|
55
|
+
|
|
56
|
+
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
|
|
57
|
+
# If this step fails, then you should remove it and run the build manually (see below)
|
|
58
|
+
- name: Autobuild
|
|
59
|
+
uses: github/codeql-action/autobuild@v2
|
|
60
|
+
|
|
61
|
+
# ℹ️ Command-line programs to run using the OS shell.
|
|
62
|
+
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
|
|
63
|
+
|
|
64
|
+
# If the Autobuild fails above, remove it and uncomment the following three lines.
|
|
65
|
+
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
|
|
66
|
+
|
|
67
|
+
# - run: |
|
|
68
|
+
# echo "Run, Build Application using script"
|
|
69
|
+
# ./location_of_script_within_repo/buildscript.sh
|
|
70
|
+
|
|
71
|
+
- name: Perform CodeQL Analysis
|
|
72
|
+
uses: github/codeql-action/analyze@v2
|
data/.rspec
ADDED
data/.rubocop.yml
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -1,8 +1,26 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
-
## [1.0
|
|
3
|
+
## [v1.1.0](https://github.com/riemann/riemann-ruby-client/tree/v1.1.0) (2023-01-23)
|
|
4
4
|
|
|
5
|
-
[Full Changelog](https://github.com/riemann/riemann-ruby-client/compare/v1.0.
|
|
5
|
+
[Full Changelog](https://github.com/riemann/riemann-ruby-client/compare/v1.0.1...v1.1.0)
|
|
6
|
+
|
|
7
|
+
**Implemented enhancements:**
|
|
8
|
+
|
|
9
|
+
- Add support for sending events in bulk [\#44](https://github.com/riemann/riemann-ruby-client/pull/44) ([smortex](https://github.com/smortex))
|
|
10
|
+
|
|
11
|
+
**Fixed bugs:**
|
|
12
|
+
|
|
13
|
+
- Fix UDP fallback to TCP on large messages [\#46](https://github.com/riemann/riemann-ruby-client/pull/46) ([smortex](https://github.com/smortex))
|
|
14
|
+
|
|
15
|
+
**Merged pull requests:**
|
|
16
|
+
|
|
17
|
+
- Modernize unit tests [\#45](https://github.com/riemann/riemann-ruby-client/pull/45) ([smortex](https://github.com/smortex))
|
|
18
|
+
- Switch from Bacon to RSpec [\#43](https://github.com/riemann/riemann-ruby-client/pull/43) ([smortex](https://github.com/smortex))
|
|
19
|
+
- Create codeql-analysis.yml [\#40](https://github.com/riemann/riemann-ruby-client/pull/40) ([jamtur01](https://github.com/jamtur01))
|
|
20
|
+
|
|
21
|
+
## [v1.0.1](https://github.com/riemann/riemann-ruby-client/tree/v1.0.1) (2022-06-25)
|
|
22
|
+
|
|
23
|
+
[Full Changelog](https://github.com/riemann/riemann-ruby-client/compare/v1.0.0...v1.0.1)
|
|
6
24
|
|
|
7
25
|
**Merged pull requests:**
|
|
8
26
|
|
data/Rakefile
CHANGED
|
@@ -10,6 +10,6 @@ GitHubChangelogGenerator::RakeTask.new :changelog do |config|
|
|
|
10
10
|
config.user = 'riemann'
|
|
11
11
|
config.project = 'riemann-ruby-client'
|
|
12
12
|
config.exclude_labels = ['skip-changelog']
|
|
13
|
-
config.future_release = Riemann::VERSION
|
|
13
|
+
config.future_release = "v#{Riemann::VERSION}"
|
|
14
14
|
config.add_issues_wo_labels = false
|
|
15
15
|
end
|
data/SECURITY.md
ADDED
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
# Riemann Security and Disclosure Information
|
|
2
|
+
This page describes Riemann security and disclosure information.
|
|
3
|
+
|
|
4
|
+
## Supported Versions
|
|
5
|
+
|
|
6
|
+
The currently supported version of Riemann for security-patching purposes is always the latest version.
|
|
7
|
+
|
|
8
|
+
## Security Announcements
|
|
9
|
+
|
|
10
|
+
Will be made on the [Riemann mailing list](https://groups.google.com/g/riemann-users?pli=1).
|
|
11
|
+
|
|
12
|
+
## Report a Vulnerability
|
|
13
|
+
|
|
14
|
+
We're extremely grateful for security researchers and users that report vulnerabilities to Riemann. All reports are thoroughly investigated by the maintainers.
|
|
15
|
+
|
|
16
|
+
To make a report, you should email the private security@riemann.io list with the details.
|
|
17
|
+
|
|
18
|
+
## When Should I Report a Vulnerability?
|
|
19
|
+
|
|
20
|
+
* You think you discovered a potential security vulnerability in Riemann.
|
|
21
|
+
* You are unsure how a vulnerability affects Riemann.
|
|
22
|
+
* You think you discovered a vulnerability in another project that Riemann depends on
|
|
23
|
+
|
|
24
|
+
For projects with their own vulnerability reporting and disclosure process, please report it directly there.
|
|
25
|
+
|
|
26
|
+
## When Should I NOT Report a Vulnerability?
|
|
27
|
+
|
|
28
|
+
* You need help tuning Riemann components for security
|
|
29
|
+
* You need help applying security related updates
|
|
30
|
+
* Your issue is not security related
|
|
31
|
+
|
|
32
|
+
## Security Vulnerability Response
|
|
33
|
+
|
|
34
|
+
Each report is acknowledged and analyzed within 5 working days.
|
|
35
|
+
|
|
36
|
+
Any vulnerability information shared stays within Riemann project and will not be disseminated to other projects unless it is necessary to get the issue fixed.
|
|
37
|
+
|
|
38
|
+
As the security issue moves from triage, to identified fix, to release planning we will keep the reporter updated.
|
|
39
|
+
|
|
40
|
+
## Public Disclosure Timing
|
|
41
|
+
|
|
42
|
+
A public disclosure date is negotiated by the Riemann maintainers nd the bug submitter. We prefer to fully disclose the bug as soon as possible once a user mitigation is available. It is reasonable to delay disclosure when the bug or the fix is not yet fully understood, the solution is not well-tested, or for vendor coordination. The timeframe for disclosure is from immediate (especially if it's already publicly known) to a few weeks. For a vulnerability with a straightforward mitigation, we expect report date to disclosure date to be on the order of 7 days. The Riemann maintainers hold the final say when setting a disclosure date.
|
data/lib/riemann/client.rb
CHANGED
|
@@ -52,22 +52,42 @@ module Riemann
|
|
|
52
52
|
end
|
|
53
53
|
|
|
54
54
|
# Send a state
|
|
55
|
-
def <<(
|
|
55
|
+
def <<(event)
|
|
56
56
|
# Create state
|
|
57
|
-
case
|
|
58
|
-
when Riemann::State
|
|
59
|
-
|
|
60
|
-
when Riemann::Event
|
|
61
|
-
event = event_opts
|
|
57
|
+
case event
|
|
58
|
+
when Riemann::State, Riemann::Event, Hash
|
|
59
|
+
# Noop
|
|
62
60
|
else
|
|
63
|
-
|
|
64
|
-
event = Riemann::Event.new(event_opts)
|
|
61
|
+
raise(ArgumentError, "Unsupported event class: #{event.class.name}")
|
|
65
62
|
end
|
|
66
63
|
|
|
67
|
-
|
|
64
|
+
bulk_send([event])
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def bulk_send(events)
|
|
68
|
+
raise ArgumentError unless events.is_a?(Array)
|
|
69
|
+
|
|
70
|
+
message = Riemann::Message.new(events: normalize_events(events))
|
|
68
71
|
|
|
69
|
-
|
|
70
|
-
|
|
72
|
+
send_maybe_recv(message)
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def normalize_events(events)
|
|
76
|
+
events.map do |event|
|
|
77
|
+
case event
|
|
78
|
+
when Riemann::State, Riemann::Event
|
|
79
|
+
event
|
|
80
|
+
when Hash
|
|
81
|
+
e = if event.include?(:host)
|
|
82
|
+
event
|
|
83
|
+
else
|
|
84
|
+
event.dup.merge(host: Socket.gethostname)
|
|
85
|
+
end
|
|
86
|
+
Riemann::Event.new(e)
|
|
87
|
+
else
|
|
88
|
+
raise(ArgumentError, "Unsupported event class: #{event.class.name}")
|
|
89
|
+
end
|
|
90
|
+
end
|
|
71
91
|
end
|
|
72
92
|
|
|
73
93
|
# Returns an array of states matching query.
|
|
@@ -104,7 +124,7 @@ module Riemann
|
|
|
104
124
|
def send_maybe_recv(message)
|
|
105
125
|
@udp.send_maybe_recv(message)
|
|
106
126
|
rescue TooBig
|
|
107
|
-
@tcp.send_maybe_recv(
|
|
127
|
+
@tcp.send_maybe_recv(message)
|
|
108
128
|
end
|
|
109
129
|
end
|
|
110
130
|
end
|
data/lib/riemann/version.rb
CHANGED
data/riemann-client.gemspec
CHANGED
|
@@ -24,9 +24,10 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
|
|
25
25
|
spec.required_ruby_version = '>= 2.6.0'
|
|
26
26
|
|
|
27
|
-
spec.add_development_dependency 'bacon'
|
|
28
27
|
spec.add_development_dependency 'bundler', '>= 1.3'
|
|
28
|
+
spec.add_development_dependency 'rspec'
|
|
29
29
|
spec.add_development_dependency 'rubocop'
|
|
30
|
+
spec.add_development_dependency 'rubocop-rspec'
|
|
30
31
|
spec.add_development_dependency 'timecop'
|
|
31
32
|
|
|
32
33
|
spec.add_dependency 'beefcake', ['>= 1.0.0 ']
|
data/spec/client_spec.rb
ADDED
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'riemann'
|
|
4
|
+
require 'riemann/client'
|
|
5
|
+
|
|
6
|
+
require 'spec_helper'
|
|
7
|
+
require 'shared_examples'
|
|
8
|
+
|
|
9
|
+
RSpec.describe 'Riemann::Client' do
|
|
10
|
+
let(:client) do
|
|
11
|
+
Riemann::Client.new(host: 'localhost', port: 5555)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
let(:expected_rate) { 100 }
|
|
15
|
+
|
|
16
|
+
context('with TLS transport') do
|
|
17
|
+
let(:client) do
|
|
18
|
+
Riemann::Client.new(host: 'localhost', port: 5554, ssl: true,
|
|
19
|
+
key_file: '/etc/riemann/riemann_server.pkcs8',
|
|
20
|
+
cert_file: '/etc/riemann/riemann_server.crt',
|
|
21
|
+
ca_file: '/etc/riemann/riemann_server.crt',
|
|
22
|
+
ssl_verify: true)
|
|
23
|
+
end
|
|
24
|
+
let(:client_with_transport) { client.tcp }
|
|
25
|
+
|
|
26
|
+
it_behaves_like 'a riemann client'
|
|
27
|
+
it_behaves_like 'a riemann client that acknowledge messages'
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
context 'with TCP transport' do
|
|
31
|
+
let(:client_with_transport) { client.tcp }
|
|
32
|
+
|
|
33
|
+
it_behaves_like 'a riemann client'
|
|
34
|
+
it_behaves_like 'a riemann client that acknowledge messages'
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
context('with UDP transport') do
|
|
38
|
+
let(:client_with_transport) { client.udp }
|
|
39
|
+
let(:expected_rate) { 1000 }
|
|
40
|
+
|
|
41
|
+
it_behaves_like 'a riemann client'
|
|
42
|
+
it_behaves_like 'a riemann client that does not acknowledge messages'
|
|
43
|
+
|
|
44
|
+
context 'when sending a message too large for UDP transport' do
|
|
45
|
+
let(:large_message) do
|
|
46
|
+
{
|
|
47
|
+
data: 'X' * (Riemann::Client::UDP::MAX_SIZE + 10)
|
|
48
|
+
}
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
before do
|
|
52
|
+
allow(client.udp).to receive(:send_maybe_recv).and_call_original
|
|
53
|
+
allow(client.tcp).to receive(:send_maybe_recv).and_call_original
|
|
54
|
+
client << large_message
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
it 'has tried to send the message using UDP' do
|
|
58
|
+
expect(client.udp).to have_received(:send_maybe_recv)
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
it 'has retried to send the message using TCP' do
|
|
62
|
+
expect(client.tcp).to have_received(:send_maybe_recv)
|
|
63
|
+
end
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
end
|