From e8f0d5ad2da7915fa5c21e0df93b8ce2d1c678e5 Mon Sep 17 00:00:00 2001 From: Marcin Ciszak Date: Mon, 11 Nov 2024 15:02:30 +0000 Subject: [PATCH] Bump ruby from 2.7.6 to 3.2.2 (#399) * Update ruby from 2.7.6 to 3.2.2 * Bump base ruby image version to 3.2.2 * Tweak dashboard startup * Update skaffold.yaml to Skaffold v2 schema * Update CI config --- .circleci/config.yml | 24 ++--- .ruby-version | 2 +- Dockerfile | 4 +- Gemfile.lock | 96 ++++++++++++------- dashboard/dashboard.js | 4 +- dashboard/package-lock.json | 42 -------- lib/krane/rbac/graph/concerns/bindings.rb | 10 +- lib/krane/rbac/graph/concerns/edges.rb | 2 +- lib/krane/rbac/graph/concerns/nodes.rb | 2 +- skaffold.yaml | 9 +- .../krane/rbac/graph/concerns/edges_spec.rb | 2 +- .../krane/rbac/graph/concerns/nodes_spec.rb | 2 +- 12 files changed, 96 insertions(+), 103 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index ec67a26..c82c079 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -2,30 +2,27 @@ version: 2.1 orbs: - ruby: circleci/ruby@1.2.0 + ruby: circleci/ruby@2.3.0 executors: skaffold: docker: - - image: gcr.io/k8s-skaffold/skaffold:latest + - image: gcr.io/k8s-skaffold/skaffold:v2.13.2 jobs: test: - parallelism: 1 docker: - - image: ruby:2.7.6-alpine3.14 - environment: - BUNDLE_JOBS: 10 - BUNDLE_RETRY: 5 - BUNDLE_PATH: vendor/bundle - KRANE_ENV: test + - image: cimg/ruby:3.2.2-node + parallelism: 3 + environment: + BUNDLE_JOBS: 10 + BUNDLE_RETRY: 5 + BUNDLE_PATH: vendor/bundle + KRANE_ENV: test steps: - checkout - setup_remote_docker: docker_layer_caching: true - - run: - name: Install system deps - command: apk add --update --no-cache git bash curl make gcc libc-dev tzdata g++ npm - run: name: Which bundler? command: bundle -v @@ -47,6 +44,7 @@ jobs: name: Build artifacts w/ Skaffold command: | mkdir -p build + skaffold config set --global collect-metrics false skaffold build -p build-no-push --file-output build/${CIRCLE_SHA1}.json - persist_to_workspace: root: ~/project @@ -64,6 +62,7 @@ jobs: command: | mkdir -p build docker login quay.io --username $DOCKER_USER --password $DOCKER_PASSWORD + skaffold config set --global collect-metrics false skaffold build -p build-and-push --file-output build/${CIRCLE_SHA1}.json # re-tag :latest skaffold_tag=$(cat build/${CIRCLE_SHA1}.json | jq -r '.builds[0].tag | split("@")[0]') @@ -105,6 +104,7 @@ jobs: export SKAFFOLD_NAMESPACE=<> # Deploy with Skaffold - refers to artefacts built in previous step + skaffold config set --global collect-metrics false skaffold deploy --build-artifacts build/${CIRCLE_SHA1}.json workflows: diff --git a/.ruby-version b/.ruby-version index 49cdd66..be94e6f 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -2.7.6 +3.2.2 diff --git a/Dockerfile b/Dockerfile index 55a0c7a..3b826e3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,7 +15,7 @@ ############################################################## # Stage: builder -FROM ruby:2.7.6-alpine3.16 AS builder +FROM ruby:3.2.2-alpine3.16 AS builder WORKDIR /app @@ -47,7 +47,7 @@ RUN cd dashboard && jekyll build --trace -s ./src/html -d ./tmp && cp ./tmp/*.ht ############################################################## # Stage: final -FROM ruby:2.7.6-alpine3.16 +FROM ruby:3.2.2-alpine3.16 LABEL org="Appvia Ltd" LABEL website="appvia.io" diff --git a/Gemfile.lock b/Gemfile.lock index 694855d..7fd7146 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -18,29 +18,42 @@ PATH GEM remote: https://rubygems.org/ specs: - activemodel (7.0.7.1) - activesupport (= 7.0.7.1) - activesupport (7.0.7.1) - concurrent-ruby (~> 1.0, >= 1.0.2) + activemodel (8.0.0) + activesupport (= 8.0.0) + activesupport (8.0.0) + base64 + benchmark (>= 0.3) + bigdecimal + concurrent-ruby (~> 1.0, >= 1.3.1) + connection_pool (>= 2.2.5) + drb i18n (>= 1.6, < 2) + logger (>= 1.4.2) minitest (>= 5.1) - tzinfo (~> 2.0) + securerandom (>= 0.3) + tzinfo (~> 2.0, >= 2.0.5) + uri (>= 0.13.1) addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) aes_key_wrap (1.1.0) ast (2.4.2) - attr_required (1.0.1) + attr_required (1.0.2) base64 (0.2.0) + benchmark (0.4.0) + bigdecimal (3.1.8) bindata (2.5.0) byebug (11.1.3) colorator (1.1.0) colorize (1.1.0) - commander (4.6.0) - highline (~> 2.0.0) + commander (5.0.0) + highline (~> 3.0.0) concurrent-ruby (1.3.4) + connection_pool (2.4.1) + date (3.4.0) diff-lcs (1.5.1) docile (1.4.1) domain_name (0.6.20240107) + drb (2.2.1) em-websocket (0.5.3) eventmachine (>= 0.12.9) http_parser.rb (~> 0) @@ -48,23 +61,26 @@ GEM activemodel eventmachine (1.2.7) facets (3.1.0) - factory_bot (6.4.5) + factory_bot (6.5.0) activesupport (>= 5.0.0) - faraday (2.8.1) - base64 - faraday-net_http (>= 2.0, < 3.1) - ruby2_keywords (>= 0.0.4) + faraday (2.12.0) + faraday-net_http (>= 2.0, < 3.4) + json + logger faraday-follow_redirects (0.3.0) faraday (>= 1, < 3) - faraday-net_http (3.0.2) + faraday-net_http (3.3.0) + net-http ffi (1.17.0) ffi-compiler (1.3.2) ffi (>= 1.15.5) rake forwardable-extended (2.6.0) - google-protobuf (3.25.5) + google-protobuf (4.28.3) + bigdecimal + rake (>= 13) hashie (5.0.0) - highline (2.0.3) + highline (3.0.1) http (5.2.0) addressable (~> 2.8) base64 (~> 0.1) @@ -99,7 +115,7 @@ GEM jekyll-watch (2.2.1) listen (~> 3.0) json (2.8.1) - json-jwt (1.16.6) + json-jwt (1.16.7) activesupport (>= 4.2) aes_key_wrap base64 @@ -126,17 +142,31 @@ GEM ffi-compiler (~> 1.0) rake (~> 13.0) logger (1.6.1) - mail (2.7.1) + mail (2.8.1) mini_mime (>= 0.1.1) + net-imap + net-pop + net-smtp memoist (0.16.2) mercenary (0.4.0) mime-types (3.6.0) logger mime-types-data (~> 3.2015) mime-types-data (3.2024.1105) - mini_mime (1.1.2) + mini_mime (1.1.5) minitest (5.25.1) multi_json (1.15.0) + net-http (0.5.0) + uri + net-imap (0.5.1) + date + net-protocol + net-pop (0.1.2) + net-protocol + net-protocol (0.2.2) + timeout + net-smtp (0.5.0) + net-protocol netrc (0.11.0) openid_connect (2.3.1) activemodel @@ -162,10 +192,10 @@ GEM profile (0.4.0) psych (5.2.0) stringio - public_suffix (5.1.1) + public_suffix (6.0.1) racc (1.8.1) - rack (3.0.9.1) - rack-oauth2 (2.2.0) + rack (3.1.8) + rack-oauth2 (2.2.1) activesupport attr_required faraday (~> 2.0) @@ -181,7 +211,7 @@ GEM psych (>= 4.0.0) recursive-open-struct (1.3.1) ostruct - redis (4.4.0) + redis (4.8.1) redisgraph (2.0.3) redis (~> 4) regexp_parser (2.9.2) @@ -219,22 +249,22 @@ GEM unicode-display_width (>= 2.4.0, < 3.0) rubocop-ast (1.34.1) parser (>= 3.3.1.0) - ruby-prof (1.6.3) + ruby-prof (1.7.1) ruby-progressbar (1.13.0) - ruby2_keywords (0.0.5) safe_yaml (1.0.5) - sass-embedded (1.63.6) - google-protobuf (~> 3.23) - rake (>= 13.0.0) + sass-embedded (1.80.6) + google-protobuf (~> 4.28) + rake (>= 13) + securerandom (0.3.2) simplecov (0.22.0) docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) - simplecov-html (0.12.3) + simplecov-html (0.13.1) simplecov_json_formatter (0.1.4) slack-notifier (2.4.0) stringio (3.1.2) - swd (2.0.2) + swd (2.0.3) activesupport (>= 3) attr_required (>= 0.0.5) faraday (~> 2.0) @@ -243,13 +273,15 @@ GEM unicode-display_width (>= 1.1.1, < 3) test-unit (3.6.2) power_assert + timeout (0.4.2) tzinfo (2.0.6) concurrent-ruby (~> 1.0) unicode-display_width (2.6.0) + uri (1.0.1) validate_url (1.0.15) activemodel (>= 3.0.0) public_suffix - webfinger (2.1.2) + webfinger (2.1.3) activesupport faraday (~> 2.0) faraday-follow_redirects @@ -274,4 +306,4 @@ DEPENDENCIES test-unit BUNDLED WITH - 2.2.28 + 2.4.10 diff --git a/dashboard/dashboard.js b/dashboard/dashboard.js index 35b9c59..790d831 100644 --- a/dashboard/dashboard.js +++ b/dashboard/dashboard.js @@ -14,8 +14,8 @@ See the License for the specific language governing permissions and limitations under the License. */ -const express = require('express') -const serveStatic = require('serve-static') +import express from 'express'; +import serveStatic from 'serve-static'; const app = express() const port = process.env.port || 8000 diff --git a/dashboard/package-lock.json b/dashboard/package-lock.json index a088c3f..5e64ca5 100644 --- a/dashboard/package-lock.json +++ b/dashboard/package-lock.json @@ -461,17 +461,6 @@ "@babel/core": "^7.0.0-0" } }, - "node_modules/gulp-cli/node_modules/glogg": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/glogg/-/glogg-2.2.0.tgz", - "integrity": "sha512-eWv1ds/zAlz+M1ioHsyKJomfY7jbDDPpwSkv14KQj89bycx1nvK5/2Cj/T9g7kzJcX5Bc7Yv22FjfBZS/jl94A==", - "dependencies": { - "sparkles": "^2.1.0" - }, - "engines": { - "node": ">= 10.13.0" - } - }, "node_modules/cors": { "version": "2.8.5", "resolved": "https://registry.npmjs.org/cors/-/cors-2.8.5.tgz", @@ -3240,11 +3229,6 @@ "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz", "integrity": "sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==" }, - "node_modules/express/node_modules/ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==" - }, "node_modules/global-prefix": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/global-prefix/-/global-prefix-1.0.2.tgz", @@ -4439,14 +4423,6 @@ "node": ">=10.13.0" } }, - "node_modules/gulp-cli/node_modules/sparkles": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/sparkles/-/sparkles-2.1.0.tgz", - "integrity": "sha512-r7iW1bDw8R/cFifrD3JnQJX0K1jqT0kprL48BiBpLZLJPmAm34zsVBsK5lc7HirZYZqMW65dOXZgbAGt/I6frg==", - "engines": { - "node": ">= 10.13.0" - } - }, "node_modules/color-support": { "version": "1.1.3", "resolved": "https://registry.npmjs.org/color-support/-/color-support-1.1.3.tgz", @@ -8588,11 +8564,6 @@ "unpipe": "~1.0.0" } }, - "ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==" - }, "on-finished": { "version": "2.4.1", "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.4.1.tgz", @@ -9034,14 +9005,6 @@ "yargs": "^16.2.0" }, "dependencies": { - "glogg": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/glogg/-/glogg-2.2.0.tgz", - "integrity": "sha512-eWv1ds/zAlz+M1ioHsyKJomfY7jbDDPpwSkv14KQj89bycx1nvK5/2Cj/T9g7kzJcX5Bc7Yv22FjfBZS/jl94A==", - "requires": { - "sparkles": "^2.1.0" - } - }, "gulplog": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/gulplog/-/gulplog-2.2.0.tgz", @@ -9055,11 +9018,6 @@ "resolved": "https://registry.npmjs.org/interpret/-/interpret-3.1.1.tgz", "integrity": "sha512-6xwYfHbajpoF0xLW+iwLkhwgvLoZDfjYfoFNu8ftMoXINzwuymNLd9u/KmwtdT2GbR+/Cz66otEGEVVUHX9QLQ==" }, - "sparkles": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/sparkles/-/sparkles-2.1.0.tgz", - "integrity": "sha512-r7iW1bDw8R/cFifrD3JnQJX0K1jqT0kprL48BiBpLZLJPmAm34zsVBsK5lc7HirZYZqMW65dOXZgbAGt/I6frg==" - }, "yargs": { "version": "16.2.0", "resolved": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz", diff --git a/lib/krane/rbac/graph/concerns/bindings.rb b/lib/krane/rbac/graph/concerns/bindings.rb index 1f719c0..5e9b97d 100644 --- a/lib/krane/rbac/graph/concerns/bindings.rb +++ b/lib/krane/rbac/graph/concerns/bindings.rb @@ -61,12 +61,13 @@ def setup_binding binding_kind:, binding: info "-- Indexing [#{binding_kind}] #{binding_name}" # If role in binding hasn't been defined then it should be recorded - register_undefined_role({ + attrs = { role_kind: role_kind, role_name: role_name, binding_kind: binding_kind, binding_name: binding_name - }) + } + register_undefined_role(**attrs) if namespace.present? node :namespace, { name: namespace } @@ -81,13 +82,14 @@ def setup_binding binding_kind:, binding: # Iterate thorugh subjects binding['subjects'].each do |subject| - set_subject_relations({ + attrs = { subject: subject, role_kind: role_kind, role_name: role_name }.tap {|h| h[:binding_namespace] = namespace if namespace.present? - }) + } + set_subject_relations(**attrs) end set_relation_between_any_two_subjects(subjects: binding['subjects']) diff --git a/lib/krane/rbac/graph/concerns/edges.rb b/lib/krane/rbac/graph/concerns/edges.rb index be64e75..75674d8 100644 --- a/lib/krane/rbac/graph/concerns/edges.rb +++ b/lib/krane/rbac/graph/concerns/edges.rb @@ -70,7 +70,7 @@ def add_relation source_label, relation, destination_label, direction = '<->' # # @return [nil] def edge kind, params - send("edge_#{kind.downcase}".to_sym, params) + send("edge_#{kind.downcase}".to_sym, **params) end # Adds :SCOPE edge between :Role (Role/ClusterRole) and :Namespace nodes diff --git a/lib/krane/rbac/graph/concerns/nodes.rb b/lib/krane/rbac/graph/concerns/nodes.rb index 977491f..60c21f7 100644 --- a/lib/krane/rbac/graph/concerns/nodes.rb +++ b/lib/krane/rbac/graph/concerns/nodes.rb @@ -71,7 +71,7 @@ def add_node kind, label, attrs # # @return [nil] def node kind, params - send("node_#{kind.downcase}".to_sym, params) + send("node_#{kind.downcase}".to_sym, **params) end # Creates :Role graph node for RBAC Role/ClusterRole diff --git a/skaffold.yaml b/skaffold.yaml index 408b665..3357467 100644 --- a/skaffold.yaml +++ b/skaffold.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: skaffold/v2beta1 +apiVersion: skaffold/v4beta11 kind: Config metadata: name: krane @@ -36,9 +36,8 @@ build: - src: 'lib/**/*.rb' dest: '/app' -deploy: - kubectl: - manifests: +manifests: + rawYaml: - k8s/*.yaml profiles: @@ -50,6 +49,7 @@ profiles: - env: CLUSTER=minikube - kubeContext: minikube deploy: + kubectl: {} kubeContext: minikube - name: local-desktop @@ -58,6 +58,7 @@ profiles: - kubeContext: docker-desktop - kubeContext: docker-for-desktop deploy: + kubectl: {} kubeContext: docker-desktop # CI Build phase profiles diff --git a/spec/lib/krane/rbac/graph/concerns/edges_spec.rb b/spec/lib/krane/rbac/graph/concerns/edges_spec.rb index c56db71..30636e5 100644 --- a/spec/lib/krane/rbac/graph/concerns/edges_spec.rb +++ b/spec/lib/krane/rbac/graph/concerns/edges_spec.rb @@ -12,7 +12,7 @@ expect(subject).to receive(:add_relation).with(*expected_args) - subject.send("edge_#{args[:relation].downcase}".to_sym, args[:params]) + subject.send("edge_#{args[:relation].downcase}".to_sym, **args[:params]) end end diff --git a/spec/lib/krane/rbac/graph/concerns/nodes_spec.rb b/spec/lib/krane/rbac/graph/concerns/nodes_spec.rb index 54c1ff2..94525ac 100644 --- a/spec/lib/krane/rbac/graph/concerns/nodes_spec.rb +++ b/spec/lib/krane/rbac/graph/concerns/nodes_spec.rb @@ -106,7 +106,7 @@ it 'creates :Role graph node for RBAC Role/ClusterRole' do expect(subject).to receive(:add_node).with(:Role, label, role_attrs) - subject.send(:node_role, role_attrs) + subject.send(:node_role, **role_attrs) end end