Merge branch '217897-isolated-omnibus-lm' into 'master'v3.17.0

Isolate license_management ruby from project ruby

See merge request gitlab-org/security-products/license-management!181

5 files changed, 59 insertions, 35 deletions

diff --git a/lib/license/finder/ext/bundler.rb b/lib/license/finder/ext/bundler.rb
index ddf30f5..d362be3 100644
--- a/lib/license/finder/ext/bundler.rb
+++ b/lib/license/finder/ext/bundler.rb
@@ -6,28 +6,21 @@ module LicenseFinder
       vendor_path = Pathname.pwd.join('.gitlab', 'cache', 'vendor')
       shell.execute([:mkdir, '-p', vendor_path.to_s])
 
-      Dir.chdir(project_path) do
-        with_clean_bundler do
-          shell.execute([:bundle, :config, '--local', :path, vendor_path.to_s])
-          shell.execute([:bundle, :install, '--verbose'], env: default_env)
-        end
+      with_clean_bundler do
+        _stdout, _stderr, status = shell.execute([:asdf, :current, :ruby], env: default_env)
+        shell.execute([:asdf, :install], env: default_env) unless status.success?
+        shell.execute([:bundle, :config, '--local', :path, vendor_path.to_s], env: default_env)
+        shell.execute([:bundle, :install, '--verbose'], env: default_env)
       end
     end
 
     def current_packages
-      Dir.chdir(project_path) do
-        gem_details.map do |gem|
-          Dependency.new(
-            'Bundler',
-            gem.name,
-            gem.version.to_s,
-            description: gem.description,
-            detection_path: lockfile_path,
-            homepage: gem.homepage,
-            install_path: gem.full_gem_path || '/dev/null',
-            spec_licenses: gem.licenses,
-            summary: gem.summary
-          )
+      with_clean_bundler do
+        stdout, _stderr, status = shell.execute(scan_command, env: default_env)
+        return super unless status.success?
+
+        stdout.each_line.map do |line|
+          map_from(JSON.parse(line, symbolize_names: true))
         end
       end
     end
@@ -48,27 +41,39 @@ module LicenseFinder
         return custom_gemfile.basename.to_s if custom_gemfile.exist?
       end
 
-      if project_path.join("gems.rb").exist?
-        "gems.rb"
-      else
-        "Gemfile"
-      end
+      project_path.join("gems.rb").exist? ? "gems.rb" : "Gemfile"
     end
 
     def lockfile
       gemfile == 'gems.rb' ? 'gems.locked' : "#{gemfile}.lock"
     end
 
+    def lockfile_path
+      project_path.join(lockfile)
+    end
+
+    def scan_command
+      [
+        '/opt/asdf/shims/ruby',
+        '-W0',
+        ::License::Management.root.join('exe', 'scan_bundler').to_s,
+        detected_package_path.to_s,
+        lockfile_path.to_s
+      ]
+    end
+
     def default_env
       @default_env ||= {
         'BUNDLE_ALLOW_OFFLINE_INSTALL' => 'true',
-        'BUNDLE_SUPPRESS_INSTALL_USING_MESSAGES' => 'true',
         'BUNDLE_DISABLE_VERSION_CHECK' => 'true',
         'BUNDLE_ERROR_ON_STDERR' => 'true',
+        'BUNDLE_GEMFILE' => "#{project_path}/#{gemfile}",
         'BUNDLE_IGNORE_MESSAGES' => 'true',
         'BUNDLE_JOBS' => ENV.fetch('BUNDLE_JOBS', `nproc`.chomp),
         'BUNDLE_SILENCE_ROOT_WARNING' => 'true',
-        'BUNDLE_WITH' => ENV.fetch('BUNDLE_WITH', included_groups.to_a.join(':'))
+        'BUNDLE_SUPPRESS_INSTALL_USING_MESSAGES' => 'true',
+        'BUNDLE_WITHOUT' => ENV.fetch('BUNDLE_WITHOUT', ignored_groups.to_a.join(':')),
+        'PATH' => "/opt/asdf/shims:/opt/asdf/bin:#{ENV['PATH']}"
       }.tap do |env|
         env['BUNDLE_FROZEN'] = 'true' if lockfile_path.exist?
         env['BUNDLE_SSL_CA_CERT'] = shell.custom_certificate_path.to_s if shell.custom_certificate_installed?
@@ -76,11 +81,30 @@ module LicenseFinder
     end
 
     def with_clean_bundler
-      if ::Bundler.respond_to?(:with_unbundled_env)
-        ::Bundler.with_unbundled_env { yield }
-      else
-        ::Bundler.with_clean_env { yield }
+      ::Gem.clear_paths
+      ::Bundler.reset!
+      ::Bundler.configure
+      Dir.chdir(project_path) do
+        if ::Bundler.respond_to?(:with_unbundled_env)
+          ::Bundler.with_unbundled_env { yield }
+        else
+          ::Bundler.with_clean_env { yield }
+        end
       end
     end
+
+    def map_from(gem)
+      Dependency.new(
+        'Bundler',
+        gem[:name],
+        gem[:version],
+        description: gem[:description],
+        detection_path: lockfile_path,
+        homepage: gem[:homepage],
+        install_path: gem[:full_gem_path] || '/dev/null',
+        spec_licenses: gem[:licenses],
+        summary: gem[:summary]
+      )
+    end
   end
 end
diff --git a/lib/license/finder/ext/package_manager.rb b/lib/license/finder/ext/package_manager.rb
index ff5466e..6752ce7 100644
--- a/lib/license/finder/ext/package_manager.rb
+++ b/lib/license/finder/ext/package_manager.rb
@@ -2,6 +2,10 @@
 
 module LicenseFinder
   class PackageManager
+    def shell
+      ::License::Management.shell
+    end
+
     def current_packages_with_relations
       current_packages
     rescue StandardError => e
diff --git a/lib/license/finder/ext/shared_helpers.rb b/lib/license/finder/ext/shared_helpers.rb
index c3d6319..856c239 100644
--- a/lib/license/finder/ext/shared_helpers.rb
+++ b/lib/license/finder/ext/shared_helpers.rb
@@ -2,10 +2,6 @@
 
 module LicenseFinder
   module SharedHelpers
-    def shell
-      ::License::Management.shell
-    end
-
     class Cmd
       def self.run(command)
         ::License::Management.shell.execute(command)
diff --git a/lib/license/management/python.rb b/lib/license/management/python.rb
index ccf53e9..740b5c4 100644
--- a/lib/license/management/python.rb
+++ b/lib/license/management/python.rb
@@ -29,7 +29,7 @@ module License
           ". #{venv}/bin/activate &&",
           :pip, :install,
           '--no-index',
-          '--find-links $HOME/.config/virtualenv/app-data', 'pip-licenses', '&&',
+          '--find-links /opt/gitlab/.config/virtualenv/app-data', 'pip-licenses', '&&',
           'pip-licenses',
           '--ignore-packages prettytable',
           '--with-description',
diff --git a/lib/license/management/version.rb b/lib/license/management/version.rb
index 214f7b5..df57113 100644
--- a/lib/license/management/version.rb
+++ b/lib/license/management/version.rb
@@ -2,6 +2,6 @@
 
 module License
   module Management
-    VERSION = '3.16.0'
+    VERSION = '3.17.0'
   end
 end