Isolate license_management ruby from project

* Target ruby version 2.7.1
* Add spec to fetch gems from a custom source
* Add proxy to rubygems.org config
* Specify default env vars to support offline environment
* Cleanup custom certificates after spec
* Inline docker-test script
* Do not install license_finder with each installed ruby
* Increase gem log verbosity and include backtrace
* Extract test fixtures for the different ruby scenarios
* Find *.gemspec files in gems dir
* Use RUBYLIB to hijack src path
* Run scan from project path dir

7 files changed, 196 insertions, 93 deletions

diff --git a/spec/fixtures/ruby/bundler/ruby-2.4.9/Gemfile b/spec/fixtures/ruby/bundler/ruby-2.4.9/Gemfile
new file mode 100644
index 0000000..d26dbc9
--- /dev/null
+++ b/spec/fixtures/ruby/bundler/ruby-2.4.9/Gemfile
@@ -0,0 +1,5 @@
+source 'https://rubygems.org'
+
+ruby '2.4.9'
+
+gem 'saml-kit'
diff --git a/spec/fixtures/ruby/bundler/ruby-2.4.9/Gemfile.lock b/spec/fixtures/ruby/bundler/ruby-2.4.9/Gemfile.lock
new file mode 100644
index 0000000..ccb0aef
--- /dev/null
+++ b/spec/fixtures/ruby/bundler/ruby-2.4.9/Gemfile.lock
@@ -0,0 +1,47 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activemodel (5.2.4.3)
+      activesupport (= 5.2.4.3)
+    activesupport (5.2.4.3)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    builder (3.2.4)
+    concurrent-ruby (1.1.6)
+    i18n (1.8.3)
+      concurrent-ruby (~> 1.0)
+    mini_portile2 (2.4.0)
+    minitest (5.14.1)
+    net-hippie (0.3.2)
+    nokogiri (1.10.10)
+      mini_portile2 (~> 2.4.0)
+    saml-kit (1.1.0)
+      activemodel (>= 4.2.0)
+      net-hippie (~> 0.1)
+      xml-kit (>= 0.3.0, < 1.0.0)
+    thread_safe (0.3.6)
+    tilt (2.0.10)
+    tzinfo (1.2.7)
+      thread_safe (~> 0.1)
+    xml-kit (0.4.0)
+      activemodel (>= 4.2.0)
+      builder (~> 3.2)
+      nokogiri (~> 1.10)
+      tilt (>= 1.4.1)
+      xmldsig (~> 0.6)
+    xmldsig (0.6.6)
+      nokogiri (>= 1.6.8, < 2.0.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  saml-kit
+
+RUBY VERSION
+   ruby 2.4.9p362
+
+BUNDLED WITH
+   2.1.4
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index c306997..81f9164 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -5,6 +5,8 @@ require 'json'
 require 'json-schema'
 require 'securerandom'
 require 'support/fixture_file_helper'
+require 'support/report'
+require 'support/project_helper'
 require 'support/integration_test_helper'
 require 'support/matchers'
 require 'support/proxy_helper'
diff --git a/spec/support/integration_test_helper.rb b/spec/support/integration_test_helper.rb
index 7dc64fe..244f363 100644
--- a/spec/support/integration_test_helper.rb
+++ b/spec/support/integration_test_helper.rb
@@ -1,95 +1,4 @@
 module IntegrationTestHelper
-  class Report
-    attr_reader :report
-
-    def initialize(raw)
-      @report = JSON.parse(raw, symbolize_names: true)
-    end
-
-    def [](key)
-      report[key]
-    end
-
-    def dependency_names
-      report[:dependencies].map { |x| x[:name] }
-    end
-
-    def licenses_for(name)
-      (find(name) || {}).fetch(:licenses, [])
-    end
-
-    def find(name)
-      report[:dependencies].find do |dependency|
-        dependency[:name] == name
-      end
-    end
-
-    def nil?
-      report.nil?
-    end
-
-    def to_hash
-      to_h
-    end
-
-    def to_h
-      report
-    end
-  end
-
-  class IntegrationTestRunner
-    attr_reader :project_path
-
-    def initialize(project_path = Pathname.pwd.join('tmp').join(SecureRandom.uuid))
-      FileUtils.mkdir_p(project_path)
-      @project_path = Pathname(project_path)
-    end
-
-    def add_file(name, content = nil)
-      full_path = project_path.join(name)
-      FileUtils.mkdir_p(full_path.dirname)
-      IO.write(full_path, block_given? ? yield : content)
-    end
-
-    def mount(dir:)
-      FileUtils.cp_r("#{dir}/.", project_path)
-    end
-
-    def clone(repo, branch: 'master')
-      if branch.match?(/\b[0-9a-f]{5,40}\b/)
-        execute({}, 'git', 'clone', '--quiet', repo, project_path.to_s)
-        Dir.chdir project_path do
-          execute({}, 'git', 'checkout', branch)
-        end
-      else
-        execute({}, 'git', 'clone', '--quiet', '--depth=1', '--single-branch', '--branch', branch, repo, project_path.to_s)
-      end
-    end
-
-    def scan(env: {})
-      execute(env, 'mkdir -p pkg/ && gem build --silent -o pkg/license-management-test.gem ./*.gemspec')
-      Dir.chdir project_path do
-        merged_env = { 'CI_PROJECT_DIR' => project_path.to_s }.merge(env)
-        return {} unless execute(merged_env, "#{License::Management.root.join('run.sh')} analyze .")
-
-        report_path = project_path.join('gl-license-scanning-report.json')
-        return {} unless report_path.exist?
-
-        Report.new(report_path.read)
-      end
-    end
-
-    def execute(env = {}, *args)
-      Bundler.with_unbundled_env do
-        system(env, *args, exception: true)
-      end
-    end
-
-    def cleanup
-      FileUtils.rm_rf(project_path) if project_path.exist?
-    end
-  end
-
   def private_npm_host
     @private_npm_host ||= ENV.fetch('PRIVATE_NPM_HOST').tap do |host|
       add_host(host, ENV.fetch('PRIVATE_NPM_IP'))
@@ -109,11 +18,10 @@ module IntegrationTestHelper
   end
 
   def runner(*args)
-    @runner ||= IntegrationTestRunner.new(*args)
+    @runner ||= ProjectHelper.new(*args)
   end
 
   def add_host(name, ip)
-    return unless ENV['LM_HOME']
     return if system("grep #{name} /etc/hosts")
 
     system("echo '#{ip} #{name}' >> /etc/hosts")
diff --git a/spec/support/project_helper.rb b/spec/support/project_helper.rb
new file mode 100644
index 0000000..4ae490e
--- /dev/null
+++ b/spec/support/project_helper.rb
@@ -0,0 +1,56 @@
+class ProjectHelper
+  attr_reader :project_path
+
+  def initialize(project_path = License::Management.root.join('tmp').join(SecureRandom.uuid))
+    FileUtils.mkdir_p(project_path)
+    @project_path = Pathname(project_path)
+  end
+
+  def add_file(name, content = nil)
+    full_path = project_path.join(name)
+    FileUtils.mkdir_p(full_path.dirname)
+    IO.write(full_path, block_given? ? yield : content)
+  end
+
+  def mount(dir:)
+    FileUtils.cp_r("#{dir}/.", project_path)
+  end
+
+  def chdir
+    Dir.chdir project_path do
+      yield
+    end
+  end
+
+  def clone(repo, branch: 'master')
+    if branch.match?(/\b[0-9a-f]{5,40}\b/)
+      execute({}, 'git', 'clone', '--quiet', repo, project_path.to_s)
+      chdir do
+        execute({}, 'git', 'checkout', branch)
+      end
+    else
+      execute({}, 'git', 'clone', '--quiet', '--depth=1', '--single-branch', '--branch', branch, repo, project_path.to_s)
+    end
+  end
+
+  def scan(env: {})
+    chdir do
+      return {} unless execute({ 'CI_PROJECT_DIR' => project_path.to_s }.merge(env), "#{License::Management.root.join('run.sh')} analyze .")
+
+      report_path = project_path.join('gl-license-scanning-report.json')
+      return {} unless report_path.exist?
+
+      Report.new(report_path.read)
+    end
+  end
+
+  def execute(env = {}, *args)
+    Bundler.with_unbundled_env do
+      system(env, *args, exception: true)
+    end
+  end
+
+  def cleanup
+    FileUtils.rm_rf(project_path) if project_path.exist?
+  end
+end
diff --git a/spec/support/report.rb b/spec/support/report.rb
new file mode 100644
index 0000000..d6546ae
--- /dev/null
+++ b/spec/support/report.rb
@@ -0,0 +1,37 @@
+class Report
+  attr_reader :report
+
+  def initialize(raw)
+    @report = JSON.parse(raw, symbolize_names: true)
+  end
+
+  def [](key)
+    report[key]
+  end
+
+  def dependency_names
+    report[:dependencies].map { |x| x[:name] }
+  end
+
+  def licenses_for(name)
+    (find(name) || {}).fetch(:licenses, [])
+  end
+
+  def find(name)
+    report[:dependencies].find do |dependency|
+      dependency[:name] == name
+    end
+  end
+
+  def nil?
+    report.nil?
+  end
+
+  def to_hash
+    to_h
+  end
+
+  def to_h
+    report
+  end
+end
diff --git a/spec/unit/license_finder/bundler_spec.rb b/spec/unit/license_finder/bundler_spec.rb
new file mode 100644
index 0000000..5458892
--- /dev/null
+++ b/spec/unit/license_finder/bundler_spec.rb
@@ -0,0 +1,48 @@
+require 'spec_helper'
+
+RSpec.describe LicenseFinder::Bundler do
+  describe "#current_packages" do
+    subject do
+      project.chdir do
+        bundler.prepare
+        bundler.current_packages
+      end
+    end
+
+    let(:bundler) { described_class.new(options) }
+    let(:options) { { ignored_groups: [], project_path: project.project_path } }
+    let(:project) { ProjectHelper.new }
+
+    before do
+      project.mount(dir: project_fixture)
+    end
+
+    after do
+      project.cleanup
+    end
+
+    context "when scanning a v2.1 bundler project" do
+      let(:project_fixture) { fixture_file('ruby/bundler-v2.1') }
+
+      specify { expect(subject.map(&:name)).to match_array(%w[bundler net-hippie]) }
+    end
+
+    context "when scanning a v1.17 bundler project" do
+      let(:project_fixture) { fixture_file('ruby/bundler-v1.17') }
+
+      specify { expect(subject.map(&:name).sort).to match_array(%w[activemodel activesupport builder bundler concurrent-ruby i18n mini_portile2 minitest net-hippie nokogiri saml-kit thread_safe tilt tzinfo xml-kit xmldsig zeitwerk]) }
+    end
+
+    context "when scanning a project with a .ruby-version:2.4.9" do
+      let(:project_fixture) { fixture_file('ruby/bundler-ruby-2.4.9-no-lockfile') }
+
+      specify { expect(subject.map(&:name)).to include("saml-kit") }
+    end
+
+    context "when scanning a project with a Gemfile that specifies 2.4.9" do
+      let(:project_fixture) { fixture_file('ruby/bundler/ruby-2.4.9') }
+
+      specify { expect(subject.map(&:name)).to include("saml-kit") }
+    end
+  end
+end