diff options
| -rw-r--r-- | .gitlab-ci.yml | 3 | ||||
| -rw-r--r-- | .gitlab/build.yml | 20 | ||||
| -rw-r--r-- | CHANGELOG.md | 4 | ||||
| -rw-r--r-- | Gemfile.lock | 2 | ||||
| -rwxr-xr-x | bin/test | 2 | ||||
| -rw-r--r-- | lib/license/finder/ext/conan.rb | 27 | ||||
| -rw-r--r-- | lib/license/management/version.rb | 2 | ||||
| -rw-r--r-- | spec/fixtures/c/conan/example-package/conanfile.py | 35 | ||||
| -rw-r--r-- | spec/fixtures/c/conan/example-project/.conan/.keep | 0 | ||||
| -rw-r--r-- | spec/fixtures/c/conan/example-project/CMakeLists.txt | 10 | ||||
| -rw-r--r-- | spec/fixtures/c/conan/example-project/conanfile.txt.erb | 5 | ||||
| -rw-r--r-- | spec/fixtures/c/conan/example-project/main.c | 6 | ||||
| -rw-r--r-- | spec/integration/c/conan_spec.rb | 29 | ||||
| -rw-r--r-- | spec/integration/java/gradle_spec.rb | 2 | ||||
| -rw-r--r-- | spec/integration/java/maven_spec.rb | 2 | ||||
| -rw-r--r-- | spec/integration/js/bower_spec.rb | 2 | ||||
| -rw-r--r-- | spec/integration/js/npm_spec.rb | 2 | ||||
| -rw-r--r-- | spec/integration/js/yarn_spec.rb | 2 | ||||
| -rw-r--r-- | spec/integration/python/pip_spec.rb | 2 | ||||
| -rw-r--r-- | spec/integration/python/pipenv_spec.rb | 2 |
20 files changed, 143 insertions, 16 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b5bdcc9..bee703c 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -2,6 +2,9 @@ # improved performance. variables: DOCKER_DRIVER: overlay2 + GIT_DEPTH: "1" + GIT_STRATEGY: fetch + LATEST_IMAGE: registry.gitlab.com/gitlab-org/security-products/license-management:latest MAJOR: 3 TMP_IMAGE: $CI_REGISTRY_IMAGE/license-finder:$CI_COMMIT_SHA diff --git a/.gitlab/build.yml b/.gitlab/build.yml index 772bde3..6cc7807 100644 --- a/.gitlab/build.yml +++ b/.gitlab/build.yml @@ -1,3 +1,19 @@ +build-conan-pkg: + image: conanio/gcc7 + stage: build + script: + - cd spec/fixtures/c/conan/example-package/ + - conan remote add gitlab $CI_API_V4_URL/packages/conan True + - export ESCAPED_NAMESPACE="${CI_PROJECT_NAMESPACE//\//+}" + - export PACKAGE_NAME=$ESCAPED_NAMESPACE+$CI_PROJECT_NAME/stable + - echo $PACKAGE_NAME + - conan create . "$PACKAGE_NAME" + - conan upload "example/0.1@$PACKAGE_NAME" --all --remote=gitlab + variables: + CONAN_LOGIN_USERNAME: 'ci_user' + CONAN_PASSWORD: $CI_JOB_TOKEN + allow_failure: true + build-docker-image: image: docker:stable interruptible: true @@ -8,8 +24,8 @@ build-docker-image: script: - docker info - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY - - docker pull $CI_REGISTRY_IMAGE:latest || true - - docker build --cache-from $CI_REGISTRY_IMAGE:latest -t $TMP_IMAGE . + - docker pull $LATEST_IMAGE || true + - docker build --cache-from $LATEST_IMAGE -t $TMP_IMAGE . - docker image inspect $TMP_IMAGE --format='{{.Size}}' - docker push $TMP_IMAGE diff --git a/CHANGELOG.md b/CHANGELOG.md index 8a77e58..4a0a129 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # GitLab License management changelog +## v3.11.0 + +- Add support for providing custom [Conan](https://conan.io/) configuration. (!159) + ## v3.10.0 - Add initial support for the [Conan](https://conan.io/) package manger. (!156) diff --git a/Gemfile.lock b/Gemfile.lock index 065233a..a35044f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - license-management (3.10.0) + license-management (3.11.0) license_finder (~> 6.0.0) GEM @@ -5,4 +5,4 @@ set -e cd "$(dirname "$0")/.." ./bin/setup -bundle exec rspec "$@" --format=progress +bundle exec rspec "$@" --format=progress --tag ~environment:offline diff --git a/lib/license/finder/ext/conan.rb b/lib/license/finder/ext/conan.rb index 1369e6a..ca2ee03 100644 --- a/lib/license/finder/ext/conan.rb +++ b/lib/license/finder/ext/conan.rb @@ -7,11 +7,10 @@ module LicenseFinder end def current_packages - Dir.chdir(project_path) do - shell.execute([:conan, :install, '.']) - end stdout, _stderr, status = Dir.chdir(project_path) do - shell.execute([:conan, :info, '-j', '/dev/stdout', '.']) + shell.execute([:conan, :install, '--build=missing', '.'], env: default_env) + shell.execute([:conan, :inspect, '.'], env: default_env) + shell.execute([:conan, :info, '-j', '/dev/stdout', '.'], env: default_env) end return [] unless status.success? @@ -38,5 +37,25 @@ module LicenseFinder def parse(line) JSON.parse(line) end + + def default_env + @default_env ||= { + 'CONAN_CACERT_PATH' => ENV.fetch('CONAN_CACERT_PATH', '/etc/ssl/certs/ca-certificates.crt'), + 'CONAN_LOGGING_LEVEL' => ENV['LOG_LEVEL'], + 'CONAN_LOGIN_USERNAME' => ENV.fetch('CONAN_LOGIN_USERNAME', 'ci_user'), + 'CONAN_LOG_RUN_TO_OUTPUT' => '1', + 'CONAN_NON_INTERACTIVE' => '1', + 'CONAN_PASSWORD' => ENV.fetch('CONAN_PASSWORD', ENV['CI_JOB_TOKEN']), + 'CONAN_PRINT_RUN_COMMANDS' => '1', + 'CONAN_REQUEST_TIMEOUT' => '5', + 'CONAN_RETRY' => '1', + 'CONAN_RETRY_WAIT' => jitter, + 'CONAN_USER_HOME' => Dir.pwd + } + end + + def jitter + rand(5).to_s + end end end diff --git a/lib/license/management/version.rb b/lib/license/management/version.rb index 595ee3a..e53a751 100644 --- a/lib/license/management/version.rb +++ b/lib/license/management/version.rb @@ -2,6 +2,6 @@ module License module Management - VERSION = '3.10.0' + VERSION = '3.11.0' end end diff --git a/spec/fixtures/c/conan/example-package/conanfile.py b/spec/fixtures/c/conan/example-package/conanfile.py new file mode 100644 index 0000000..3e6b7bc --- /dev/null +++ b/spec/fixtures/c/conan/example-package/conanfile.py @@ -0,0 +1,35 @@ +from conans import ConanFile, CMake, tools +import os + + +class ExampleConan(ConanFile): + name = "example" + version = "0.1" + license = "MIT" + author = "<Put your name here> <And your email here>" + url = "<Package recipe repository url here, for issues about the package>" + description = "<Description of Example here>" + topics = ("<Put some tag here>", "<here>", "<and here>") + settings = "os", "compiler", "build_type", "arch" + options = {"shared": [True, False]} + default_options = {"shared": False} + generators = "cmake" + + def source(self): + self.run("git clone --depth=1 --single-branch --branch master https://github.com/conan-io/hello.git") + + def build(self): + cmake = CMake(self) + cmake.configure(source_folder="hello") + cmake.build() + + def package(self): + self.copy("*.h", dst="include", src="hello") + self.copy("*hello.lib", dst="lib", keep_path=False) + self.copy("*.dll", dst="bin", keep_path=False) + self.copy("*.so", dst="lib", keep_path=False) + self.copy("*.dylib", dst="lib", keep_path=False) + self.copy("*.a", dst="lib", keep_path=False) + + def package_info(self): + self.cpp_info.libs = ["example"] diff --git a/spec/fixtures/c/conan/example-project/.conan/.keep b/spec/fixtures/c/conan/example-project/.conan/.keep new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/spec/fixtures/c/conan/example-project/.conan/.keep diff --git a/spec/fixtures/c/conan/example-project/CMakeLists.txt b/spec/fixtures/c/conan/example-project/CMakeLists.txt new file mode 100644 index 0000000..ed046e6 --- /dev/null +++ b/spec/fixtures/c/conan/example-project/CMakeLists.txt @@ -0,0 +1,10 @@ +cmake_minimum_required(VERSION 2.8) +project(example C) + +set(CMAKE_VERBOSE_MAKEFILE FALSE) + +include(${CMAKE_BINARY_DIR}/conanbuildinfo.cmake) +conan_basic_setup() + +add_executable(${PROJECT_NAME} main.c) +target_link_libraries(${PROJECT_NAME} ${CONAN_LIBS}) diff --git a/spec/fixtures/c/conan/example-project/conanfile.txt.erb b/spec/fixtures/c/conan/example-project/conanfile.txt.erb new file mode 100644 index 0000000..e3d275f --- /dev/null +++ b/spec/fixtures/c/conan/example-project/conanfile.txt.erb @@ -0,0 +1,5 @@ +[requires] +example/0.1@<%= package_name %> + +[generators] +cmake diff --git a/spec/fixtures/c/conan/example-project/main.c b/spec/fixtures/c/conan/example-project/main.c new file mode 100644 index 0000000..5e8b15a --- /dev/null +++ b/spec/fixtures/c/conan/example-project/main.c @@ -0,0 +1,6 @@ +#include <hello.h> + +int main() { + hello(); + return 0; +} diff --git a/spec/integration/c/conan_spec.rb b/spec/integration/c/conan_spec.rb index 3c2ac45..cdbf029 100644 --- a/spec/integration/c/conan_spec.rb +++ b/spec/integration/c/conan_spec.rb @@ -61,4 +61,33 @@ RSpec.describe "conan" do specify { expect(subject.licenses_for('protobuf')).to match_array(['BSD-3-Clause']) } specify { expect(subject.licenses_for('protoc_installer')).to match_array(['BSD-3-Clause']) } end + + context "when pulling packages from a custom conan remote" do + subject { runner.scan } + + let(:package_name) { "#{project_namespace.tr('/', '+')}+#{project_name}/stable" } + let(:project_namespace) { ENV.fetch('CI_PROJECT_NAMESPACE', 'gitlab-org/security-products') } + let(:project_name) { ENV.fetch('CI_PROJECT_NAME', 'license-management') } + let(:api_url) { ENV.fetch('CI_API_V4_URL', 'https://gitlab.com/api/v4') } + + before do + runner.mount(dir: fixture_file('c/conan/example-project')) + runner.add_file('conanfile.txt', fixture_file_content('c/conan/example-project/conanfile.txt.erb', package_name: package_name)) + runner.add_file('.conan/remotes.json') do + JSON.pretty_generate({ + remotes: [ + { + name: 'gitlab', + url: "#{api_url}/packages/conan", + verify_ssl: true + } + ] + }) + end + end + + specify { expect(subject).to match_schema } + specify { expect(subject.dependency_names).to match_array(['example']) } + specify { expect(subject.licenses_for('example')).to match_array(['MIT']) } + end end diff --git a/spec/integration/java/gradle_spec.rb b/spec/integration/java/gradle_spec.rb index 25336c1..0e71038 100644 --- a/spec/integration/java/gradle_spec.rb +++ b/spec/integration/java/gradle_spec.rb @@ -49,7 +49,7 @@ plugins { end end - context 'when scanning a project that needs to connect to multiple TLS endpoints with different custom certificate chains' do + context 'when scanning a project that needs to connect to multiple TLS endpoints with different custom certificate chains', environment: 'offline' do subject do runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => fixture_file_content('java/gradle/offline-environment/bundle.crt'), diff --git a/spec/integration/java/maven_spec.rb b/spec/integration/java/maven_spec.rb index fa57752..85637b2 100644 --- a/spec/integration/java/maven_spec.rb +++ b/spec/integration/java/maven_spec.rb @@ -80,7 +80,7 @@ RSpec.describe "maven" do end end - context "when connecting to a custom package registry with a self signed certificate" do + context "when connecting to a custom package registry with a self signed certificate", environment: 'offline' do let(:bundle) { fixture_file_content('java/maven.crt') } let(:report) { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => bundle, 'LOG_LEVEL' => 'debug' }) } diff --git a/spec/integration/js/bower_spec.rb b/spec/integration/js/bower_spec.rb index 5a4f72d..cc7cf9d 100644 --- a/spec/integration/js/bower_spec.rb +++ b/spec/integration/js/bower_spec.rb @@ -24,7 +24,7 @@ RSpec.describe "bower" do specify { expect(subject.licenses_for('stimulus.umd')).to match_array(['unknown']) } end - context "when scanning a bower project with a dependency from a custom npm registry" do + context "when scanning a bower project with a dependency from a custom npm registry", environment: 'offline' do subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => fixture_file_content('js/custom-npm.crt') }) } before do diff --git a/spec/integration/js/npm_spec.rb b/spec/integration/js/npm_spec.rb index 13cbd15..abc6fc0 100644 --- a/spec/integration/js/npm_spec.rb +++ b/spec/integration/js/npm_spec.rb @@ -465,7 +465,7 @@ RSpec.describe "npm" do end end - context "when scanning a project with dependencies sourced from a custom registry" do + context "when scanning a project with dependencies sourced from a custom registry", environment: 'offline' do subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => fixture_file_content('js/custom-npm.crt') }) } before do diff --git a/spec/integration/js/yarn_spec.rb b/spec/integration/js/yarn_spec.rb index a5a9695..bacac47 100644 --- a/spec/integration/js/yarn_spec.rb +++ b/spec/integration/js/yarn_spec.rb @@ -150,7 +150,7 @@ RSpec.describe "yarn" do end end - context "when scanning a project with dependencies sourced from a custom registry" do + context "when scanning a project with dependencies sourced from a custom registry", environment: 'offline' do subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => fixture_file_content('js/custom-npm.crt') }) } before do diff --git a/spec/integration/python/pip_spec.rb b/spec/integration/python/pip_spec.rb index f47bbe6..0ba3d0e 100644 --- a/spec/integration/python/pip_spec.rb +++ b/spec/integration/python/pip_spec.rb @@ -127,7 +127,7 @@ RSpec.describe "pip" do end end - context "when connecting to a private package repository with self signed certificate" do + context "when connecting to a private package repository with self signed certificate", environment: 'offline' do let(:index_url) { "https://#{private_pypi_host}/simple" } let(:bundle) { fixture_file_content('python/pypi.crt') } diff --git a/spec/integration/python/pipenv_spec.rb b/spec/integration/python/pipenv_spec.rb index ccc2585..b95f1fa 100644 --- a/spec/integration/python/pipenv_spec.rb +++ b/spec/integration/python/pipenv_spec.rb @@ -202,7 +202,7 @@ RSpec.describe "pipenv" do end end - context "when connecting to a private package repository with self signed certificate" do + context "when connecting to a private package repository with self signed certificate", environment: 'offline' do let(:index_url) { "https://#{private_pypi_host}/simple" } let(:bundle) { fixture_file_content('python/pypi.crt') } |