chainguard-dev · justinvreeland · Nov 19, 2024
diff --git a/docs/md/melange_convert_gem.md b/docs/md/melange_convert_gem.md
@@ -32,7 +32,7 @@ convert gem fluentd
 ```
       --base-uri-format string   URI to use for querying gems for provided package name (default "https://rubygems.org/api/v1/gems/%s.json")
   -h, --help                     help for gem
-      --ruby-version string      version of ruby to use throughout generated manifests (default "3.2")
+      --ruby-version string      version of ruby to use throughout generated manifests (default "3.3")
 ```
 
 ### Options inherited from parent commands

diff --git a/pkg/convert/gem/gem.go b/pkg/convert/gem/gem.go
@@ -34,7 +34,7 @@ import (
 )
 
 const (
-	DefaultRubyVersion   = "3.2"
+	DefaultRubyVersion   = "3.3"
 	DefaultBaseURIFormat = "https://rubygems.org/api/v1/gems/%s.json"
 )
 
@@ -249,7 +249,7 @@ func (c *GemContext) generatePackage(g GemMeta) config.Package {
 	pkg := config.Package{
 		Epoch:       0,
 		Name:        fmt.Sprintf("ruby%s-%s", c.RubyVersion, g.Name),
-		Description: g.Info,
+		Description: strings.Split(g.Info, "\n")[0],
 		Version:     g.Version,
 		Copyright:   []config.Copyright{},
 		Dependencies: config.Dependencies{
@@ -279,20 +279,12 @@ func (c *GemContext) generateEnvironment() apkotypes.ImageConfiguration {
 				"busybox",
 				"ca-certificates-bundle",
 				"git",
-				fmt.Sprintf("ruby-%s", c.RubyVersion),
-				fmt.Sprintf("ruby-%s-dev", c.RubyVersion),
+				"ruby-${{vars.rubyMM}}",
+				"ruby-${{vars.rubyMM}}-dev",
 			},
 		},
 	}
 
-	if len(c.AdditionalRepositories) > 0 {
-		env.Contents.BuildRepositories = append(env.Contents.BuildRepositories, c.AdditionalRepositories...)
-	}
-
-	if len(c.AdditionalKeyrings) > 0 {
-		env.Contents.Keyring = append(env.Contents.Keyring, c.AdditionalKeyrings...)
-	}
-
 	return env
 }
 
@@ -323,16 +315,10 @@ func (c *GemContext) generatePipeline(ctx context.Context, g GemMeta) []config.P
 			Uses: "fetch",
 			With: map[string]string{
 				"uri":             strings.ReplaceAll(artifactURI, g.Version, "${{package.version}}"),
-				"README":          fmt.Sprintf("CONFIRM WITH: curl -L %s | sha256sum", artifactURI),
 				"expected-sha256": artifactSHA,
 			},
-		}, {
-			Uses: "patch",
-			With: map[string]string{
-				"README":  "This is only required if the gemspec is using a signing key",
-				"patches": "patches/${{package.name}}.patch",
-			},
-		}, {
+		},
+		{
 			Uses: "ruby/build",
 			With: map[string]string{
 				"gem": "${{vars.gem}}",
@@ -382,6 +368,7 @@ func (c *GemContext) getGemArtifactSHA(ctx context.Context, artifactURI string)
 // generateVars handles generating the Vars field of the melange manifest
 func (c *GemContext) generateVars(g GemMeta) map[string]string {
 	return map[string]string{
-		"gem": g.Name,
+		"gem":    g.Name,
+		"rubyMM": "3.3",
 	}
 }
diff --git a/pkg/convert/gem/gem_test.go b/pkg/convert/gem/gem_test.go
@@ -143,10 +143,6 @@ func TestGenerateManifest(t *testing.T) {
 
 	gemctx.RubyVersion = DefaultRubyVersion
 
-	// Add additionalReposities and additionalKeyrings
-	gemctx.AdditionalRepositories = []string{"https://packages.wolfi.dev/os"}
-	gemctx.AdditionalKeyrings = []string{"https://packages.wolfi.dev/os/wolfi-signing.rsa.pub"}
-
 	// Read the gem meta into
 	data, err := os.ReadFile(filepath.Join(gemMetaDir, "async.json"))
 	assert.NoError(t, err)
@@ -171,53 +167,43 @@ func TestGenerateManifest(t *testing.T) {
 	assert.Equal(t, "MIT", got.Package.Copyright[0].License)
 
 	// Check Environment
-	assert.Equal(t, []string{"https://packages.wolfi.dev/os"}, got.Environment.Contents.BuildRepositories)
-	assert.Equal(t, []string{"https://packages.wolfi.dev/os/wolfi-signing.rsa.pub"}, got.Environment.Contents.Keyring)
 	assert.Equal(t, []string{
 		"build-base",
 		"busybox",
 		"ca-certificates-bundle",
 		"git",
-		fmt.Sprintf("ruby-%s", DefaultRubyVersion),
-		fmt.Sprintf("ruby-%s-dev", DefaultRubyVersion),
+		"ruby-${{vars.rubyMM}}",
+		"ruby-${{vars.rubyMM}}-dev",
 	}, got.Environment.Contents.Packages)
 
 	// Check Pipeline
-	assert.Equal(t, 5, len(got.Pipeline))
+	assert.Equal(t, 4, len(got.Pipeline))
 
 	// Check Pipeline - fetch
 	assert.Equal(t, "fetch", got.Pipeline[0].Uses)
 	// NOTE: The sha256 here is the sha256 of the v2.3.1.tar.gz in the testdata/archive
 	//       directory, which is just a tarball of the async.json, not the
 	//       actual artifact. It's simply used for testing.
 	assert.Equal(t, map[string]string{
-		"README":          fmt.Sprintf("CONFIRM WITH: curl -L %s/archive/refs/tags/v2.3.1.tar.gz | sha256sum", server.URL),
 		"expected-sha256": "2481a44fc272b64a4a1775edf57c52b5367c8a07afd7996901d3c57c77542e6c",
 		"uri":             fmt.Sprintf("%s/archive/refs/tags/v${{package.version}}.tar.gz", server.URL),
 	}, got.Pipeline[0].With)
 
-	// Check Pipeline - patch
-	assert.Equal(t, "patch", got.Pipeline[1].Uses)
-	assert.Equal(t, map[string]string{
-		"README":  "This is only required if the gemspec is using a signing key",
-		"patches": "patches/${{package.name}}.patch",
-	}, got.Pipeline[1].With)
-
 	// Check Pipeline - ruby/build
-	assert.Equal(t, "ruby/build", got.Pipeline[2].Uses)
+	assert.Equal(t, "ruby/build", got.Pipeline[1].Uses)
 	assert.Equal(t, map[string]string{
 		"gem": "${{vars.gem}}",
-	}, got.Pipeline[2].With)
+	}, got.Pipeline[1].With)
 
 	// Check Pipeline - ruby/install
-	assert.Equal(t, "ruby/install", got.Pipeline[3].Uses)
+	assert.Equal(t, "ruby/install", got.Pipeline[2].Uses)
 	assert.Equal(t, map[string]string{
 		"gem":     "${{vars.gem}}",
 		"version": "${{package.version}}",
-	}, got.Pipeline[3].With)
+	}, got.Pipeline[2].With)
 
 	// Check Pipeline - ruby/clean
-	assert.Equal(t, "ruby/clean", got.Pipeline[4].Uses)
+	assert.Equal(t, "ruby/clean", got.Pipeline[3].Uses)
 }
 
 // TestGeneratePackage tests when a gem has multiple licenses
@@ -252,29 +238,22 @@ func TestGeneratePackage(t *testing.T) {
 	assert.Equal(t, expected, got)
 }
 
-// TestGenerateEnvironment tests when there are additional keyring and
-// repository entries
 func TestGenerateEnvironment(t *testing.T) {
 	expected := apkotypes.ImageConfiguration{
 		Contents: apkotypes.ImageContents{
-			BuildRepositories: []string{"https://packages.wolfi.dev/os", "local /github/workspace/packages"},
-			Keyring:           []string{"https://packages.wolfi.dev/os/wolfi-signing.rsa.pub", "melange.rsa.pub"},
 			Packages: []string{
 				"build-base",
 				"busybox",
 				"ca-certificates-bundle",
 				"git",
-				fmt.Sprintf("ruby-%s", DefaultRubyVersion),
-				fmt.Sprintf("ruby-%s-dev", DefaultRubyVersion),
+				"ruby-${{vars.rubyMM}}",
+				"ruby-${{vars.rubyMM}}-dev",
 			},
 		},
 	}
 
 	gemctx := testGemContext("unused")
 
-	// Add additionalReposities and additionalKeyrings
-	gemctx.AdditionalRepositories = []string{"https://packages.wolfi.dev/os", "local /github/workspace/packages"}
-	gemctx.AdditionalKeyrings = []string{"https://packages.wolfi.dev/os/wolfi-signing.rsa.pub", "melange.rsa.pub"}
 	gemctx.RubyVersion = DefaultRubyVersion
 
 	got := gemctx.generateEnvironment()