From f26b03cb78dcab1135ac7626f55a3c3e985db576 Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Thu, 26 Oct 2023 16:29:50 +0100 Subject: [PATCH 1/5] test(pre-commit): update `pre-commit` hooks --- .pre-commit-config.yaml | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 1299a84d..2b961722 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -24,13 +24,9 @@ repos: name: Check commit message using commitlint description: Lint commit message against @commitlint/config-conventional rules stages: [commit-msg] - additional_dependencies: ['@commitlint/config-conventional@8.3.4'] - - id: commitlint-travis - stages: [manual] - additional_dependencies: ['@commitlint/config-conventional@8.3.4'] - always_run: true + additional_dependencies: ['@commitlint/config-conventional@17.1.0'] - repo: https://github.com/rubocop-hq/rubocop - rev: v1.30.1 + rev: v1.57.0 hooks: - id: rubocop name: Check Ruby files with rubocop @@ -38,14 +34,14 @@ repos: always_run: true pass_filenames: false - repo: https://github.com/shellcheck-py/shellcheck-py - rev: v0.8.0.4 + rev: v0.9.0.6 hooks: - id: shellcheck name: Check shell scripts with shellcheck files: ^.*\.(sh|bash|ksh)$ types: [] - repo: https://github.com/adrienverge/yamllint - rev: v1.26.3 + rev: v1.32.0 hooks: - id: yamllint name: Check YAML syntax with yamllint @@ -53,17 +49,18 @@ repos: always_run: true pass_filenames: false - repo: https://github.com/warpnet/salt-lint - rev: v0.8.0 + rev: v0.9.2 hooks: - id: salt-lint name: Check Salt files using salt-lint files: ^.*\.(sls|jinja|j2|tmpl|tst)$ - repo: https://github.com/myint/rstcheck - rev: 3f929574 + rev: v6.2.0 hooks: - id: rstcheck name: Check reST files using rstcheck exclude: 'docs/CHANGELOG.rst' + additional_dependencies: [sphinx==7.2.6] - repo: https://github.com/saltstack-formulas/mirrors-rst-lint rev: v1.3.2 hooks: @@ -74,4 +71,4 @@ repos: docs/CHANGELOG.rst| docs/TOFS_pattern.rst| )$ - additional_dependencies: [pygments==2.9.0] + additional_dependencies: [pygments==2.16.1] From e121b49942255202b068f903afec7a3d924383ba Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Thu, 26 Oct 2023 16:48:46 +0100 Subject: [PATCH 2/5] ci: update the container images --- .gitlab-ci.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 8047e7bc..2fbb55c6 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -14,10 +14,8 @@ stage_test: &stage_test 'test' # `image` image_commitlint: &image_commitlint 'myii/ssf-commitlint:11' - image_dindruby: &image_dindruby 'myii/ssf-dind-ruby:2.7.1-r3' - image_precommit: &image_precommit - name: 'myii/ssf-pre-commit:2.9.2' - entrypoint: ['/bin/bash', '-c'] + image_dindruby: &image_dindruby 'dafyddj/ci-dind-python-ruby:2.0.0' + image_precommit: &image_precommit 'dafyddj/ci-pre-commit:2.0.2' image_rubocop: &image_rubocop 'pipelinecomponents/rubocop:latest' image_semantic-release: &image_semanticrelease 'myii/ssf-semantic-release:15.14' # `services` From 037b529a344fa9b0a59e7225504a7494c341bd3b Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Thu, 26 Oct 2023 19:50:38 +0100 Subject: [PATCH 3/5] chore(gemfile.lock): update to latest gem versions for 2023-W43 --- Gemfile | 3 + Gemfile.lock | 442 ++++++++++++++++++++++++++++----------------------- 2 files changed, 247 insertions(+), 198 deletions(-) diff --git a/Gemfile b/Gemfile index f4192913..6c3a9916 100644 --- a/Gemfile +++ b/Gemfile @@ -18,6 +18,9 @@ gem 'kitchen-docker', git: 'https://gitlab.com/saltstack-formulas/infrastructure gem 'kitchen-inspec', '>= 2.5.0' gem 'kitchen-salt', '>= 0.7.2' +# Avoid the error 'pkeys are immutable on OpenSSL 3.0' +gem 'net-ssh', '>= 7.0.0' + group :vagrant do gem 'kitchen-vagrant' end diff --git a/Gemfile.lock b/Gemfile.lock index 79083eba..33ea15db 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,24 +1,26 @@ GIT remote: https://gitlab.com/saltstack-formulas/infrastructure/inspec - revision: aaef842906a5666f0fc0b4f186b4dd3498f5b28c + revision: a0c6295303f7d7a4d2a6164b5e77868560b04945 branch: ssf specs: - inspec (5.18.15) + inspec (5.21.15) cookstyle faraday_middleware (>= 0.12.2, < 1.1) - inspec-core (= 5.18.15) + inspec-core (= 5.21.15) mongo (= 2.13.2) progress_bar (~> 1.3.3) rake + roo (~> 2.9.0) + roo-xls train (~> 3.10) train-aws (~> 0.2) train-habitat (~> 0.1) train-winrm (~> 0.2) - inspec-core (5.18.15) + inspec-core (5.21.15) addressable (~> 2.4) chef-telemetry (~> 1.0, >= 1.0.8) - faraday (>= 0.9.0, < 1.5) - faraday_middleware (~> 1.0) + faraday (>= 1, < 3) + faraday-follow_redirects (~> 0.3) hashie (>= 3.4, < 5.0) license-acceptance (>= 0.2.13, < 3.0) method_source (>= 0.8, < 2.0) @@ -40,213 +42,221 @@ GIT GIT remote: https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker - revision: 9a09bc1e571e25f3ccabf4725ca2048d970fff82 + revision: 104079a1d2fe34f5b076f4d316f6f837fa76e412 branch: ssf specs: - kitchen-docker (2.12.0) + kitchen-docker (2.13.0) test-kitchen (>= 1.0.0) GEM remote: https://rubygems.org/ specs: - activesupport (7.0.3.1) + activesupport (7.1.1) + base64 + bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) + connection_pool (>= 2.2.5) + drb i18n (>= 1.6, < 2) minitest (>= 5.1) + mutex_m tzinfo (~> 2.0) - addressable (2.8.0) - public_suffix (>= 2.0.2, < 5.0) + addressable (2.8.5) + public_suffix (>= 2.0.2, < 6.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.607.0) - aws-sdk-alexaforbusiness (1.56.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-partitions (1.841.0) + aws-sdk-account (1.18.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-alexaforbusiness (1.65.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) aws-sdk-amplify (1.32.0) aws-sdk-core (~> 3, >= 3.120.0) aws-sigv4 (~> 1.1) - aws-sdk-apigateway (1.78.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-apigateway (1.88.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-apigatewayv2 (1.42.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-apigatewayv2 (1.51.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) aws-sdk-applicationautoscaling (1.51.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-athena (1.55.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-athena (1.75.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-autoscaling (1.63.0) - aws-sdk-core (~> 3, >= 3.112.0) + aws-sdk-autoscaling (1.92.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-batch (1.47.0) - aws-sdk-core (~> 3, >= 3.112.0) + aws-sdk-batch (1.73.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-budgets (1.50.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-budgets (1.60.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudformation (1.70.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-cloudformation (1.91.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudfront (1.65.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-cloudfront (1.83.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudhsm (1.39.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-cloudhsm (1.48.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudhsmv2 (1.42.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-cloudhsmv2 (1.51.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudtrail (1.49.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-cloudtrail (1.69.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudwatch (1.64.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-cloudwatch (1.81.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudwatchevents (1.46.0) - aws-sdk-core (~> 3, >= 3.112.0) + aws-sdk-cloudwatchevents (1.62.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudwatchlogs (1.53.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-cloudwatchlogs (1.71.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-codecommit (1.51.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-codecommit (1.60.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-codedeploy (1.49.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-codedeploy (1.60.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-codepipeline (1.53.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-codepipeline (1.64.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-cognitoidentity (1.31.0) - aws-sdk-core (~> 3, >= 3.112.0) + aws-sdk-cognitoidentity (1.45.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-cognitoidentityprovider (1.53.0) - aws-sdk-core (~> 3, >= 3.112.0) + aws-sdk-cognitoidentityprovider (1.76.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-configservice (1.79.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-configservice (1.99.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.131.2) + aws-sdk-core (3.185.1) aws-eventstream (~> 1, >= 1.0.2) - aws-partitions (~> 1, >= 1.525.0) - aws-sigv4 (~> 1.1) + aws-partitions (~> 1, >= 1.651.0) + aws-sigv4 (~> 1.5) jmespath (~> 1, >= 1.6.1) - aws-sdk-costandusagereportservice (1.40.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-costandusagereportservice (1.50.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-databasemigrationservice (1.53.0) - aws-sdk-core (~> 3, >= 3.112.0) + aws-sdk-databasemigrationservice (1.80.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-dynamodb (1.75.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-dynamodb (1.96.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-ec2 (1.322.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-ec2 (1.415.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-ecr (1.56.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-ecr (1.65.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-ecrpublic (1.12.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-ecrpublic (1.23.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-ecs (1.100.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-ecs (1.131.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-efs (1.54.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-efs (1.67.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-eks (1.75.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-eks (1.91.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticache (1.78.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-elasticache (1.92.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticbeanstalk (1.51.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-elasticbeanstalk (1.61.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticloadbalancing (1.40.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-elasticloadbalancing (1.49.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticloadbalancingv2 (1.78.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-elasticloadbalancingv2 (1.93.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticsearchservice (1.65.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-elasticsearchservice (1.77.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) aws-sdk-emr (1.53.0) aws-sdk-core (~> 3, >= 3.121.2) aws-sigv4 (~> 1.1) - aws-sdk-eventbridge (1.24.0) - aws-sdk-core (~> 3, >= 3.112.0) + aws-sdk-eventbridge (1.46.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-firehose (1.48.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-firehose (1.58.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-glue (1.88.0) - aws-sdk-core (~> 3, >= 3.112.0) + aws-sdk-glue (1.145.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-guardduty (1.58.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-guardduty (1.81.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-iam (1.69.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-iam (1.89.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-kafka (1.50.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-kafka (1.64.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-kinesis (1.41.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-kinesis (1.52.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-kms (1.57.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-kms (1.72.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-lambda (1.84.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-lambda (1.106.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) aws-sdk-mq (1.40.0) aws-sdk-core (~> 3, >= 3.120.0) aws-sigv4 (~> 1.1) - aws-sdk-networkfirewall (1.17.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-networkfirewall (1.35.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-networkmanager (1.24.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-networkmanager (1.38.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-organizations (1.59.0) - aws-sdk-core (~> 3, >= 3.112.0) + aws-sdk-organizations (1.77.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) aws-sdk-ram (1.26.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-rds (1.148.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-rds (1.198.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-redshift (1.84.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-redshift (1.99.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-route53 (1.63.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-route53 (1.80.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-route53domains (1.40.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-route53domains (1.52.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-route53resolver (1.37.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-route53resolver (1.49.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.114.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-s3 (1.136.0) + aws-sdk-core (~> 3, >= 3.181.0) aws-sdk-kms (~> 1) - aws-sigv4 (~> 1.4) + aws-sigv4 (~> 1.6) aws-sdk-s3control (1.43.0) aws-sdk-core (~> 3, >= 3.122.0) aws-sigv4 (~> 1.1) aws-sdk-secretsmanager (1.46.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-securityhub (1.67.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-securityhub (1.94.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) aws-sdk-servicecatalog (1.60.0) aws-sdk-core (~> 3, >= 3.112.0) @@ -254,8 +264,8 @@ GEM aws-sdk-ses (1.41.0) aws-sdk-core (~> 3, >= 3.120.0) aws-sigv4 (~> 1.1) - aws-sdk-shield (1.48.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-shield (1.58.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) aws-sdk-signer (1.32.0) aws-sdk-core (~> 3, >= 3.120.0) @@ -263,17 +273,17 @@ GEM aws-sdk-simpledb (1.29.0) aws-sdk-core (~> 3, >= 3.120.0) aws-sigv2 (~> 1.0) - aws-sdk-sms (1.40.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-sms (1.50.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-sns (1.53.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-sns (1.67.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-sqs (1.51.1) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-sqs (1.64.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-ssm (1.137.0) - aws-sdk-core (~> 3, >= 3.127.0) + aws-sdk-ssm (1.159.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) aws-sdk-states (1.39.0) aws-sdk-core (~> 3, >= 3.112.0) @@ -281,14 +291,14 @@ GEM aws-sdk-synthetics (1.19.0) aws-sdk-core (~> 3, >= 3.121.2) aws-sigv4 (~> 1.1) - aws-sdk-transfer (1.34.0) - aws-sdk-core (~> 3, >= 3.112.0) + aws-sdk-transfer (1.73.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) aws-sdk-waf (1.43.0) aws-sdk-core (~> 3, >= 3.122.0) aws-sigv4 (~> 1.1) aws-sigv2 (1.1.0) - aws-sigv4 (1.5.0) + aws-sigv4 (1.6.1) aws-eventstream (~> 1, >= 1.0.2) azure_graph_rbac (0.17.2) ms_rest_azure (~> 0.12.0) @@ -300,12 +310,14 @@ GEM ms_rest_azure (~> 0.12.0) azure_mgmt_storage (0.23.0) ms_rest_azure (~> 0.12.0) + base64 (0.1.1) bcrypt_pbkdf (1.1.0) + bigdecimal (3.1.4) bson (4.15.0) builder (3.2.4) - chef-config (17.10.0) + chef-config (18.3.0) addressable - chef-utils (= 17.10.0) + chef-utils (= 18.3.0) fuzzyurl mixlib-config (>= 2.2.12, < 4.0) mixlib-shellout (>= 2.0, < 4.0) @@ -313,11 +325,12 @@ GEM chef-telemetry (1.1.1) chef-config concurrent-ruby (~> 1.0) - chef-utils (17.10.0) + chef-utils (18.3.0) concurrent-ruby coderay (1.1.3) - concurrent-ruby (1.1.10) - cookstyle (7.32.1) + concurrent-ruby (1.2.2) + connection_pool (2.4.1) + cookstyle (7.32.2) rubocop (= 1.25.1) declarative (0.0.20) diff-lcs (1.5.0) @@ -326,16 +339,22 @@ GEM multi_json domain_name (0.5.20190701) unf (>= 0.0.5, < 1.0.0) + drb (2.1.1) + ruby2_keywords ed25519 (1.3.0) - erubi (1.10.0) - excon (0.92.3) - faraday (1.4.3) + erubi (1.12.0) + excon (0.104.0) + faraday (1.10.3) faraday-em_http (~> 1.0) faraday-em_synchrony (~> 1.0) faraday-excon (~> 1.1) + faraday-httpclient (~> 1.0) + faraday-multipart (~> 1.0) faraday-net_http (~> 1.0) - faraday-net_http_persistent (~> 1.1) - multipart-post (>= 1.2, < 3) + faraday-net_http_persistent (~> 1.0) + faraday-patron (~> 1.0) + faraday-rack (~> 1.0) + faraday-retry (~> 1.0) ruby2_keywords (>= 0.0.4) faraday-cookie_jar (0.0.7) faraday (>= 0.8.0) @@ -343,11 +362,19 @@ GEM faraday-em_http (1.0.0) faraday-em_synchrony (1.0.0) faraday-excon (1.1.0) + faraday-follow_redirects (0.3.0) + faraday (>= 1, < 3) + faraday-httpclient (1.0.1) + faraday-multipart (1.0.4) + multipart-post (~> 2) faraday-net_http (1.0.1) faraday-net_http_persistent (1.2.0) + faraday-patron (1.0.0) + faraday-rack (1.0.0) + faraday-retry (1.0.3) faraday_middleware (1.0.0) faraday (~> 1.0) - ffi (1.15.5) + ffi (1.16.3) fuzzyurl (0.9.0) google-api-client (0.52.0) addressable (~> 2.5, >= 2.5.1) @@ -371,24 +398,24 @@ GEM builder (>= 2.1.2) rexml (~> 3.0) hashie (4.1.0) - highline (2.0.3) + highline (2.1.0) http-cookie (1.0.5) domain_name (~> 0.5) httpclient (2.8.3) - i18n (1.12.0) + i18n (1.14.1) concurrent-ruby (~> 1.0) inifile (3.0.0) - jmespath (1.6.1) - json (2.6.2) - jwt (2.4.1) - kitchen-inspec (2.6.1) + jmespath (1.6.2) + json (2.6.3) + jwt (2.7.1) + kitchen-inspec (2.6.2) hashie (>= 3.4, <= 5.0) - inspec (>= 2.2.64, < 7.0) + inspec (>= 2.2.64, < 6.0) test-kitchen (>= 2.7, < 4) kitchen-salt (0.7.2) hashie (>= 3.5) test-kitchen (>= 1.4) - kitchen-vagrant (1.12.0) + kitchen-vagrant (1.14.1) test-kitchen (>= 1.4, < 4) license-acceptance (2.1.13) pastel (~> 0.7) @@ -401,11 +428,12 @@ GEM multi_json (~> 1.14) memoist (0.16.2) method_source (1.0.0) - mini_mime (1.1.2) - minitest (5.16.2) + mini_mime (1.1.5) + mini_portile2 (2.8.5) + minitest (5.20.0) mixlib-config (3.0.27) tomlrb - mixlib-install (3.12.19) + mixlib-install (3.12.28) mixlib-shellout mixlib-versioning thor @@ -425,53 +453,66 @@ GEM faraday-cookie_jar (~> 0.0.6) ms_rest (~> 0.7.6) multi_json (1.15.0) - multipart-post (2.2.3) - net-scp (3.0.0) - net-ssh (>= 2.6.5, < 7.0.0) - net-ssh (6.1.0) + multipart-post (2.3.0) + mutex_m (0.1.2) + net-scp (4.0.0) + net-ssh (>= 2.6.5, < 8.0.0) + net-ssh (7.2.0) net-ssh-gateway (2.0.0) net-ssh (>= 4.0.0) + nokogiri (1.15.4) + mini_portile2 (~> 2.8.2) + racc (~> 1.4) nori (2.6.0) options (2.3.2) os (1.1.4) - parallel (1.22.1) - parser (3.1.2.0) + parallel (1.23.0) + parser (3.2.2.4) ast (~> 2.4.1) + racc parslet (1.8.2) pastel (0.8.0) tty-color (~> 0.5) progress_bar (1.3.3) highline (>= 1.6, < 3) options (~> 2.3.0) - pry (0.14.1) + pry (0.14.2) coderay (~> 1.1) method_source (~> 1.0) - public_suffix (4.0.7) + public_suffix (5.0.3) + racc (1.7.1) rainbow (3.1.1) rake (13.0.6) - regexp_parser (2.5.0) + regexp_parser (2.8.2) representable (3.2.0) declarative (< 0.1.0) trailblazer-option (>= 0.1.1, < 0.2.0) uber (< 0.2.0) retriable (3.1.2) - rexml (3.2.5) + rexml (3.2.6) + roo (2.9.0) + nokogiri (~> 1) + rubyzip (>= 1.3.0, < 3.0.0) + roo-xls (1.2.0) + nokogiri + roo (>= 2.0.0, < 3) + spreadsheet (> 0.9.0) rspec (3.11.0) rspec-core (~> 3.11.0) rspec-expectations (~> 3.11.0) rspec-mocks (~> 3.11.0) rspec-core (3.11.0) rspec-support (~> 3.11.0) - rspec-expectations (3.11.0) + rspec-expectations (3.11.1) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.11.0) rspec-its (1.3.0) rspec-core (>= 3.0.0) rspec-expectations (>= 3.0.0) - rspec-mocks (3.11.1) + rspec-mocks (3.11.2) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.11.0) - rspec-support (3.11.0) + rspec-support (3.11.1) rubocop (1.25.1) parallel (~> 1.10) parser (>= 3.1.0.0) @@ -481,43 +522,46 @@ GEM rubocop-ast (>= 1.15.1, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 3.0) - rubocop-ast (1.19.1) - parser (>= 3.1.1.0) - ruby-progressbar (1.11.0) + rubocop-ast (1.30.0) + parser (>= 3.2.1.0) + ruby-ole (1.2.12.2) + ruby-progressbar (1.13.0) ruby2_keywords (0.0.5) rubyntlm (0.6.3) rubyzip (2.3.2) semverse (3.0.2) - signet (0.17.0) + signet (0.18.0) addressable (~> 2.8) faraday (>= 0.17.5, < 3.a) jwt (>= 1.5, < 3.0) multi_json (~> 1.10) + spreadsheet (1.3.0) + ruby-ole sslshake (1.3.1) strings (0.2.1) strings-ansi (~> 0.2) unicode-display_width (>= 1.5, < 3.0) unicode_utils (~> 1.4) strings-ansi (0.2.0) - test-kitchen (3.3.1) + test-kitchen (3.5.0) bcrypt_pbkdf (~> 1.0) chef-utils (>= 16.4.35) ed25519 (~> 1.2) license-acceptance (>= 1.0.11, < 3.0) mixlib-install (~> 3.6) mixlib-shellout (>= 1.2, < 4.0) - net-scp (>= 1.1, < 4.0) - net-ssh (>= 2.9, < 7.0) + net-scp (>= 1.1, < 5.0) + net-ssh (>= 2.9, < 8.0) net-ssh-gateway (>= 1.2, < 3.0) thor (>= 0.19, < 2.0) winrm (~> 2.0) winrm-elevated (~> 1.0) winrm-fs (~> 1.1) - thor (1.2.1) + thor (1.3.0) timeliness (0.3.10) tomlrb (1.3.0) trailblazer-option (0.1.2) - train (3.10.1) + train (3.10.8) activesupport (>= 6.0.3.1) azure_graph_rbac (~> 0.16) azure_mgmt_key_vault (~> 0.17) @@ -528,17 +572,18 @@ GEM google-api-client (>= 0.23.9, <= 0.52.0) googleauth (>= 0.6.6, <= 0.14.0) inifile (~> 3.0) - train-core (= 3.10.1) + train-core (= 3.10.8) train-winrm (~> 0.2) - train-aws (0.2.24) + train-aws (0.2.36) + aws-sdk-account (~> 1.14) aws-sdk-alexaforbusiness (~> 1.0) aws-sdk-amplify (~> 1.32.0) aws-sdk-apigateway (~> 1.0) aws-sdk-apigatewayv2 (~> 1.0) aws-sdk-applicationautoscaling (>= 1.46, < 1.52) aws-sdk-athena (~> 1.0) - aws-sdk-autoscaling (>= 1.22, < 1.64) - aws-sdk-batch (>= 1.36, < 1.48) + aws-sdk-autoscaling (>= 1.22, < 1.93) + aws-sdk-batch (>= 1.36, < 1.74) aws-sdk-budgets (~> 1.0) aws-sdk-cloudformation (~> 1.0) aws-sdk-cloudfront (~> 1.0) @@ -546,17 +591,17 @@ GEM aws-sdk-cloudhsmv2 (~> 1.0) aws-sdk-cloudtrail (~> 1.8) aws-sdk-cloudwatch (~> 1.13) - aws-sdk-cloudwatchevents (>= 1.36, < 1.47) + aws-sdk-cloudwatchevents (>= 1.36, < 1.63) aws-sdk-cloudwatchlogs (~> 1.13) aws-sdk-codecommit (~> 1.0) aws-sdk-codedeploy (~> 1.0) aws-sdk-codepipeline (~> 1.0) - aws-sdk-cognitoidentity (>= 1.26, < 1.32) - aws-sdk-cognitoidentityprovider (>= 1.46, < 1.54) + aws-sdk-cognitoidentity (>= 1.26, < 1.46) + aws-sdk-cognitoidentityprovider (>= 1.46, < 1.77) aws-sdk-configservice (~> 1.21) aws-sdk-core (~> 3.0) aws-sdk-costandusagereportservice (~> 1.6) - aws-sdk-databasemigrationservice (>= 1.42, < 1.54) + aws-sdk-databasemigrationservice (>= 1.42, < 1.81) aws-sdk-dynamodb (~> 1.31) aws-sdk-ec2 (~> 1.70) aws-sdk-ecr (~> 1.18) @@ -570,9 +615,9 @@ GEM aws-sdk-elasticloadbalancingv2 (~> 1.0) aws-sdk-elasticsearchservice (~> 1.0) aws-sdk-emr (~> 1.53.0) - aws-sdk-eventbridge (~> 1.24.0) + aws-sdk-eventbridge (>= 1.24, < 1.47) aws-sdk-firehose (~> 1.0) - aws-sdk-glue (>= 1.71, < 1.89) + aws-sdk-glue (>= 1.71, < 1.146) aws-sdk-guardduty (~> 1.31) aws-sdk-iam (~> 1.13) aws-sdk-kafka (~> 1.0) @@ -582,7 +627,7 @@ GEM aws-sdk-mq (~> 1.40.0) aws-sdk-networkfirewall (>= 1.6.0) aws-sdk-networkmanager (>= 1.13.0) - aws-sdk-organizations (>= 1.17, < 1.60) + aws-sdk-organizations (>= 1.17, < 1.78) aws-sdk-ram (>= 1.21, < 1.27) aws-sdk-rds (~> 1.43) aws-sdk-redshift (~> 1.0) @@ -604,15 +649,15 @@ GEM aws-sdk-ssm (~> 1.0) aws-sdk-states (>= 1.35, < 1.40) aws-sdk-synthetics (~> 1.19.0) - aws-sdk-transfer (>= 1.26, < 1.35) + aws-sdk-transfer (>= 1.26, < 1.74) aws-sdk-waf (~> 1.43.0) - train-core (3.10.1) + train-core (3.10.8) addressable (~> 2.5) ffi (!= 1.13.0) json (>= 1.8, < 3.0) mixlib-shellout (>= 2.0, < 4.0) - net-scp (>= 1.2, < 4.0) - net-ssh (>= 2.9, < 7.0) + net-scp (>= 1.2, < 5.0) + net-ssh (>= 2.9, < 8.0) train-habitat (0.2.22) train-winrm (0.2.13) winrm (>= 2.3.6, < 3.0) @@ -636,13 +681,13 @@ GEM pastel (~> 0.8) strings (~> 0.2.0) tty-screen (~> 0.8) - tzinfo (2.0.4) + tzinfo (2.0.6) concurrent-ruby (~> 1.0) uber (0.1.0) unf (0.1.4) unf_ext unf_ext (0.0.8.2) - unicode-display_width (2.2.0) + unicode-display_width (2.5.0) unicode_utils (1.4.0) winrm (2.3.6) builder (>= 2.1.2) @@ -673,6 +718,7 @@ DEPENDENCIES kitchen-inspec (>= 2.5.0) kitchen-salt (>= 0.7.2) kitchen-vagrant + net-ssh (>= 7.0.0) BUNDLED WITH 2.1.2 From be66375cb71cd0d205be01d33c451e0264a34dbf Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Fri, 10 Nov 2023 14:38:19 +0000 Subject: [PATCH 4/5] test(pre-commit): switch to using `pre-commit`'s built-in file filtering * only run `yamllint` when relevant files have changed * avoids having to exclude files/dirs not tracked by Git e.g. .kitchen/, .bundle/ etc. * avoids a `yamllint` bug whereby pillar files under `test/` were not checked due to a conflicting `ignore` entry --- .pre-commit-config.yaml | 30 +++++++++++++++++++++++++++--- .yamllint | 31 ------------------------------- 2 files changed, 27 insertions(+), 34 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2b961722..12a5225b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -45,9 +45,33 @@ repos: hooks: - id: yamllint name: Check YAML syntax with yamllint - args: [--strict, '.'] - always_run: true - pass_filenames: false + args: [--strict] + types: [file] + # Files to include + # 1. Obvious YAML files + # 2. `pillar.example` and similar files + # 3. SLS files under directory `test/` which are pillar files + # Files to exclude + # 1. SLS files under directory `test/` which are state files + # 2. `kitchen.vagrant.yml`, which contains Embedded Ruby (ERB) template syntax + # 3. YAML files heavily reliant on Jinja + files: | + (?x)^( + .*\.yaml| + .*\.yml| + \.salt-lint| + \.yamllint| + .*\.example| + test/.*\.sls + )$ + exclude: | + (?x)^( + kitchen.vagrant.yml| + test/.*/states/.*\.sls| + salt/osfamilymap.yaml| + salt/osmap.yaml| + salt/osfingermap.yaml + )$ - repo: https://github.com/warpnet/salt-lint rev: v0.9.2 hooks: diff --git a/.yamllint b/.yamllint index ada644b8..b4087884 100644 --- a/.yamllint +++ b/.yamllint @@ -4,37 +4,6 @@ # Extend the `default` configuration provided by `yamllint` extends: 'default' -# Files to ignore completely -# 1. All YAML files under directory `.bundle/`, introduced if gems are installed locally -# 2. All YAML files under directory `.cache/`, introduced during the CI run -# 3. All YAML files under directory `.git/` -# 4. All YAML files under directory `node_modules/`, introduced during the CI run -# 5. Any SLS files under directory `test/`, which are actually state files -# 6. Any YAML files under directory `.kitchen/`, introduced during local testing -# 7. `kitchen.vagrant.yml`, which contains Embedded Ruby (ERB) template syntax -# 8. All YAML files heavily reliant on Jinja; these can be tackled in a subsequent PR -ignore: | - .bundle/ - .cache/ - .git/ - node_modules/ - test/**/states/**/*.sls - .kitchen/ - kitchen.vagrant.yml - salt/osfamilymap.yaml - salt/osmap.yaml - salt/osfingermap.yaml - -yaml-files: - # Default settings - - '*.yaml' - - '*.yml' - - .salt-lint - - .yamllint - # SaltStack Formulas additional settings - - '*.example' - - test/**/*.sls - rules: empty-values: forbid-in-block-mappings: true From ad0980897b9d6fed4121a17afa8e8490be0ae110 Mon Sep 17 00:00:00 2001 From: Dafydd Jones Date: Mon, 4 Dec 2023 21:00:06 +0000 Subject: [PATCH 5/5] ci: update container images --- .gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 2fbb55c6..e2e35e09 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -14,8 +14,8 @@ stage_test: &stage_test 'test' # `image` image_commitlint: &image_commitlint 'myii/ssf-commitlint:11' - image_dindruby: &image_dindruby 'dafyddj/ci-dind-python-ruby:2.0.0' - image_precommit: &image_precommit 'dafyddj/ci-pre-commit:2.0.2' + image_dindruby: &image_dindruby 'dafyddj/ci-dind-python-ruby:2.0.2' + image_precommit: &image_precommit 'dafyddj/ci-pre-commit:2.1.0' image_rubocop: &image_rubocop 'pipelinecomponents/rubocop:latest' image_semantic-release: &image_semanticrelease 'myii/ssf-semantic-release:15.14' # `services`