diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..c9d702a --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,13 @@ +--- +version: 2 +updates: + - package-ecosystem: "bundler" + directory: "/" + schedule: + interval: "weekly" + commit-message: + prefix: "gems" + labels: ["dependabot"] + open-pull-requests-limit: 10 + pull-request-branch-name: + separator: "-" diff --git a/.github/renovate.json5 b/.github/renovate.json5 index 609e6a1..48f427e 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -1,6 +1,6 @@ { extends: [ - "config:base", + "config:recommended", ":dependencyDashboard", ":prHourlyLimitNone", ":prConcurrentLimitNone", @@ -20,6 +20,13 @@ matchManagers: ["bundler"], enabled: false, }, + // Only quarter update since noisy/stable tools + { + matchPackageNames: [ + "aquasecurity/trivy", + ], + schedule: ["* 0-8 1 */3 *"], + }, // Commit message formats { matchDatasources: ["docker"], @@ -30,9 +37,10 @@ commitMessagePrefix: "ci: ", }, ], - regexManagers: [ + customManagers: [ { - fileMatch: ["\.rb$", "^Rakefile$"], + customType: "regex", + managerFilePatterns: ["/.rb$/", "/^Rakefile$/"], matchStrings: [ "renovate: datasource=(?.*?) depName=(?.*?)\\s.*_version = '(?.*)'\\s" ] diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 25ee034..e9e58da 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -11,7 +11,7 @@ jobs: release-dockerimage: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Extract dyndnsd version from tag name run: | @@ -42,7 +42,7 @@ jobs: password: ${{ secrets.DOCKER_TOKEN }} - name: Build and push Docker image for dyndnsd ${{ env.DYNDNSD_VERSION }} - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: docker build-args: | diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 509f13f..5b3724b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,12 +18,12 @@ jobs: fail-fast: false matrix: ruby-version: - - '3.0' - '3.1' - '3.2' - '3.3' + - '3.4' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Set up Ruby ${{ matrix.ruby-version }} uses: ruby/setup-ruby@v1 with: @@ -37,9 +37,19 @@ jobs: actionlint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Check workflow files run: | echo "::add-matcher::.github/actionlint-matcher.json" bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) ./actionlint + + renovate-config-validator: + runs-on: ubuntu-latest + container: + image: ghcr.io/renovatebot/renovate + options: --user root + steps: + - uses: actions/checkout@v5 + - name: Check Renovate config + run: renovate-config-validator --strict diff --git a/.rubocop.yml b/.rubocop.yml index 65a45cf..ff4533e 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,4 +1,4 @@ -require: +plugins: - rubocop-rake - rubocop-rspec diff --git a/CHANGELOG.md b/CHANGELOG.md index e935b3e..3ba8350 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ # Changelog +## 3.11.0 + +IMPROVEMENTS: + +- add Ruby 3.4 support + ## 3.10.0 (January 18th, 2024) IMPROVEMENTS: diff --git a/README.md b/README.md index 62f9a19..2e7b1bd 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # dyndnsd.rb -![ci](https://github.com/cmur2/dyndnsd/workflows/ci/badge.svg) [![Dependencies](https://badges.depfu.com/badges/4f25da8493f7a29f652ac892fbf9227b/overview.svg)](https://depfu.com/github/cmur2/dyndnsd) +![ci](https://github.com/cmur2/dyndnsd/workflows/ci/badge.svg) A small, lightweight and extensible DynDNS server written with Ruby and Rack. diff --git a/Rakefile b/Rakefile index 1b53147..6fbda5b 100644 --- a/Rakefile +++ b/Rakefile @@ -3,11 +3,9 @@ require 'bundler/gem_tasks' require 'rspec/core/rake_task' require 'rubocop/rake_task' -require 'bundler/audit/task' RSpec::Core::RakeTask.new(:spec) RuboCop::RakeTask.new -Bundler::Audit::Task.new desc 'Run experimental solargraph type checker' task :solargraph do @@ -15,10 +13,10 @@ task :solargraph do end # renovate: datasource=github-tags depName=hadolint/hadolint -hadolint_version = 'v2.12.0' +hadolint_version = 'v2.14.0' # renovate: datasource=github-tags depName=aquasecurity/trivy -trivy_version = 'v0.48.3' +trivy_version = 'v0.61.0' namespace :docker do ci_image = 'cmur2/dyndnsd:ci' @@ -50,7 +48,7 @@ namespace :docker do chmod a+w e2e/db.json SCRIPT sh "docker run -d --name=dyndnsd-ci -v $(pwd)/e2e:/etc/dyndnsd -p 8080:8080 -p 5353:5353 #{ci_image}" - sh 'sleep 1' + sh 'sleep 5' puts '----------------------------------------' # `dig` needs `sudo apt-get install -y -q dnsutils` sh <<~SCRIPT @@ -68,7 +66,14 @@ namespace :docker do end end -task default: [:rubocop, :spec, 'bundle:audit', :solargraph] +namespace :bundle do + desc 'Check for vulnerabilities with bundler-audit' + task :audit do + sh 'bundler-audit check --ignore GHSA-vvfq-8hwr-qm4m' if !RUBY_VERSION.start_with?('3.0') + end +end + +task default: [:rubocop, :spec, 'bundle:audit'] desc 'Run all tasks desired for CI' task ci: [:default, 'docker:lint', :build, 'docker:build', 'docker:e2e'] diff --git a/docker/Dockerfile b/docker/Dockerfile index dc340d9..84f55d0 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,11 +1,11 @@ -FROM alpine:3.19.0 +FROM alpine:3.22.1 EXPOSE 5353 8080 ARG DYNDNSD_VERSION RUN apk --no-cache add openssl ca-certificates && \ - apk --no-cache add ruby ruby-etc ruby-io-console ruby-json ruby-webrick && \ + apk --no-cache add ruby ruby-webrick && \ apk --no-cache add --virtual .build-deps linux-headers ruby-dev build-base tzdata && \ gem install --no-document dyndnsd -v ${DYNDNSD_VERSION} && \ rm -rf /usr/lib/ruby/gems/*/cache/ && \ diff --git a/docker/ci/Dockerfile b/docker/ci/Dockerfile index 59713bb..04eef84 100644 --- a/docker/ci/Dockerfile +++ b/docker/ci/Dockerfile @@ -1,11 +1,11 @@ -FROM alpine:3.19.0 +FROM alpine:3.22.1 EXPOSE 5353 8080 COPY pkg/dyndnsd-*.gem /tmp/dyndnsd.gem RUN apk --no-cache add openssl ca-certificates && \ - apk --no-cache add ruby ruby-etc ruby-io-console ruby-json ruby-webrick && \ + apk --no-cache add ruby ruby-webrick && \ apk --no-cache add --virtual .build-deps linux-headers ruby-dev build-base tzdata && \ gem install --no-document /tmp/dyndnsd.gem && \ rm -rf /usr/lib/ruby/gems/*/cache/ && \ diff --git a/dyndnsd.gemspec b/dyndnsd.gemspec index 35acfc9..f28a131 100644 --- a/dyndnsd.gemspec +++ b/dyndnsd.gemspec @@ -27,23 +27,25 @@ Gem::Specification.new do |s| s.required_ruby_version = '>= 3.0' - s.add_runtime_dependency 'async', '~> 1.31.0' - s.add_runtime_dependency 'async-dns', '~> 1.3.0' - s.add_runtime_dependency 'metriks' - s.add_runtime_dependency 'opentelemetry-exporter-jaeger', '~> 0.22.0' - s.add_runtime_dependency 'opentelemetry-instrumentation-rack', '~> 0.22.0' - s.add_runtime_dependency 'opentelemetry-sdk', '~> 1.2.0' - s.add_runtime_dependency 'rack', '~> 3.0' - s.add_runtime_dependency 'rackup', '~> 2' - s.add_runtime_dependency 'webrick', '>= 1.6.1' + s.add_dependency 'async', '~> 1.31.0' + s.add_dependency 'async-dns', '~> 1.3.0' + s.add_dependency 'base64', '~> 0.2.0' # needed for async + s.add_dependency 'logger', '>= 1.6', '< 1.8' + s.add_dependency 'metriks' + s.add_dependency 'opentelemetry-exporter-jaeger', '~> 0.22.0' + s.add_dependency 'opentelemetry-instrumentation-rack', '~> 0.22.0' + s.add_dependency 'opentelemetry-sdk', '~> 1.2.0' + s.add_dependency 'rack', '~> 3.0' + s.add_dependency 'rackup', '~> 2' + s.add_dependency 'webrick', '>= 1.6.1' s.add_development_dependency 'bundler' s.add_development_dependency 'bundler-audit', '~> 0.9.0' s.add_development_dependency 'rack-test' s.add_development_dependency 'rake' s.add_development_dependency 'rspec' - s.add_development_dependency 'rubocop', '~> 1.60.0' - s.add_development_dependency 'rubocop-rake', '~> 0.6.0' - s.add_development_dependency 'rubocop-rspec', '~> 2.26.1' - s.add_development_dependency 'solargraph', '~> 0.50.0' + s.add_development_dependency 'rubocop', '~> 1.81.1' + s.add_development_dependency 'rubocop-rake', '~> 0.7.1' + s.add_development_dependency 'rubocop-rspec', '~> 3.7.0' + s.add_development_dependency 'solargraph', '~> 0.55.0' end diff --git a/lib/dyndnsd.rb b/lib/dyndnsd.rb index 694e52a..154e0e4 100644 --- a/lib/dyndnsd.rb +++ b/lib/dyndnsd.rb @@ -138,7 +138,7 @@ module Dyndnsd # @param params [Hash{String => String}] # @return [Array] def extract_v4_and_v6_address(params) - return [] if !(params['myip']) + return [] if !params['myip'] begin IPAddr.new(params['myip'], Socket::AF_INET) IPAddr.new(params['myip6'], Socket::AF_INET6) @@ -207,7 +207,7 @@ module Dyndnsd params = Rack::Utils.parse_query(env['QUERY_STRING']) # require hostname parameter - return [422, {'X-DynDNS-Response' => 'hostname_missing'}, []] if !(params['hostname']) + return [422, {'X-DynDNS-Response' => 'hostname_missing'}, []] if !params['hostname'] hostnames = params['hostname'].split(',') diff --git a/lib/dyndnsd/updater/zone_transfer_server.rb b/lib/dyndnsd/updater/zone_transfer_server.rb index e04ba22..cf4bde5 100644 --- a/lib/dyndnsd/updater/zone_transfer_server.rb +++ b/lib/dyndnsd/updater/zone_transfer_server.rb @@ -89,7 +89,7 @@ module Dyndnsd # @return [Array{Array{Object}}] def self.parse_endpoints(endpoint_list) endpoint_list.map { |addr_string| addr_string.split('@') } - .map { |addr_parts| [addr_parts[0], addr_parts[1].to_i || 53] } + .map { |addr_parts| [addr_parts[0], addr_parts[1]&.to_i || 53] } .map { |addr| [:tcp, :udp].map { |type| [type] + addr } } .flatten(1) end