2021-03-30 06:08:46 +08:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2014-03-27 06:41:23 +08:00
|
|
|
# What have they done to the Gemfile???
|
|
|
|
|
#
|
2021-09-21 00:20:02 +08:00
|
|
|
# Relax. Breathe deep. All the gems are still there; they're just loaded in
|
|
|
|
|
# various files in Gemfile.d/. This allows us to require gems locally that we
|
|
|
|
|
# might not want to commit to our public repo. We can maintain a customized
|
|
|
|
|
# list of gems for development and debuggery, without affecting our ability to
|
|
|
|
|
# merge with canvas-lms
|
2014-03-27 06:41:23 +08:00
|
|
|
#
|
2011-02-01 09:57:29 +08:00
|
|
|
|
2021-09-21 00:20:02 +08:00
|
|
|
source "https://rubygems.org/"
|
2017-10-12 02:10:24 +08:00
|
|
|
|
2023-01-18 22:32:47 +08:00
|
|
|
plugin "bundler_lockfile_extensions", path: "gems/bundler_lockfile_extensions"
|
|
|
|
|
|
|
|
|
|
require File.expand_path("config/canvas_rails_switcher", __dir__)
|
|
|
|
|
|
keep lockfiles in sync as part of `bundle` commands
closes AE-283
this eliminates script/sync_lockfiles.rb and integrates its
functionality directly into `bundle install`, `bundle check`, etc.
it also generalizes a few pieces so that the same approach is used
for all use cases:
* syncing versions between the main Gemfile and gems in gems/
* maintaining separate lockfiles for no plugins/including
private plugins
* maintaining separate lockfiles for multiple Rails versions
(crossed with the previous bullet)
The differences between them are just small variations on how strict
versions must match between lockfiles, and requiring pinning of
versions not in the default lockfile.
For full details, checks the docs on BundlerLockfileExtensions
This does change the strategy for filtering private plugin dependencies
out of the committed lockfile(s) - instead of filtering based on hash
of source, simply don't even include private plugin gems in the gemfile
when building the filtered lockfile (i.e. dynamic Gemfile, rather than
monkeypatching bundler to filter out -- semi-succesfully -- private
plugins from the Definition).
It also changes the "default" lockfile for Canvas that gets checked
in to be Gemfile.lock, so that other tools that are not
multi-lockfile aware can find it (such as rubocop, dependabot, and
others). This will be the lockfile corresponding to the current
default rails version for Canvas, and without private plugins.
Change-Id: I7ba398381974acbc4445f34fa3b788e8a07c5ce6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317888
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
2023-05-11 02:12:39 +08:00
|
|
|
# Bundler evaluates this from a non-global context for plugins, so we have
|
|
|
|
|
# to explicitly pop up to set global constants
|
|
|
|
|
# rubocop:disable Style/RedundantConstantBase
|
|
|
|
|
|
|
|
|
|
# will already be defined during the second Gemfile evaluation
|
|
|
|
|
::CANVAS_INCLUDE_PLUGINS = true unless defined?(::CANVAS_INCLUDE_PLUGINS)
|
|
|
|
|
|
2023-04-12 23:49:30 +08:00
|
|
|
if Plugin.installed?("bundler_lockfile_extensions")
|
|
|
|
|
Plugin.send(:load_plugin, "bundler_lockfile_extensions") unless defined?(BundlerLockfileExtensions)
|
2023-01-18 22:32:47 +08:00
|
|
|
|
keep lockfiles in sync as part of `bundle` commands
closes AE-283
this eliminates script/sync_lockfiles.rb and integrates its
functionality directly into `bundle install`, `bundle check`, etc.
it also generalizes a few pieces so that the same approach is used
for all use cases:
* syncing versions between the main Gemfile and gems in gems/
* maintaining separate lockfiles for no plugins/including
private plugins
* maintaining separate lockfiles for multiple Rails versions
(crossed with the previous bullet)
The differences between them are just small variations on how strict
versions must match between lockfiles, and requiring pinning of
versions not in the default lockfile.
For full details, checks the docs on BundlerLockfileExtensions
This does change the strategy for filtering private plugin dependencies
out of the committed lockfile(s) - instead of filtering based on hash
of source, simply don't even include private plugin gems in the gemfile
when building the filtered lockfile (i.e. dynamic Gemfile, rather than
monkeypatching bundler to filter out -- semi-succesfully -- private
plugins from the Definition).
It also changes the "default" lockfile for Canvas that gets checked
in to be Gemfile.lock, so that other tools that are not
multi-lockfile aware can find it (such as rubocop, dependabot, and
others). This will be the lockfile corresponding to the current
default rails version for Canvas, and without private plugins.
Change-Id: I7ba398381974acbc4445f34fa3b788e8a07c5ce6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317888
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
2023-05-11 02:12:39 +08:00
|
|
|
unless BundlerLockfileExtensions.enabled?
|
|
|
|
|
default = true
|
|
|
|
|
SUPPORTED_RAILS_VERSIONS.product([nil, true]).each do |rails_version, include_plugins|
|
|
|
|
|
prepare = lambda do
|
|
|
|
|
Object.send(:remove_const, :CANVAS_RAILS)
|
|
|
|
|
::CANVAS_RAILS = rails_version
|
|
|
|
|
Object.send(:remove_const, :CANVAS_INCLUDE_PLUGINS)
|
|
|
|
|
::CANVAS_INCLUDE_PLUGINS = include_plugins
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
lockfile = ["Gemfile", "rails#{rails_version.delete(".")}", include_plugins && "plugins", "lock"].compact.join(".")
|
|
|
|
|
lockfile = nil if default
|
|
|
|
|
# only the first lockfile is the default
|
|
|
|
|
default = false
|
|
|
|
|
|
|
|
|
|
current = rails_version == CANVAS_RAILS && include_plugins
|
|
|
|
|
|
|
|
|
|
add_lockfile(lockfile,
|
2023-06-02 06:06:09 +08:00
|
|
|
current:,
|
|
|
|
|
prepare:,
|
2023-05-18 03:08:14 +08:00
|
|
|
allow_mismatched_dependencies: rails_version != SUPPORTED_RAILS_VERSIONS.first,
|
|
|
|
|
enforce_pinned_additional_dependencies: include_plugins)
|
2023-01-18 22:32:47 +08:00
|
|
|
end
|
|
|
|
|
|
2023-05-17 22:50:53 +08:00
|
|
|
Dir["Gemfile.d/*.lock", "gems/*/Gemfile.lock", base: Bundler.root].each do |gem_lockfile_name|
|
keep lockfiles in sync as part of `bundle` commands
closes AE-283
this eliminates script/sync_lockfiles.rb and integrates its
functionality directly into `bundle install`, `bundle check`, etc.
it also generalizes a few pieces so that the same approach is used
for all use cases:
* syncing versions between the main Gemfile and gems in gems/
* maintaining separate lockfiles for no plugins/including
private plugins
* maintaining separate lockfiles for multiple Rails versions
(crossed with the previous bullet)
The differences between them are just small variations on how strict
versions must match between lockfiles, and requiring pinning of
versions not in the default lockfile.
For full details, checks the docs on BundlerLockfileExtensions
This does change the strategy for filtering private plugin dependencies
out of the committed lockfile(s) - instead of filtering based on hash
of source, simply don't even include private plugin gems in the gemfile
when building the filtered lockfile (i.e. dynamic Gemfile, rather than
monkeypatching bundler to filter out -- semi-succesfully -- private
plugins from the Definition).
It also changes the "default" lockfile for Canvas that gets checked
in to be Gemfile.lock, so that other tools that are not
multi-lockfile aware can find it (such as rubocop, dependabot, and
others). This will be the lockfile corresponding to the current
default rails version for Canvas, and without private plugins.
Change-Id: I7ba398381974acbc4445f34fa3b788e8a07c5ce6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317888
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
2023-05-11 02:12:39 +08:00
|
|
|
return unless add_lockfile(gem_lockfile_name,
|
2023-05-18 03:08:14 +08:00
|
|
|
gemfile: gem_lockfile_name.sub(/\.lock$/, ""),
|
|
|
|
|
allow_mismatched_dependencies: false)
|
keep lockfiles in sync as part of `bundle` commands
closes AE-283
this eliminates script/sync_lockfiles.rb and integrates its
functionality directly into `bundle install`, `bundle check`, etc.
it also generalizes a few pieces so that the same approach is used
for all use cases:
* syncing versions between the main Gemfile and gems in gems/
* maintaining separate lockfiles for no plugins/including
private plugins
* maintaining separate lockfiles for multiple Rails versions
(crossed with the previous bullet)
The differences between them are just small variations on how strict
versions must match between lockfiles, and requiring pinning of
versions not in the default lockfile.
For full details, checks the docs on BundlerLockfileExtensions
This does change the strategy for filtering private plugin dependencies
out of the committed lockfile(s) - instead of filtering based on hash
of source, simply don't even include private plugin gems in the gemfile
when building the filtered lockfile (i.e. dynamic Gemfile, rather than
monkeypatching bundler to filter out -- semi-succesfully -- private
plugins from the Definition).
It also changes the "default" lockfile for Canvas that gets checked
in to be Gemfile.lock, so that other tools that are not
multi-lockfile aware can find it (such as rubocop, dependabot, and
others). This will be the lockfile corresponding to the current
default rails version for Canvas, and without private plugins.
Change-Id: I7ba398381974acbc4445f34fa3b788e8a07c5ce6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317888
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
2023-05-11 02:12:39 +08:00
|
|
|
end
|
2023-04-12 23:49:30 +08:00
|
|
|
end
|
2023-01-18 22:32:47 +08:00
|
|
|
end
|
keep lockfiles in sync as part of `bundle` commands
closes AE-283
this eliminates script/sync_lockfiles.rb and integrates its
functionality directly into `bundle install`, `bundle check`, etc.
it also generalizes a few pieces so that the same approach is used
for all use cases:
* syncing versions between the main Gemfile and gems in gems/
* maintaining separate lockfiles for no plugins/including
private plugins
* maintaining separate lockfiles for multiple Rails versions
(crossed with the previous bullet)
The differences between them are just small variations on how strict
versions must match between lockfiles, and requiring pinning of
versions not in the default lockfile.
For full details, checks the docs on BundlerLockfileExtensions
This does change the strategy for filtering private plugin dependencies
out of the committed lockfile(s) - instead of filtering based on hash
of source, simply don't even include private plugin gems in the gemfile
when building the filtered lockfile (i.e. dynamic Gemfile, rather than
monkeypatching bundler to filter out -- semi-succesfully -- private
plugins from the Definition).
It also changes the "default" lockfile for Canvas that gets checked
in to be Gemfile.lock, so that other tools that are not
multi-lockfile aware can find it (such as rubocop, dependabot, and
others). This will be the lockfile corresponding to the current
default rails version for Canvas, and without private plugins.
Change-Id: I7ba398381974acbc4445f34fa3b788e8a07c5ce6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317888
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
2023-05-11 02:12:39 +08:00
|
|
|
# rubocop:enable Style/RedundantConstantBase
|
2023-01-18 22:32:47 +08:00
|
|
|
|
2023-03-29 06:56:26 +08:00
|
|
|
# Bundler's first pass parses the entire Gemfile and calls to additional sources
|
|
|
|
|
# makes it actually go and retrieve metadata from them even though the plugin will
|
|
|
|
|
# never exist there. Short-circuit it here if we're in the plugin-specific DSL
|
|
|
|
|
# phase to prevent that from happening.
|
2023-04-12 23:49:30 +08:00
|
|
|
return if method(:source).owner == Bundler::Plugin::DSL
|
2023-03-29 06:56:26 +08:00
|
|
|
|
2023-05-23 05:51:35 +08:00
|
|
|
module PreferGlobalRubyGemsSource
|
|
|
|
|
def rubygems_sources
|
|
|
|
|
[global_rubygems_source] + non_global_rubygems_sources
|
|
|
|
|
end
|
|
|
|
|
end
|
2023-06-02 06:06:09 +08:00
|
|
|
Bundler::SourceList.prepend(PreferGlobalRubyGemsSource)
|
2023-05-23 05:51:35 +08:00
|
|
|
|
2023-05-03 01:01:05 +08:00
|
|
|
module GemOverride
|
|
|
|
|
def gem(name, *version, path: nil, **kwargs)
|
keep lockfiles in sync as part of `bundle` commands
closes AE-283
this eliminates script/sync_lockfiles.rb and integrates its
functionality directly into `bundle install`, `bundle check`, etc.
it also generalizes a few pieces so that the same approach is used
for all use cases:
* syncing versions between the main Gemfile and gems in gems/
* maintaining separate lockfiles for no plugins/including
private plugins
* maintaining separate lockfiles for multiple Rails versions
(crossed with the previous bullet)
The differences between them are just small variations on how strict
versions must match between lockfiles, and requiring pinning of
versions not in the default lockfile.
For full details, checks the docs on BundlerLockfileExtensions
This does change the strategy for filtering private plugin dependencies
out of the committed lockfile(s) - instead of filtering based on hash
of source, simply don't even include private plugin gems in the gemfile
when building the filtered lockfile (i.e. dynamic Gemfile, rather than
monkeypatching bundler to filter out -- semi-succesfully -- private
plugins from the Definition).
It also changes the "default" lockfile for Canvas that gets checked
in to be Gemfile.lock, so that other tools that are not
multi-lockfile aware can find it (such as rubocop, dependabot, and
others). This will be the lockfile corresponding to the current
default rails version for Canvas, and without private plugins.
Change-Id: I7ba398381974acbc4445f34fa3b788e8a07c5ce6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317888
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
2023-05-11 02:12:39 +08:00
|
|
|
# Bundler calls `gem` internally by passing a splat with a hash as the
|
|
|
|
|
# last argument, instead of properly using kwargs. Detect that.
|
|
|
|
|
if version.last.is_a?(Hash) && kwargs.empty?
|
|
|
|
|
kwargs = version.pop
|
|
|
|
|
end
|
2023-05-17 06:01:22 +08:00
|
|
|
vendor_path = File.expand_path("vendor/#{name}", __dir__)
|
|
|
|
|
if File.directory?(vendor_path)
|
|
|
|
|
super(name, path: vendor_path, **kwargs)
|
2023-05-03 01:01:05 +08:00
|
|
|
else
|
2023-06-02 06:06:09 +08:00
|
|
|
super(name, *version, path:, **kwargs)
|
2023-05-03 01:01:05 +08:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
Bundler::Dsl.prepend(GemOverride)
|
|
|
|
|
|
keep lockfiles in sync as part of `bundle` commands
closes AE-283
this eliminates script/sync_lockfiles.rb and integrates its
functionality directly into `bundle install`, `bundle check`, etc.
it also generalizes a few pieces so that the same approach is used
for all use cases:
* syncing versions between the main Gemfile and gems in gems/
* maintaining separate lockfiles for no plugins/including
private plugins
* maintaining separate lockfiles for multiple Rails versions
(crossed with the previous bullet)
The differences between them are just small variations on how strict
versions must match between lockfiles, and requiring pinning of
versions not in the default lockfile.
For full details, checks the docs on BundlerLockfileExtensions
This does change the strategy for filtering private plugin dependencies
out of the committed lockfile(s) - instead of filtering based on hash
of source, simply don't even include private plugin gems in the gemfile
when building the filtered lockfile (i.e. dynamic Gemfile, rather than
monkeypatching bundler to filter out -- semi-succesfully -- private
plugins from the Definition).
It also changes the "default" lockfile for Canvas that gets checked
in to be Gemfile.lock, so that other tools that are not
multi-lockfile aware can find it (such as rubocop, dependabot, and
others). This will be the lockfile corresponding to the current
default rails version for Canvas, and without private plugins.
Change-Id: I7ba398381974acbc4445f34fa3b788e8a07c5ce6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317888
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
2023-05-11 02:12:39 +08:00
|
|
|
if CANVAS_INCLUDE_PLUGINS
|
|
|
|
|
Dir[File.join(File.dirname(__FILE__), "gems/plugins/*/Gemfile.d/_before.rb")].each do |file|
|
|
|
|
|
eval_gemfile(file)
|
|
|
|
|
end
|
2017-10-12 02:10:24 +08:00
|
|
|
end
|
|
|
|
|
|
2023-06-02 06:06:09 +08:00
|
|
|
Dir.glob(File.join(File.dirname(__FILE__), "Gemfile.d", "*.rb")).each do |file|
|
keep lockfiles in sync as part of `bundle` commands
closes AE-283
this eliminates script/sync_lockfiles.rb and integrates its
functionality directly into `bundle install`, `bundle check`, etc.
it also generalizes a few pieces so that the same approach is used
for all use cases:
* syncing versions between the main Gemfile and gems in gems/
* maintaining separate lockfiles for no plugins/including
private plugins
* maintaining separate lockfiles for multiple Rails versions
(crossed with the previous bullet)
The differences between them are just small variations on how strict
versions must match between lockfiles, and requiring pinning of
versions not in the default lockfile.
For full details, checks the docs on BundlerLockfileExtensions
This does change the strategy for filtering private plugin dependencies
out of the committed lockfile(s) - instead of filtering based on hash
of source, simply don't even include private plugin gems in the gemfile
when building the filtered lockfile (i.e. dynamic Gemfile, rather than
monkeypatching bundler to filter out -- semi-succesfully -- private
plugins from the Definition).
It also changes the "default" lockfile for Canvas that gets checked
in to be Gemfile.lock, so that other tools that are not
multi-lockfile aware can find it (such as rubocop, dependabot, and
others). This will be the lockfile corresponding to the current
default rails version for Canvas, and without private plugins.
Change-Id: I7ba398381974acbc4445f34fa3b788e8a07c5ce6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317888
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
2023-05-11 02:12:39 +08:00
|
|
|
eval_gemfile(file)
|
2017-10-12 02:10:24 +08:00
|
|
|
end
|