Merge pull request #55 from SwedbankPay/feature/dx-1096_html_proofer_…

…auth

Fix HTMLProofer authentication

.docker/Dockerfile

@@ -91,6 +91,14 @@ ARG TAG
 ARG SHA
 ARG DATE
 ARG VERSION
+
+RUN \
+    # Ensure that the build arguments are set and not empty.
+    : "${TAG:?Build argument 'TAG' is missing or empty.}" \
+    : "${SHA:?Build argument 'SHA' is missing or empty.}" \
+    : "${DATE:?Build argument 'DATE' is missing or empty.}" \
+    : "${VERSION:?Build argument 'VERSION' is missing or empty.}"
+
 ENV DOCKER_IMAGE_TAG=$TAG
 ENV DOCKER_IMAGE_VERSION=$VERSION
 

.docker/entrypoint/.rubocop.yml

@@ -8,3 +8,5 @@ Layout:
   LineLength: 100
   IndentationStyle:
     IndentationWidth: 2
+Metrics/MethodLength:
+  Max: 20

.docker/entrypoint/Gemfile

@@ -12,6 +12,7 @@ group :jekyll_plugins do
   gem 'rouge'
 end
 
+gem 'concurrent-ruby'
 gem 'docopt'
 # Neccessary to prevent Jekyll errors. See https://github.com/github/personal-website/issues/166
 gem 'faraday', '~> 1.0.1'

.docker/entrypoint/Gemfile.lock

@@ -1,7 +1,7 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (6.0.3.2)
+    activesupport (6.0.3.3)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
@@ -14,7 +14,7 @@ GEM
       json
       simplecov
     colorator (1.1.0)
-    concurrent-ruby (1.1.6)
+    concurrent-ruby (1.1.7)
     diff-lcs (1.4.4)
     diffy (3.4.0)
     docile (1.3.2)
@@ -33,10 +33,10 @@ GEM
     forwardable-extended (2.6.0)
     gemoji (3.0.1)
     hike (1.2.3)
-    html-pipeline (2.13.0)
+    html-pipeline (2.14.0)
       activesupport (>= 2)
       nokogiri (>= 1.4)
-    html-proofer (3.15.3)
+    html-proofer (3.16.0)
       addressable (~> 2.3)
       mercenary (~> 0.3)
       nokogumbo (~> 2.0)
@@ -47,7 +47,7 @@ GEM
     html-proofer-unrendered-markdown (0.1.3)
       html-proofer (~> 3.0, >= 3.15.1)
     http_parser.rb (0.6.0)
-    i18n (1.8.3)
+    i18n (1.8.5)
       concurrent-ruby (~> 1.0)
     jekyll (4.1.1)
       addressable (~> 2.4)
@@ -102,10 +102,10 @@ GEM
     mercenary (0.4.0)
     mini_magick (4.10.1)
     mini_portile2 (2.4.0)
-    minitest (5.14.1)
+    minitest (5.14.2)
     multi_json (1.15.0)
     multipart-post (2.1.1)
-    nokogiri (1.10.9)
+    nokogiri (1.10.10)
       mini_portile2 (~> 2.4.0)
     nokogumbo (2.0.2)
       nokogiri (~> 1.8, >= 1.8.4)
@@ -117,7 +117,7 @@ GEM
       ast (~> 2.4.1)
     pathutil (0.16.2)
       forwardable-extended (~> 2.6)
-    public_suffix (4.0.5)
+    public_suffix (4.0.6)
     rack (2.1.4)
     rainbow (3.0.0)
     rake (13.0.1)
@@ -149,7 +149,7 @@ GEM
       rubocop-ast (>= 0.3.0, < 1.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 2.0)
-    rubocop-ast (0.3.0)
+    rubocop-ast (0.4.0)
       parser (>= 2.7.1.4)
     ruby-progressbar (1.10.1)
     rubyzip (2.3.0)
@@ -173,7 +173,7 @@ GEM
       multi_json (~> 1.0)
       rack (~> 1.0)
       tilt (~> 1.1, != 1.3.0)
-    sprockets-helpers (1.3.0)
+    sprockets-helpers (1.4.0)
       sprockets (>= 2.2)
     sprockets-sass (1.3.1)
       sprockets (~> 2.0)
@@ -188,13 +188,14 @@ GEM
       thread_safe (~> 0.1)
     unicode-display_width (1.7.0)
     yell (2.2.2)
-    zeitwerk (2.3.1)
+    zeitwerk (2.4.0)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   codecov
+  concurrent-ruby
   diffy
   docopt
   faraday (~> 1.0.1)

.docker/entrypoint/lib/commands/verifier.rb

@@ -3,6 +3,7 @@
 require 'jekyll'
 require 'html-proofer'
 require 'html-proofer-unrendered-markdown'
+require 'concurrent'
 require_relative '../context'
 require_relative '../extensions/object_extensions'
 
@@ -16,7 +17,7 @@ module Commands
       # The Jekyll::PlantUml::Verifier class executes HTMLProofer on a built
       # Jekyll site in order to verify that the HTML is correct.
       class Verifier
-        attr_accessor :html_proofer
+        attr_accessor :html_proofer, :logger
 
         def initialize(context)
           context.must_be_a! Context
@@ -33,11 +34,25 @@ def verify
 
           opts = options(@context.arguments.ignore_urls)
 
-          @html_proofer.check_directory(@jekyll_destination_dir, opts).run
+          log(:debug, "Checking '#{@jekyll_destination_dir}' with HTMLProofer")
+          log(:debug, opts)
+
+          proofer = @html_proofer.check_directory(@jekyll_destination_dir, opts)
+          proofer.before_request { |request| before_request(request) }
+          proofer.run
         end
 
         private
 
+        def before_request(request)
+          uri = URI(request.base_url)
+          return unless uri.host.match('github\.(com|io)$')
+
+          auth = "Bearer #{@context.auth_token}"
+          log(:debug, 'Setting Bearer Token for GitHub request')
+          request.options[:headers]['Authorization'] = auth
+        end
+
         def ensure_directory_not_empty!(dir)
           html_glob = File.join(dir, '**/*.html')
           raise "#{dir} contains no .html files" if Dir.glob(html_glob).empty?
@@ -55,27 +70,15 @@ def options(ignore_urls = nil)
         end
 
         def default_options
-          opts = {
+          {
             assume_extension: true,
             check_html: true,
             enforce_https: true,
             only_4xx: true,
-            check_unrendered_link: true
-          }
-
-          token = @context.auth_token
-          opts[:domain_auth] = domain_auth_options(token) unless token.nil?
-          opts
-        end
-
-        def domain_auth_options(auth_token)
-          {
-            'github.com' => {
-              type: :header,
-              template: 'Bearer %token%',
-              values: {
-                token: auth_token
-              }
+            check_unrendered_link: true,
+            parallel: { in_processes: Concurrent.processor_count },
+            typheous: {
+              verbose: @context.verbose?
             }
           }
         end
@@ -98,6 +101,13 @@ def convert_to_regex(value)
 
           value
         end
+
+        def log(severity, message)
+          (@logger ||= Jekyll.logger).public_send(
+            severity,
+            "   jekyll-plantuml: #{message}"
+          )
+        end
       end
     end
   end

.docker/entrypoint/lib/extensions/object_extensions.rb

@@ -54,7 +54,6 @@ def cannot_be_empty(_klass)
     raise ArgumentError, "#{self.class} cannot be empty"
   end
 
-  # rubocop:disable Metrics/MethodLength
   def parse_args(*args)
     raise ArgumentError, 'args cannot be nil' if args.nil?
 
@@ -70,5 +69,4 @@ def parse_args(*args)
 
     { specifier: specifier, type: type }
   end
-  # rubocop:enable Metrics/MethodLength
 end

.docker/entrypoint/spec/helpers/spec_html_proofer.rb

@@ -11,6 +11,7 @@ def self.check_directory(_, _)
             SpecHTMLProofer.new
           end
 
+          def before_request(&_); end
           def run; end
         end
       end

.docker/entrypoint/spec/verifier_spec.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'includes'
+require 'concurrent'
 
 describe Verifier do
   context = Context.new('development', __dir__, __dir__)
@@ -68,22 +69,17 @@
       subject.verify
     end
 
-    it 'sets domain_auth options' do
+    it 'receives expected options' do
       expected_options = {
         assume_extension: true,
         check_html: true,
         check_unrendered_link: true,
         enforce_https: true,
         log_level: :error,
         only_4xx: true,
-        domain_auth: {
-          'github.com' => {
-            template: 'Bearer %token%',
-            type: :header,
-            values: {
-              token: 'SECRET'
-            }
-          }
+        parallel: { in_processes: Concurrent.processor_count },
+        typheous: {
+          verbose: false
         }
       }
       html_proofer_class = SpecHTMLProofer
@@ -93,5 +89,14 @@
       subject.html_proofer = html_proofer_class
       subject.verify
     end
+
+    it 'sets bearer token for github' do
+      ignore_urls = [ 'http://www.wikipedia.org', %r{[/.]?page1} ]
+      allow(context.arguments).to receive(:ignore_urls).and_return(ignore_urls)
+      logger = SpecLogger.new(:debug)
+      subject.logger = logger
+      subject.verify
+      expect(logger.message).to include('Setting Bearer Token for GitHub request')
+    end
   end
 end

.github/workflows/docker_run_test.sh → .github/scripts/docker_run_test.sh

@@ -93,6 +93,7 @@ parse_args() {
 
     if [[ $verbose ]]; then
         debug_env="--env DEBUG=true"
+        jekyll_command="$jekyll_command --log-level=debug"
     fi
 
     docker_run_command="\

.github/workflows/publish.yml

@@ -36,7 +36,7 @@ jobs:
         id: variables
         env:
           GITHUB_CONTEXT: ${{ toJson(github) }}
-        run: ./.github/workflows/variables.sh ${{ steps.gitversion.outputs.fullSemVer }}
+        run: ./.github/scripts/variables.sh ${{ steps.gitversion.outputs.fullSemVer }}
 
   docker-publish:
     runs-on: ubuntu-latest
@@ -55,7 +55,7 @@ jobs:
           image_name: jekyll-plantuml
           image_tag: ${{ needs.variables.outputs.docker_image_tag }}
           dockerfile: .docker/Dockerfile
-          push_image_and_stages: ./.github/workflows/docker_run_test.sh build --image ${{ needs.variables.outputs.docker_image_fqn }} --image-tag ${{ needs.variables.outputs.docker_image_tag }} --repository ${{ github.repository }} --dir ${{ github.workspace }}/tests/minimal --token ${{ secrets.GITHUB_TOKEN }} --verbose --no-pull
+          push_image_and_stages: ./.github/scripts/docker_run_test.sh build --image ${{ needs.variables.outputs.docker_image_fqn }} --image-tag ${{ needs.variables.outputs.docker_image_tag }} --repository ${{ github.repository }} --dir ${{ github.workspace }}/tests/minimal --token ${{ secrets.GITHUB_TOKEN }} --verbose --no-pull
           pull_image_and_stages: false
           build_extra_args: --build-arg TAG="${{ needs.variables.outputs.docker_image_tag }}" --build-arg SHA="${{ needs.variables.outputs.sha }}" --build-arg DATE="${{ needs.variables.outputs.date }}" --build-arg VERSION="${{ needs.variables.outputs.version }}"
 
@@ -68,7 +68,7 @@ jobs:
           image_name: swedbankpay/jekyll-plantuml
           image_tag: ${{ needs.variables.outputs.docker_image_tag }}
           dockerfile: .docker/Dockerfile
-          push_image_and_stages: ./.github/workflows/docker_run_test.sh build --image ${{ needs.variables.outputs.docker_image_fqn }} --image-tag ${{ needs.variables.outputs.docker_image_tag }} --repository ${{ github.repository }} --dir ${{ github.workspace }}/tests/minimal --token ${{ secrets.GITHUB_TOKEN }} --verbose --no-pull
+          push_image_and_stages: ./.github/scripts/docker_run_test.sh build --image ${{ needs.variables.outputs.docker_image_fqn }} --image-tag ${{ needs.variables.outputs.docker_image_tag }} --repository ${{ github.repository }} --dir ${{ github.workspace }}/tests/minimal --token ${{ secrets.GITHUB_TOKEN }} --verbose --no-pull
           pull_image_and_stages: false
           build_extra_args: --build-arg TAG="${{ needs.variables.outputs.docker_image_tag }}" --build-arg SHA="${{ needs.variables.outputs.sha }}" --build-arg DATE="${{ needs.variables.outputs.date }}" --build-arg VERSION="${{ needs.variables.outputs.version }}"
 
@@ -81,7 +81,7 @@ jobs:
 
       - name: Download and Run Image
         run: |
-          ./.github/workflows/docker_run_test.sh build \
+          ./.github/scripts/docker_run_test.sh build \
             --image ${{ needs.variables.outputs.docker_image_fqn }} \
             --repository ${{ github.repository }} \
             --dir ${{ github.workspace }}/tests/minimal \
@@ -91,7 +91,7 @@ jobs:
 
       - name: Deploy to GitHub Pages
         run: |
-          ./.github/workflows/deploy.sh \
+          ./.github/scripts/deploy.sh \
             --repository ${{ github.repository }} \
             --ref ${{ github.ref }} \
             --token ${{ secrets.GITHUB_TOKEN }} \