ManageIQ/manageiq

View on GitHub
Gemfile

Summary

Maintainability
Test Coverage
ruby ">= 3.1.1", "< 3.5.0"
warn "Ruby versions >= 3.4.0 are untested!" if RUBY_VERSION >= "3.4.0"
source 'https://rubygems.org'

plugin "bundler-inject", "~> 2.0"
require File.join(Bundler::Plugin.index.load_paths("bundler-inject")[0], "bundler-inject") rescue nil

#
# VMDB specific gems
#
gem "manageiq-gems-pending", ">0", :git => "https://github.com/ManageIQ/manageiq-gems-pending.git", :branch => "master"

# when using this Gemfile inside a providers Gemfile, the dependency for the provider is already declared
def manageiq_plugin(plugin_name)
  unless dependencies.detect { |d| d.name == plugin_name }
    gem plugin_name, :git => "https://github.com/ManageIQ/#{plugin_name}", :branch => "master"
  end
end

manageiq_plugin "manageiq-schema"

# Unmodified gems
gem "activerecord-session_store",       "~>2.0"
gem "activerecord-virtual_attributes",  "~>7.0.0"
gem "acts_as_tree",                     "~>2.7" # acts_as_tree needs to be required so that it loads before ancestry
gem "ancestry",                         "~>4.1.0",           :require => false
gem "awesome_spawn",                    "~>1.6",             :require => false
gem "aws-sdk-s3",                       "~>1.0",             :require => false # For FileDepotS3
gem "bcrypt",                           "~> 3.1.10",         :require => false
gem "bootsnap",                         ">= 1.8.1",          :require => false # for psych 3.3.2+ / 4 unsafe_load
gem "bundler",                          "~> 2.2", ">= 2.2.15", *("!= 2.5.0".."!= 2.5.9"), "!= 2.5.19", :require => false
gem "byebug",                                                :require => false
gem "color",                            "~>1.8"
gem "config",                           "~>2.2", ">=2.2.3",  :require => false
gem "connection_pool",                                       :require => false # For Dalli
gem "dalli",                            "~>3.2.3",           :require => false
gem "default_value_for",                "~>4.0"
gem "docker-api",                       "~>1.33.6",          :require => false
gem "drb",                              "~>2.2",             :require => false
gem "elif",                             "=0.1.0",            :require => false
gem "fast_gettext",                     "~>3.1"
gem "ffi",                              "< 1.17.0",          :require => false
gem "gettext_i18n_rails",               "~>1.11"
gem "gettext_i18n_rails_js",            "~>1.3.0"
gem "hamlit",                           "~>2.11.0"
gem "inifile",                          "~>3.0",             :require => false
gem "inventory_refresh",                "~>2.1",             :require => false
gem "kubeclient",                       "~>4.0",             :require => false # For scaling pods at runtime
gem "linux_admin",                      ">=3.0", "<5",       :require => false
gem "listen",                           "~>3.2",             :require => false
gem "manageiq-api-client",              "~>0.5.0",           :require => false
gem "manageiq-loggers",                 "~>1.0", ">=1.1.1",  :require => false
gem "manageiq-messaging",               "~>1.0", ">=1.4.3",  :require => false
gem "manageiq-password",                "~>1.0",             :require => false
gem "manageiq-postgres_ha_admin",       "~>3.3",             :require => false
gem "manageiq-ssh-util",                "~>0.2.0",           :require => false
gem "memoist",                          "~>0.16.0",          :require => false
gem "money",                            "~>6.13.5",          :require => false
gem "more_core_extensions"                                                     # min version should be set in manageiq-gems-pending, not here
gem "net-ftp",                          "~>0.1.2",           :require => false
gem "net-ldap",                         "~>0.16.1",          :require => false
gem "net-ping",                         "~>1.7.4",           :require => false
gem "openscap",                         "~>0.4.8",           :require => false
gem "optimist",                         "~>3.0",             :require => false
gem "pg",                               ">=1.4.1",           :require => false
gem "pg-dsn_parser",                    "~>0.1.1",           :require => false
gem "prism",                            ">=0.25.0",          :require => false # Used by DescendantLoader
gem "psych",                            ">=3.1",             :require => false # 3.1 safe_load changed positional to kwargs like aliases: true: https://github.com/ruby/psych/commit/4d4439d6d0adfcbd211ea295779315f1baa7dadd
gem "query_relation",                   "~>0.1.0",           :require => false
gem "rack",                             ">=2.2.6.4",         :require => false
gem "rack-attack",                      "~>6.5.0",           :require => false
gem "rails",                            "~>7.0.8", ">=7.0.8.5"
gem "rails-i18n",                       "~>7.x"
gem "rake",                             ">=12.3.3",          :require => false
gem "rest-client",                      "~>2.1.0",           :require => false
gem "ruby_parser",                                           :require => false # Required for i18n string extraction, and DescentdantLoader (via prism)
gem "ruby-progressbar",                 "~>1.7.0",           :require => false
gem "rubyzip",                          "~>2.0.0",           :require => false
gem "rugged",                           "~>1.5.0",           :require => false
gem "ruport",                           "~>1.8.0"
gem "snmp",                             "~>1.2.0",           :require => false
gem "sprockets",                        "~>3.7.2",           :require => false
gem "sync",                             "~>0.5",             :require => false
gem "sys-filesystem",                   "~>1.4.3"
gem "terminal",                                              :require => false
gem "wim_parser",                       "~>1.0",             :require => false

# gems to resolve security issues
# CVE-2021-33621 fixed: ruby 3.1.4 - https://github.com/advisories/GHSA-vc47-6rqg-c7f5
gem "cgi",  "~> 0.3.5"
# CVE-2023-28756 fixed: ruby 3.1.4 - https://github.com/advisories/GHSA-fg7x-g82r-94qc
gem "time", "~> 0.2.2"
# CVE-2023-36617 https://github.com/advisories/GHSA-hww2-5g85-429m
gem "uri",  "~> 0.13.1" # Avoid URI 1.0.0 for now due to: https://github.com/ruby/uri/issues/125

# Custom gem that replaces mime-types in order to redirect mime-types calls to mini_mime
#   Source is located at https://github.com/ManageIQ/mime-types-redirector
gem "mime-types",                       "~>3.0",             :require => false, :source => "https://rubygems.manageiq.org"

# Modified gems (forked on Github)
gem "handsoap",                         "=0.2.5.5",          :require => false, :source => "https://rubygems.manageiq.org" # for manageiq-gems-pending only

# In 1.9.3: Time.parse uses british version dd/mm/yyyy instead of american version mm/dd/yyyy
# american_date fixes this to be compatible with 1.8.7 until all callers can be converted to the 1.9.3 format prior to parsing.
# See miq_expression_spec Date/Time Support examples.
# https://github.com/jeremyevans/ruby-american_date
gem "american_date"

# Make sure to tag your new bundler group with the manageiq_default group in addition to your specific bundler group name.
# This default is used to automatically require all of our gems in processes that don't specify which bundler groups they want.
#
### providers
group :amazon, :manageiq_default do
  manageiq_plugin "manageiq-providers-amazon"
  gem "amazon_ssa_support",                                  :require => false, :git => "https://github.com/ManageIQ/amazon_ssa_support.git", :branch => "master" # Temporary dependency to be moved to manageiq-providers-amazon when officially release
end

group :ansible_tower, :manageiq_default do
  manageiq_plugin "manageiq-providers-ansible_tower"
end

group :autosde, :manageiq_default do
  manageiq_plugin "manageiq-providers-autosde"
end

group :awx, :manageiq_default do
  manageiq_plugin "manageiq-providers-awx"
end

group :azure, :manageiq_default do
  manageiq_plugin "manageiq-providers-azure"
end

group :azure_stack, :manageiq_default do
  manageiq_plugin "manageiq-providers-azure_stack"
end

group :cisco_intersight, :manageiq_default do
  manageiq_plugin "manageiq-providers-cisco_intersight"
end

group :embedded_terraform, :manageiq_default do
  manageiq_plugin "manageiq-providers-embedded_terraform"
end

group :foreman, :manageiq_default do
  manageiq_plugin "manageiq-providers-foreman"
end

group :google, :manageiq_default do
  manageiq_plugin "manageiq-providers-google"
end

group :ibm_cic, :manageiq_default do
  manageiq_plugin "manageiq-providers-ibm_cic"
end

group :ibm_cloud, :manageiq_default do
  manageiq_plugin "manageiq-providers-ibm_cloud"
end

group :ibm_power_hmc, :manageiq_default do
  manageiq_plugin "manageiq-providers-ibm_power_hmc"
end

group :ibm_power_vc, :manageiq_default do
  manageiq_plugin "manageiq-providers-ibm_power_vc"
end

group :ibm_terraform, :manageiq_default do
  manageiq_plugin "manageiq-providers-ibm_terraform"
end

group :kubernetes, :openshift, :manageiq_default do
  manageiq_plugin "manageiq-providers-kubernetes"
end

group :kubevirt, :manageiq_default do
  manageiq_plugin "manageiq-providers-kubevirt"
end

group :lenovo, :manageiq_default do
  manageiq_plugin "manageiq-providers-lenovo"
end

group :nsxt, :manageiq_default do
  manageiq_plugin "manageiq-providers-nsxt"
end

group :nuage, :manageiq_default do
  manageiq_plugin "manageiq-providers-nuage"
end

group :oracle_cloud, :manageiq_default do
  manageiq_plugin "manageiq-providers-oracle_cloud"
end

group :redfish, :manageiq_default do
  manageiq_plugin "manageiq-providers-redfish"
end

group :red_hat_virtualization, :manageiq_default do
  manageiq_plugin "manageiq-providers-red_hat_virtualization"
end

group :qpid_proton, :optional => true do
  gem "qpid_proton",                    "~>0.37.0",          :require => false
end

group :systemd, :optional => true do
  gem "dbus-systemd",                   "~>1.1.0",           :require => false
  gem "sd_notify",                      "~>0.1.0",           :require => false
  gem "systemd-journal",                "~>1.4.2",           :require => false
end

group :openshift, :manageiq_default do
  manageiq_plugin "manageiq-providers-openshift"
end

group :openstack, :manageiq_default do
  manageiq_plugin "manageiq-providers-openstack"
end

group :ovirt, :manageiq_default do
  manageiq_plugin "manageiq-providers-ovirt"
end

group :vmware, :manageiq_default do
  manageiq_plugin "manageiq-providers-vmware"
end

group :workflows, :manageiq_default do
  manageiq_plugin "manageiq-providers-workflows"
end

### shared dependencies
group :google, :openshift, :manageiq_default do
  gem "sshkey",                         "~>1.8.0",           :require => false
end

### end of provider bundler groups

group :automate, :seed, :manageiq_default do
  manageiq_plugin "manageiq-automation_engine"
end

group :replication, :manageiq_default do
  gem "pg-logical_replication",         "~>1.2",             :require => false
end

group :rest_api, :manageiq_default do
  manageiq_plugin "manageiq-api"
end

group :scheduler, :manageiq_default do
  gem "rufus-scheduler"
end
# rufus has et-orbi dependency, v1.2.2 has patch for ConvertTimeToEoTime that we need
gem "et-orbi",                          ">= 1.2.2"

group :seed, :manageiq_default do
  manageiq_plugin "manageiq-content"
end

group :smartstate, :manageiq_default do
  gem "manageiq-smartstate",            "~>0.10.1",           :require => false
end

group :consumption, :manageiq_default do
  manageiq_plugin "manageiq-consumption"
end

group :ui_dependencies do # Added to Bundler.require in config/application.rb
  manageiq_plugin "manageiq-decorators"
  manageiq_plugin "manageiq-ui-classic"
  # Modified gems (forked on Github)
  gem "jquery-rjs",                     "=0.1.1.3",          :source => "https://rubygems.manageiq.org"
end

group :web_server, :manageiq_default do
  gem "puma",                           "~>6.4", ">=6.4.3"
  gem "ruby-dbus" # For external auth
  gem "secure_headers",                 "~>3.9"
end

group :web_socket, :manageiq_default do
  gem "surro-gate",                     "~>1.0.5",           :require => false
  gem "websocket-driver",               "~>0.6.3",           :require => false
end

group :appliance, :optional => true do
  gem "irb",                            "=1.4.1",            :require => false # Locked to same version as the installed RPM rubygem-irb-1.4.1-142.module_el9+787+b20bfeee.noarch so that we don't bundle our own
  gem "manageiq-appliance_console",     "~>10.0",            :require => false
  gem "rdoc",                                                :require => false # Needed for rails console
end

### Development and test gems are excluded from appliance and container builds to reduce size and license issues
group :development do
  gem "foreman"
  gem "manageiq-style",                 "~>1.5.0",           :require => false
  gem "PoParser"
  gem "yard",                           ">= 0.9.36"
end

group :test do
  gem "brakeman",                       "~>6.2",             :require => false
  gem "bundler-audit",                                       :require => false
  gem "capybara",                       "~>2.5.0",           :require => false
  gem "db-query-matchers",              "~>0.11.0"
  gem "factory_bot",                    "~>6.5",             :require => false
  gem "simplecov",                      ">=0.21.2",          :require => false
  gem "timecop",                        "~>0.9", "!= 0.9.7", :require => false
  gem "vcr",                            "~>6.1",             :require => false
  gem "webmock",                        "~>3.7",             :require => false
end

group :development, :test do
  gem "parallel_tests",                 "~>4.4", :require => false
  gem "routes_lazy_routes"
  gem "rspec-rails",                    "~>7.0"
end