some much needed cleanup

Addressed CVEs:
- CVE-2017-8418
- CVE-2017-17042

Breaking Changes:
- use `sensu-plugin` 2.x
- removed support for ruby < 2.3

Misc Changes:
- appeased the cops

Signed-off-by: Ben Abrams <[email protected]>

.travis.yml

@@ -4,8 +4,6 @@ cache:
 install:
 - bundle install
 rvm:
-- 2.1
-- 2.2
 - 2.3.0
 - 2.4.1
 notifications:
@@ -26,8 +24,6 @@ deploy:
   on:
     tags: true
     all_branches: true
-    rvm: 2.1
-    rvm: 2.2
     rvm: 2.3.0
     rvm: 2.4.1
     repo: sensu-plugins/sensu-plugins-kubernetes

CHANGELOG.md

@@ -4,12 +4,21 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 This CHANGELOG follows the format listed [here ](https://github.com/sensu-plugins/community/blob/master/HOW_WE_CHANGELOG.md)
 
 ## [Unreleased]
+### Security
+- updated rubocop dependency to `~> 0.51.0` per: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8418. (@majormoses)
+- updated yard dependency to `~> 0.9.11` per: https://nvd.nist.gov/vuln/detail/CVE-2017-17042 (@majormoses)
+
+### Breaking Changes
+- drop suppport for ruby versions `< 2.3` as they are EOL (@majormoses)
+- bumped dependency of sensu-plugin to 2.x you can read about it [here](https://github.com/sensu-plugins/sensu-plugin/blob/master/CHANGELOG.md#v145---2017-03-07) (@majormoses)
+
+### Changed
+- appeased the cops (@majormoses)
 
 ## [3.3.0] - 2018-11-26
 ### Changed
  - `check-kube-pods-running.rb`: Skip a POD which is in the not ready state for shorter time than the specified time. Otherwise, the check alerts if we get lots of new PODs which are spawned every second and get up or get terminated longer than a minute. (@sys-ops)
 
-
 ## [3.2.0] - 2018-11-21
 ### Changed
  - `check-kube-service-available.rb`: Skip a service if its selector is empty. Otherwise all PODs in the cluster are listed with client.get_pods() call (including those that we do not want to monitor) (@sys-ops)

Rakefile

@@ -7,9 +7,9 @@ require 'yard'
 require 'yard/rake/yardoc_task'
 
 YARD::Rake::YardocTask.new do |t|
-  OTHER_PATHS = %w().freeze
+  OTHER_PATHS = %w[].freeze
   t.files = ['lib/**/*.rb', 'bin/**/*.rb', OTHER_PATHS]
-  t.options = %w(--markup-provider=redcarpet --markup=markdown --main=README.md --files CHANGELOG.md)
+  t.options = %w[--markup-provider=redcarpet --markup=markdown --main=README.md --files CHANGELOG.md]
 end
 
 RuboCop::RakeTask.new
@@ -35,4 +35,4 @@ task :check_binstubs do
   end
 end
 
-task default: [:spec, :make_bin_executable, :yard, :rubocop, :check_binstubs]
+task default: %i[spec make_bin_executable yard rubocop check_binstubs]

bin/check-kube-service-available.rb

@@ -60,7 +60,8 @@ def run
     services = parse_list(config[:service_list])
     failed_services = []
     s = client.get_services
-    s.each do |a|
+    # TODO: come back and clean me up
+    s.each do |a| # rubocop:disable Metrics/BlockLength
       next unless services.include?(a.metadata.name)
       # Build the selector key so we can fetch the corresponding pod
       selector_key = []
@@ -73,7 +74,7 @@ def run
       pod = nil
       begin
         pod = client.get_pods(label_selector: selector_key.join(',').to_s)
-      rescue
+      rescue StandardError
         failed_services << a.metadata.name.to_s
       end
       # Make sure our pod is running

lib/sensu-plugins-kubernetes/client.rb

@@ -57,7 +57,7 @@ def kubeclient(options = {})
 
               ssl_options = config.context.ssl_options
               auth_options = config.context.auth_options
-            rescue => e
+            rescue StandardError => e
               raise e, "Unable to read kubeconfig: #{e}", e.backtrace
             end
           else
@@ -75,22 +75,22 @@ def kubeclient(options = {})
             }
           end
 
-          if [:client_cert_file, :client_key_file].count { |k| options[k] } == 1
+          if %i[client_cert_file client_key_file].count { |k| options[k] } == 1
             raise ArgumentError, 'SSL requires both client cert and client key'
           end
 
           if options[:client_cert_file]
             begin
               ssl_options[:client_cert] = OpenSSL::X509::Certificate.new(File.read(options[:client_cert_file]))
-            rescue => e
+            rescue StandardError => e
               raise e, "Unable to read client certificate: #{e}", e.backtrace
             end
           end
 
           if options[:client_key_file]
             begin
               ssl_options[:client_key] = OpenSSL::PKey::RSA.new(File.read(options[:client_key_file]))
-            rescue => e
+            rescue StandardError => e
               raise e, "Unable to read client key: #{e}", e.backtrace
             end
           end

sensu-plugins-kubernetes.gemspec

@@ -4,13 +4,13 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'date'
 require_relative 'lib/sensu-plugins-kubernetes'
 
-Gem::Specification.new do |s|
+Gem::Specification.new do |s| # rubocop:disable Metrics/BlockLength
   s.authors                = ['Sensu-Plugins and contributors']
   s.date                   = Date.today.to_s
   s.description            = 'Provides monitoring for Kubernetes via Sensu'
   s.email                  = '<[email protected]>'
   s.executables            = Dir.glob('bin/**/*.rb').map { |file| File.basename(file) }
-  s.files                  = Dir.glob('{bin,lib}/**/*') + %w(LICENSE README.md CHANGELOG.md)
+  s.files                  = Dir.glob('{bin,lib}/**/*') + %w[LICENSE README.md CHANGELOG.md]
   s.homepage               = 'https://github.com/sensu-plugins/sensu-plugins-kubernetes'
   s.license                = 'MIT'
   s.metadata               = { 'maintainer'         => 'sensu-plugin',
@@ -22,22 +22,23 @@ Gem::Specification.new do |s|
   s.platform               = Gem::Platform::RUBY
   s.post_install_message   = 'You can use the embedded Ruby by setting EMBEDDED_RUBY=true in /etc/default/sensu'
   s.require_paths          = ['lib']
-  s.required_ruby_version  = '>= 2.1.0'
+  s.required_ruby_version  = '>= 2.3.0'
   s.summary                = 'Sensu plugins for kubernetes'
   s.test_files             = s.files.grep(%r{^(test|spec|features)/})
   s.version                = SensuPluginsKubernetes::Version::VER_STRING
 
-  s.add_runtime_dependency 'sensu-plugin',   '~> 1.2'
-  s.add_runtime_dependency 'kubeclient',     '~> 2.3'
+  s.add_runtime_dependency 'sensu-plugin',   '~> 2.7'
+
   s.add_runtime_dependency 'activesupport',  '< 5.0.0'
+  s.add_runtime_dependency 'kubeclient',     '~> 2.3'
 
   s.add_development_dependency 'bundler',                   '~> 1.7'
   s.add_development_dependency 'codeclimate-test-reporter', '~> 0.4'
   s.add_development_dependency 'github-markup',             '~> 1.3'
   s.add_development_dependency 'pry',                       '~> 0.10'
   s.add_development_dependency 'rake',                      '~> 10.5'
   s.add_development_dependency 'redcarpet',                 '~> 3.2'
-  s.add_development_dependency 'rubocop',                   '~> 0.40.0'
   s.add_development_dependency 'rspec',                     '~> 3.4'
+  s.add_development_dependency 'rubocop',                   '~> 0.51.0'
   s.add_development_dependency 'yard',                      '~> 0.8'
 end