Various logs-dispatcher fixes

[smlx]

• Pin the dependency tree using bundler.
• Bump all gems to latest version.
• Bump fluentd base image to latest version.

[tobybellwood]

I'd much prefer specifying the version in the Gemfile (maybe even with a carat for minor version compatibility) and not committing the vendor dir. The result will be the same, but it will allow automated updates to be PR'd, and make updates less manual.

I've got the change(s) if you want them?

gem 'fluent-plugin-cloudwatch-logs', '~> 0.14.3'
gem 'fluent-plugin-datadog', '~> 0.14.2'
gem 'fluent-plugin-kubernetes_metadata_filter', '~> 3.1.2'
gem 'fluent-plugin-multi-format-parser', '~> 1.0.0'
gem 'fluent-plugin-prometheus', '~> 2.0.3'
gem 'fluent-plugin-rabbitmq', '~> 0.0.9'
gem 'fluent-plugin-record-modifier', '~> 2.1.1'
gem 'fluent-plugin-remote-syslog', '~> 1.1'
gem 'fluent-plugin-rewrite-tag-filter', '~> 2.4.0'
gem 'fluent-plugin-route', '~> 1.0.0'
gem 'fluent-plugin-s3', '~> 1.7.2'
gem 'fluent-plugin-splunk-enterprise', '~> 0.10.2'
gem 'fluent-plugin-sumologic_output', '~> 1.8.0'

[smlx]

Thanks for taking a look. I can remove the vendored gems if you like, but it might be a good idea to leave them in. The advantages of vendoring include:

• Gems are guaranteed not to change instead of relying on a version number.
• Build don't depend on rubygems.org being up.

Dependabot supports vendoring the gems, so automated upgrades shouldn't be too difficult?

Limiting the versions to minor upgrades (which is what ~> does) may also cause problems due to missing major version upgrades. e.g. v3 of the k8s metadata plugin was a breaking change (it broke our config!) but it also has important fixes for recent versions of k8s that we need.

Let me know what you think 🙂

[tobybellwood]

yup - happy now!