dependabot-common 0.112.37 → 0.113.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d7430df3fea7dd40e4688df4f0ae33d1ad870fa722f03662ff2c743d45c9efcc
-  data.tar.gz: b2646081ac5939afea56a79e87db4bb7fa4c50f603326f53c758f1acae9c32ee
+  metadata.gz: 7eb561f6b9db3dd211d0bc3460c1c96d278e186bd25faf76e57c98c22cff608c
+  data.tar.gz: 8373d8b75739267c3192095c2192a9ec331a7d72cce22d75c49b6ff868400c64
 SHA512:
-  metadata.gz: 4e5c2230afc16c8cf1a0bbce111bf980bddd5eec9318efecaa95107f1b6d2ea571e3323fe23929af37cb65c6ae42fa4ab6a6671eb34f85fdc2ee84869545a24a
-  data.tar.gz: f2c387692a362cdb132094a8f1a6d6639b3fbd1c59eb45b92e3f9183440ca2696f411caeed1f80edbbd932d22fbdbd3d034131f611ae3a4aef108fc690e92cac
+  metadata.gz: 797bc0341528f81dd672acf0610ba66e8322469d533648c7542158a9a9a0691180730a2198abc26a9bb94c4c6b45e1f5bb0dd36d5c3cda1f42df678efae2fdae
+  data.tar.gz: f958d9ba00f410b9354d7ca4f69df0ca4bd8e184e691e2082e77e1a265d14b4709e154c6c761a4a9cd0f0090f9632a93ee701b48dabcf6e8431725310eb715bf

data/lib/dependabot/clients/codecommit.rb

@@ -0,0 +1,198 @@
+# frozen_string_literal: true
+
+require "dependabot/shared_helpers"
+
+module Dependabot
+  module Clients
+    class CodeCommit
+      class NotFound < StandardError; end
+
+      #######################
+      # Constructor methods #
+      #######################
+
+      def self.for_source(source:, credentials:)
+        credential =
+          credentials.
+          select { |cred| cred["type"] == "git_source" }.
+          find { |cred| cred["region"] == source.hostname }
+
+        new(source, credential)
+      end
+
+      ##########
+      # Client #
+      ##########
+
+      def initialize(source, credentials)
+        @source = source
+        @cc_client = Aws::CodeCommit::Client.new(
+          access_key_id: credentials&.fetch("username"),
+          secret_access_key: credentials&.fetch("password"),
+          region: credentials&.fetch("region")
+        )
+      end
+
+      def fetch_commit(repo, branch)
+        cc_client.get_branch(
+          branch_name: branch,
+          repository_name: repo
+        ).branch.commit_id
+      end
+
+      def fetch_default_branch(repo)
+        cc_client.get_repository(
+          repository_name: repo
+        ).repository_metadata.default_branch
+      end
+
+      def fetch_repo_contents(repo, commit = nil, path = nil)
+        actual_path = path
+        actual_path = "/" if path.to_s.empty?
+
+        cc_client.get_folder(
+          repository_name: repo,
+          commit_specifier: commit,
+          folder_path: actual_path
+        )
+      end
+
+      def fetch_file_contents(repo, commit, path)
+        cc_client.get_file(
+          repository_name: repo,
+          commit_specifier: commit,
+          file_path: path
+        ).file_content
+        rescue Aws::CodeCommit::Errors::FileDoesNotExistException
+          raise NotFound
+      end
+
+      def branch(branch_name)
+        cc_client.get_branch(
+          repository_name: source.unscoped_repo,
+          branch_name: branch_name
+        )
+      end
+
+      # work around b/c codecommit doesn't have a 'get all commits' api..
+      def fetch_commits(repo, branch_name, result_count)
+        top_commit = fetch_commit(repo, branch_name)
+        retrieved_commits = []
+        pending_commits = []
+
+        # get the parent commit ids from the latest commit on the default branch
+        latest_commit = @cc_client.get_commit(
+          repository_name: repo,
+          commit_id: top_commit
+        )
+
+        # add the parent commit ids to the pending_commits array
+        pending_commits.push(*latest_commit.commit.parents)
+
+        # iterate over the array of pending commits and
+        # get each of the corresponding parent commits
+        until pending_commits.empty? || retrieved_commits.count > result_count
+          commit_id = pending_commits[0]
+
+          # get any parent commits from the provided commit
+          parent_commits = @cc_client.get_commit(
+            repository_name: repo,
+            commit_id: commit_id
+          )
+
+          # remove the previously retrieved_commits
+          # form the pending_commits array
+          pending_commits.delete(commit_id)
+          # add the commit id to the retrieved_commits array
+          retrieved_commits << commit_id
+          # add the retrieved parent commits to the pending_commits array
+          pending_commits.push(*parent_commits.commit.parents)
+        end
+
+        retrieved_commits << top_commit
+        result = retrieved_commits | pending_commits
+        result
+      end
+
+      def commits(repo, branch_name = source.branch)
+        retrieved_commits = fetch_commits(repo, branch_name, 5)
+
+        result = @cc_client.batch_get_commits(
+          commit_ids: retrieved_commits,
+          repository_name: repo
+        )
+
+        # sort the results by date
+        result.commits.sort! { |a, b| b.author.date <=> a.author.date }
+        result
+      end
+
+      def pull_requests(repo, state, branch)
+        pull_request_ids = @cc_client.list_pull_requests(
+          repository_name: repo,
+          pull_request_status: state
+        ).pull_request_ids
+
+        result = []
+        # list_pull_requests only gets us the pull request id
+        # get_pull_request has all the info we need
+        pull_request_ids.each do |id|
+          pr_hash = @cc_client.get_pull_request(
+            pull_request_id: id
+          )
+          # only include PRs from the referenced branch
+          if pr_hash.pull_request.pull_request_targets[0].
+             source_reference.include? branch
+            result << pr_hash
+          end
+        end
+        result
+      end
+
+      def create_branch(repo, branch_name, commit_id)
+        cc_client.create_branch(
+          repository_name: repo,
+          branch_name: branch_name,
+          commit_id: commit_id
+        )
+      end
+
+      def create_commit(branch_name, author_name, base_commit, commit_message,
+                        files)
+        cc_client.create_commit(
+          repository_name: source.unscoped_repo,
+          branch_name: branch_name,
+          parent_commit_id: base_commit,
+          author_name: author_name,
+          commit_message: commit_message,
+          put_files: files.map do |file|
+            {
+              file_path: file.path,
+              file_mode: "NORMAL",
+              file_content: file.content
+            }
+          end
+        )
+      end
+
+      def create_pull_request(pr_name, target_branch, source_branch,
+                              pr_description)
+        cc_client.create_pull_request(
+          title: pr_name,
+          description: pr_description,
+          targets: [
+            repository_name: source.unscoped_repo,
+            source_reference: target_branch,
+            destination_reference: source_branch
+          ]
+        )
+      end
+
+      private
+
+      attr_reader :credentials
+      attr_reader :source
+      attr_reader :cc_client
+    end
+  end
+end

data/lib/dependabot/file_fetchers/base.rb

@@ -4,6 +4,7 @@ require "dependabot/dependency_file"
 require "dependabot/source"
 require "dependabot/errors"
 require "dependabot/clients/azure"
+require "dependabot/clients/codecommit"
 require "dependabot/clients/github_with_retries"
 require "dependabot/clients/bitbucket_with_retries"
 require "dependabot/clients/gitlab_with_retries"
@@ -19,7 +20,8 @@ module Dependabot
         Octokit::NotFound,
         Gitlab::Error::NotFound,
         Dependabot::Clients::Azure::NotFound,
-        Dependabot::Clients::Bitbucket::NotFound
+        Dependabot::Clients::Bitbucket::NotFound,
+        Dependabot::Clients::CodeCommit::NotFound
       ].freeze
 
       def self.required_files_in?(_filename_array)
@@ -153,6 +155,8 @@ module Dependabot
           _azure_repo_contents(path, commit)
         when "bitbucket"
           _bitbucket_repo_contents(repo, path, commit)
+        when "codecommit"
+          _codecommit_repo_contents(repo, path, commit)
         else raise "Unsupported provider '#{provider}'."
         end
       end
@@ -263,6 +267,23 @@ module Dependabot
         end
       end
 
+      def _codecommit_repo_contents(repo, path, commit)
+        response = codecommit_client.fetch_repo_contents(
+          repo,
+          commit,
+          path
+        )
+
+        response.files.map do |file|
+          OpenStruct.new(
+            name: file.absolute_path,
+            path: file.absolute_path,
+            type: "file",
+            size: 0 # file size would require new api call per file..
+          )
+        end
+      end
+
       def _full_specification_for(path, fetch_submodules:)
         if fetch_submodules && _linked_dir_for(path)
           linked_dir_details = @linked_paths[_linked_dir_for(path)]
@@ -319,6 +340,8 @@ module Dependabot
           azure_client.fetch_file_contents(commit, path)
         when "bitbucket"
           bitbucket_client.fetch_file_contents(repo, commit, path)
+        when "codecommit"
+          codecommit_client.fetch_file_contents(repo, commit, path)
         else raise "Unsupported provider '#{source.provider}'."
         end
       end
@@ -400,6 +423,7 @@ module Dependabot
         when "gitlab" then gitlab_client
         when "azure" then azure_client
         when "bitbucket" then bitbucket_client
+        when "codecommit" then codecommit_client
         else raise "Unsupported provider '#{source.provider}'."
         end
       end
@@ -433,6 +457,12 @@ module Dependabot
           Dependabot::Clients::BitbucketWithRetries.
           for_bitbucket_dot_org(credentials: credentials)
       end
+
+      def codecommit_client
+        @codecommit_client ||=
+          Dependabot::Clients::CodeCommit.
+          for_source(source: source, credentials: credentials)
+      end
     end
   end
 end

data/lib/dependabot/pull_request_creator.rb

@@ -5,6 +5,7 @@ require "dependabot/metadata_finders"
 module Dependabot
   class PullRequestCreator
     require "dependabot/pull_request_creator/azure"
+    require "dependabot/pull_request_creator/codecommit"
     require "dependabot/pull_request_creator/github"
     require "dependabot/pull_request_creator/gitlab"
     require "dependabot/pull_request_creator/message_builder"
@@ -71,6 +72,7 @@ module Dependabot
       when "github" then github_creator.create
       when "gitlab" then gitlab_creator.create
       when "azure" then azure_creator.create
+      when "codecommit" then codecommit_creator.create
       else raise "Unsupported provider #{source.provider}"
       end
     end
@@ -143,6 +145,22 @@ module Dependabot
       )
     end
 
+    def codecommit_creator
+      Codecommit.new(
+        source: source,
+        branch_name: branch_namer.new_branch_name,
+        base_commit: base_commit,
+        credentials: credentials,
+        files: files,
+        commit_message: message_builder.commit_message,
+        pr_description: message_builder.pr_message,
+        pr_name: message_builder.pr_name,
+        author_details: author_details,
+        labeler: labeler,
+        require_up_to_date_base: require_up_to_date_base?
+      )
+    end
+
     def message_builder
       @message_builder ||
         MessageBuilder.new(

data/lib/dependabot/pull_request_creator/codecommit.rb

@@ -0,0 +1,144 @@
+# frozen_string_literal: true
+
+require "dependabot/clients/codecommit"
+require "dependabot/pull_request_creator"
+
+module Dependabot
+  class PullRequestCreator
+    class Codecommit
+      attr_reader :source, :branch_name, :base_commit, :credentials,
+                  :files, :commit_message, :pr_description, :pr_name,
+                  :author_details, :labeler
+
+      def initialize(source:, branch_name:, base_commit:, credentials:,
+                     files:, commit_message:, pr_description:, pr_name:,
+                     author_details:, labeler:, require_up_to_date_base:)
+        @source                  = source
+        @branch_name             = branch_name
+        @base_commit             = base_commit
+        @credentials             = credentials
+        @files                   = files
+        @commit_message          = commit_message
+        @pr_description          = pr_description
+        @pr_name                 = pr_name
+        @author_details          = author_details
+        @labeler                 = labeler
+        @require_up_to_date_base = require_up_to_date_base
+      end
+
+      def create
+        return if branch_exists?(branch_name) && unmerged_pull_request_exists?
+        return if require_up_to_date_base? && !base_commit_is_up_to_date?
+
+        create_pull_request
+      end
+
+      private
+
+      def require_up_to_date_base?
+        @require_up_to_date_base
+      end
+
+      def base_commit_is_up_to_date?
+        codecommit_client_for_source.fetch_commit(
+          source.repo,
+          branch_name
+        ) == base_commit
+      end
+
+      def create_pull_request
+        branch = create_or_get_branch(base_commit)
+        return unless branch
+
+        pull_request = codecommit_client_for_source.create_pull_request(
+          pr_name,
+          branch_name,
+          source.branch || default_branch,
+          pr_description
+          # codecommit doesn't support PR lables
+        )
+        return unless pull_request
+
+        pull_request
+      end
+
+      def create_or_get_branch(commit)
+        # returns the branch name
+        if branch_exists?(branch_name)
+          branch_name
+        else
+          create_branch(commit)
+        end
+      end
+
+      def create_branch(commit)
+        # codecommit returns an empty response on create branch success
+        codecommit_client_for_source.create_branch(source.repo, branch_name,
+                                                   commit)
+        @branch_name = branch_name
+        branch_name
+      end
+
+      def codecommit_client_for_source
+        @codecommit_client_for_source ||=
+          Dependabot::Clients::CodeCommit.for_source(
+            source: source,
+            credentials: credentials
+          )
+      end
+
+      def branch_exists?(branch_name)
+        @branch_ref ||= codecommit_client_for_source.branch(branch_name)
+        rescue Aws::CodeCommit::Errors::BranchDoesNotExistException
+          false
+      end
+
+      def unmerged_pull_request_exists?
+        unmerged_prs = []
+        pull_requests_for_branch.each do |pr|
+          unless pr.pull_request.
+                 pull_request_targets[0].merge_metadata.is_merged
+            unmerged_prs << pr
+          end
+        end
+        unmerged_prs.any?
+      end
+
+      def pull_requests_for_branch
+        @pull_requests_for_branch ||=
+          begin
+          open_prs = codecommit_client_for_source.pull_requests(
+            source.repo,
+            "open",
+            source.branch || default_branch
+          )
+          closed_prs = codecommit_client_for_source.pull_requests(
+            source.repo,
+            "closed",
+            source.branch || default_branch
+          )
+
+          [*open_prs, *closed_prs]
+        end
+      end
+
+      def create_commit
+        author = author_details&.slice(:name, :email, :date)
+        author = nil unless author&.any?
+
+        codecommit_client_for_source.create_commit(
+          branch_name,
+          author,
+          base_commit,
+          commit_message,
+          files
+        )
+      end
+
+      def default_branch
+        @default_branch ||=
+          codecommit_client_for_source.fetch_default_branch(source.repo)
+      end
+    end
+  end
+end

data/lib/dependabot/pull_request_creator/message_builder.rb

@@ -424,7 +424,8 @@ module Dependabot
 
       def build_details_tag(summary:, body:)
         # Azure DevOps does not support <details> tag (https://developercommunity.visualstudio.com/content/problem/608769/add-support-for-in-markdown.html)
-        if source.provider == "azure"
+        # CodeCommit does not support the <details> tag (no url available)
+        if source.provider == ("azure" || "codecommit")
           "\n\##{summary}\n\n#{body}"
         else
           msg = "\n<details>\n<summary>#{summary}</summary>\n\n"

data/lib/dependabot/pull_request_creator/pr_name_prefixer.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require "dependabot/clients/azure"
+require "dependabot/clients/codecommit"
 require "dependabot/clients/github_with_retries"
 require "dependabot/clients/gitlab_with_retries"
 require "dependabot/pull_request_creator"
@@ -279,6 +280,7 @@ module Dependabot
         when "github" then recent_github_commit_messages
         when "gitlab" then recent_gitlab_commit_messages
         when "azure" then recent_azure_commit_messages
+        when "codecommit" then recent_codecommit_commit_messages
         else raise "Unsupported provider: #{source.provider}"
         end
       end
@@ -321,12 +323,24 @@ module Dependabot
           map(&:strip)
       end
 
+      def recent_codecommit_commit_messages
+        @recent_codecommit_commit_messages ||=
+          codecommit_client_for_source.commits
+        @recent_codecommit_commit_messages.commits.
+          reject { |c| c.author.email == dependabot_email }.
+          reject { |c| c.message&.start_with?("Merge") }.
+          map(&:message).
+          compact.
+          map(&:strip)
+      end
+
       def last_dependabot_commit_message
         @last_dependabot_commit_message ||=
           case source.provider
           when "github" then last_github_dependabot_commit_message
           when "gitlab" then last_gitlab_dependabot_commit_message
           when "azure" then last_azure_dependabot_commit_message
+          when "codecommit" then last_codecommit_dependabot_commit_message
           else raise "Unsupported provider: #{source.provider}"
           end
       end
@@ -367,6 +381,16 @@ module Dependabot
           strip
       end
 
+      def last_codecommit_dependabot_commit_message
+        @recent_codecommit_commit_messages ||=
+          codecommit_client_for_source.commits(source.repo)
+
+        @recent_codecommit_commit_messages.commits.
+          find { |c| c.author.email == dependabot_email }&.
+          message&.
+          strip
+      end
+
       def github_client_for_source
         @github_client_for_source ||=
           Dependabot::Clients::GithubWithRetries.for_source(
@@ -391,6 +415,14 @@ module Dependabot
           )
       end
 
+      def codecommit_client_for_source
+        @codecommit_client_for_source ||=
+          Dependabot::Clients::CodeCommit.for_source(
+            source: source,
+            credentials: credentials
+          )
+      end
+
       def package_manager
         @package_manager ||= dependencies.first.package_manager
       end

data/lib/dependabot/source.rb

@@ -54,7 +54,7 @@ module Dependabot
 
     def initialize(provider:, repo:, directory: nil, branch: nil, hostname: nil,
                    api_endpoint: nil)
-      if hostname.nil? ^ api_endpoint.nil?
+      if (hostname.nil? ^ api_endpoint.nil?) && (provider != "codecommit")
         msg = "Both hostname and api_endpoint must be specified if either "\
               "are. Alternatively, both may be left blank to use the "\
               "provider's defaults."
@@ -73,6 +73,7 @@ module Dependabot
       "https://" + hostname + "/" + repo
     end
 
+    # rubocop:disable Metrics/CyclomaticComplexity
     def url_with_directory
       return url if [nil, ".", "/"].include?(directory)
 
@@ -87,9 +88,12 @@ module Dependabot
         url + "/" + path
       when "azure"
         url + "?path=#{directory}"
+      when "codecommit"
+        raise "The codecommit provider does not utilize URLs"
       else raise "Unexpected repo provider '#{provider}'"
       end
     end
+    # rubocop:enable Metrics/CyclomaticComplexity
 
     def organization
       repo.split("/").first
@@ -116,6 +120,7 @@ module Dependabot
       when "bitbucket" then "bitbucket.org"
       when "gitlab" then "gitlab.com"
       when "azure" then "dev.azure.com"
+      when "codecommit" then "us-east-1"
       else raise "Unexpected provider '#{provider}'"
       end
     end
@@ -126,6 +131,7 @@ module Dependabot
       when "bitbucket" then "https://api.bitbucket.org/2.0/"
       when "gitlab" then "https://gitlab.com/api/v4"
       when "azure" then "https://dev.azure.com/"
+      when "codecommit" then nil
       else raise "Unexpected provider '#{provider}'"
       end
     end

data/lib/dependabot/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dependabot
-  VERSION = "0.112.37"
+  VERSION = "0.113.0"
 end

metadata

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-common
 version: !ruby/object:Gem::Version
-  version: 0.112.37
+  version: 0.113.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-09-11 00:00:00.000000000 Z
+date: 2019-09-12 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: aws-sdk-codecommit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.28'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.28'
 - !ruby/object:Gem::Dependency
   name: aws-sdk-ecr
   requirement: !ruby/object:Gem::Requirement
@@ -320,6 +334,7 @@ files:
 - lib/dependabot/clients/azure.rb
 - lib/dependabot/clients/bitbucket.rb
 - lib/dependabot/clients/bitbucket_with_retries.rb
+- lib/dependabot/clients/codecommit.rb
 - lib/dependabot/clients/github_with_retries.rb
 - lib/dependabot/clients/gitlab_with_retries.rb
 - lib/dependabot/dependency.rb
@@ -347,6 +362,7 @@ files:
 - lib/dependabot/pull_request_creator.rb
 - lib/dependabot/pull_request_creator/azure.rb
 - lib/dependabot/pull_request_creator/branch_namer.rb
+- lib/dependabot/pull_request_creator/codecommit.rb
 - lib/dependabot/pull_request_creator/commit_signer.rb
 - lib/dependabot/pull_request_creator/github.rb
 - lib/dependabot/pull_request_creator/gitlab.rb