dependabot-common 0.134.2 → 0.135.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/clients/azure.rb +22 -0
- data/lib/dependabot/pull_request_updater.rb +12 -0
- data/lib/dependabot/pull_request_updater/azure.rb +112 -0
- data/lib/dependabot/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bb9241efa54ea5f5abb737f0f9834a5f4c75827d8150f9ad9277015e5be30fef
|
|
4
|
+
data.tar.gz: fbbacbc6ff52a4824cde4f5b8088c3532c1745c4dcf5af8b93f73f2ccbf25c6c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4dad05be71eec18d9edbed5ae5d7537167c679412b6295e80aa4dcac6e559aef9ce25632e9a71c11d1b978e087afc846110e3dcb5d3006ea6dbfbd2caee71002
|
|
7
|
+
data.tar.gz: 4f4721d909bd2da3563779409432c34d9787f68209852bef348e54081f91aac3e93fc87656cd8731772144db7e9c8ede20dc6fc508acff072fe11af89bfffbda
|
|
@@ -183,6 +183,28 @@ module Dependabot
|
|
|
183
183
|
"/_apis/git/repositories/" + source.unscoped_repo +
|
|
184
184
|
"/pullrequests?api-version=5.0", content.to_json)
|
|
185
185
|
end
|
|
186
|
+
|
|
187
|
+
def pull_request(pull_request_id)
|
|
188
|
+
response = get(source.api_endpoint +
|
|
189
|
+
source.organization + "/" + source.project +
|
|
190
|
+
"/_apis/git/pullrequests/" + pull_request_id)
|
|
191
|
+
|
|
192
|
+
JSON.parse(response.body)
|
|
193
|
+
end
|
|
194
|
+
|
|
195
|
+
def update_ref(branch_name, old_commit, new_commit)
|
|
196
|
+
content = [
|
|
197
|
+
{
|
|
198
|
+
name: "refs/heads/" + branch_name,
|
|
199
|
+
oldObjectId: old_commit,
|
|
200
|
+
newObjectId: new_commit
|
|
201
|
+
}
|
|
202
|
+
]
|
|
203
|
+
|
|
204
|
+
post(source.api_endpoint + source.organization + "/" + source.project +
|
|
205
|
+
"/_apis/git/repositories/" + source.unscoped_repo +
|
|
206
|
+
"/refs?api-version=5.0", content.to_json)
|
|
207
|
+
end
|
|
186
208
|
# rubocop:enable Metrics/ParameterLists
|
|
187
209
|
|
|
188
210
|
def get(url)
|
|
@@ -27,6 +27,7 @@ module Dependabot
|
|
|
27
27
|
case source.provider
|
|
28
28
|
when "github" then github_updater.update
|
|
29
29
|
when "gitlab" then gitlab_updater.update
|
|
30
|
+
when "azure" then azure_updater.update
|
|
30
31
|
else raise "Unsupported provider #{source.provider}"
|
|
31
32
|
end
|
|
32
33
|
end
|
|
@@ -56,5 +57,16 @@ module Dependabot
|
|
|
56
57
|
pull_request_number: pull_request_number
|
|
57
58
|
)
|
|
58
59
|
end
|
|
60
|
+
|
|
61
|
+
def azure_updater
|
|
62
|
+
Azure.new(
|
|
63
|
+
source: source,
|
|
64
|
+
base_commit: base_commit,
|
|
65
|
+
old_commit: old_commit,
|
|
66
|
+
files: files,
|
|
67
|
+
credentials: credentials,
|
|
68
|
+
pull_request_number: pull_request_number
|
|
69
|
+
)
|
|
70
|
+
end
|
|
59
71
|
end
|
|
60
72
|
end
|
|
@@ -0,0 +1,112 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "dependabot/clients/azure"
|
|
4
|
+
require "securerandom"
|
|
5
|
+
|
|
6
|
+
module Dependabot
|
|
7
|
+
class PullRequestUpdater
|
|
8
|
+
class Azure
|
|
9
|
+
OBJECT_ID_FOR_BRANCH_DELETE = "0000000000000000000000000000000000000000"
|
|
10
|
+
|
|
11
|
+
attr_reader :source, :files, :base_commit, :old_commit, :credentials,
|
|
12
|
+
:pull_request_number
|
|
13
|
+
|
|
14
|
+
def initialize(source:, files:, base_commit:, old_commit:,
|
|
15
|
+
credentials:, pull_request_number:)
|
|
16
|
+
@source = source
|
|
17
|
+
@files = files
|
|
18
|
+
@base_commit = base_commit
|
|
19
|
+
@old_commit = old_commit
|
|
20
|
+
@credentials = credentials
|
|
21
|
+
@pull_request_number = pull_request_number
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def update
|
|
25
|
+
return unless pull_request_exists? && source_branch_exists?
|
|
26
|
+
|
|
27
|
+
update_source_branch
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
private
|
|
31
|
+
|
|
32
|
+
def azure_client_for_source
|
|
33
|
+
@azure_client_for_source ||=
|
|
34
|
+
Dependabot::Clients::Azure.for_source(
|
|
35
|
+
source: source,
|
|
36
|
+
credentials: credentials
|
|
37
|
+
)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def pull_request_exists?
|
|
41
|
+
pull_request
|
|
42
|
+
rescue Dependabot::Clients::Azure::NotFound
|
|
43
|
+
false
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def source_branch_exists?
|
|
47
|
+
azure_client_for_source.branch(source_branch_name)
|
|
48
|
+
rescue Dependabot::Clients::Azure::NotFound
|
|
49
|
+
false
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
# Currently the PR diff in ADO shows difference in commits instead of actual diff in files.
|
|
53
|
+
# This workaround is done to get the target branch commit history on the source branch alongwith file changes
|
|
54
|
+
def update_source_branch
|
|
55
|
+
# 1) Push the file changes to a newly created temporary branch (from base commit)
|
|
56
|
+
new_commit = create_temp_branch
|
|
57
|
+
# 2) Update PR source branch to point to the temp branch head commit.
|
|
58
|
+
update_branch(source_branch_name, old_source_branch_commit, new_commit)
|
|
59
|
+
# 3) Delete temp branch
|
|
60
|
+
update_branch(temp_branch_name, new_commit, OBJECT_ID_FOR_BRANCH_DELETE)
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
def pull_request
|
|
64
|
+
@pull_request ||=
|
|
65
|
+
azure_client_for_source.pull_request(pull_request_number.to_s)
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
def source_branch_name
|
|
69
|
+
@source_branch_name ||= pull_request&.fetch("sourceRefName")&.gsub("refs/heads/", "")
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
def create_temp_branch
|
|
73
|
+
response = azure_client_for_source.create_commit(
|
|
74
|
+
temp_branch_name,
|
|
75
|
+
base_commit,
|
|
76
|
+
commit_message,
|
|
77
|
+
files,
|
|
78
|
+
nil
|
|
79
|
+
)
|
|
80
|
+
|
|
81
|
+
JSON.parse(response.body).fetch("refUpdates").first.fetch("newObjectId")
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
def temp_branch_name
|
|
85
|
+
@temp_branch_name ||=
|
|
86
|
+
"#{source_branch_name}-temp-#{SecureRandom.uuid[0..6]}"
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
def update_branch(branch_name, old_commit, new_commit)
|
|
90
|
+
azure_client_for_source.update_ref(
|
|
91
|
+
branch_name,
|
|
92
|
+
old_commit,
|
|
93
|
+
new_commit
|
|
94
|
+
)
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
# For updating source branch, we require the latest commit for the source branch.
|
|
98
|
+
def commit_being_updated
|
|
99
|
+
@commit_being_updated ||=
|
|
100
|
+
azure_client_for_source.commits(source_branch_name).first
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
def old_source_branch_commit
|
|
104
|
+
commit_being_updated.fetch("commitId")
|
|
105
|
+
end
|
|
106
|
+
|
|
107
|
+
def commit_message
|
|
108
|
+
commit_being_updated.fetch("comment")
|
|
109
|
+
end
|
|
110
|
+
end
|
|
111
|
+
end
|
|
112
|
+
end
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-common
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.135.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-03-
|
|
11
|
+
date: 2021-03-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-codecommit
|
|
@@ -417,6 +417,7 @@ files:
|
|
|
417
417
|
- lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb
|
|
418
418
|
- lib/dependabot/pull_request_creator/pr_name_prefixer.rb
|
|
419
419
|
- lib/dependabot/pull_request_updater.rb
|
|
420
|
+
- lib/dependabot/pull_request_updater/azure.rb
|
|
420
421
|
- lib/dependabot/pull_request_updater/github.rb
|
|
421
422
|
- lib/dependabot/pull_request_updater/gitlab.rb
|
|
422
423
|
- lib/dependabot/security_advisory.rb
|