-
Notifications
You must be signed in to change notification settings - Fork 2
/
update.rb
125 lines (107 loc) · 3.47 KB
/
update.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
# Taken from dependabot/update-script
# Modified to only support dependabot-lein
# And add support for github maven repository
require "dependabot/file_fetchers"
require "dependabot/file_parsers"
require "dependabot/update_checkers"
require "dependabot/file_updaters"
require "dependabot/pull_request_creator"
require "dependabot/lein"
require "dependabot/maven"
github_maven_registries = ENV.fetch("GITHUB_MAVEN_REGISTRIES", "").split(",").map do |url|
{
"type" => "maven_repository",
"url" => url,
"username" => "x-access-token",
"password" => ENV["GITHUB_TOKEN"]
}
end
credentials = [
{
"type" => "git_source",
"host" => "github.com",
"username" => "x-access-token",
"password" => ENV["GITHUB_TOKEN"]
},
*github_maven_registries
]
repo_name = ENV["GITHUB_REPO"]
directory = ENV["DIRECTORY_PATH"] || "/"
package_manager = "lein"
source = Dependabot::Source.new(
provider: "github",
repo: repo_name,
directory: directory,
branch: nil,
)
##############################
# Fetch the dependency files #
##############################
puts "Fetching #{package_manager} dependency files for #{repo_name}"
fetcher = Dependabot::FileFetchers.for_package_manager(package_manager).new(
source: source,
credentials: credentials,
)
files = fetcher.files
commit = fetcher.commit
##############################
# Parse the dependency files #
##############################
puts "Parsing dependencies information"
parser = Dependabot::FileParsers.for_package_manager(package_manager).new(
dependency_files: files,
source: source,
credentials: credentials,
)
dependencies = parser.parse
dependencies.select(&:top_level?).each do |dep|
#########################################
# Get update details for the dependency #
#########################################
checker = Dependabot::UpdateCheckers.for_package_manager(package_manager).new(
dependency: dep,
dependency_files: files,
credentials: credentials,
)
next if checker.up_to_date?
requirements_to_unlock =
if !checker.requirements_unlocked_or_can_be?
if checker.can_update?(requirements_to_unlock: :none) then :none
else :update_not_possible
end
elsif checker.can_update?(requirements_to_unlock: :own) then :own
elsif checker.can_update?(requirements_to_unlock: :all) then :all
else :update_not_possible
end
next if requirements_to_unlock == :update_not_possible
updated_deps = checker.updated_dependencies(
requirements_to_unlock: requirements_to_unlock
)
#####################################
# Generate updated dependency files #
#####################################
print " - Updating #{dep.name} (from #{dep.version})…"
updater = Dependabot::FileUpdaters.for_package_manager(package_manager).new(
dependencies: updated_deps,
dependency_files: files,
credentials: credentials,
)
updated_files = updater.updated_dependency_files
########################################
# Create a pull request for the update #
########################################
pr_creator = Dependabot::PullRequestCreator.new(
source: source,
base_commit: commit,
dependencies: updated_deps,
files: updated_files,
credentials: credentials,
assignees: [(ENV["PULL_REQUESTS_ASSIGNEE"] || ENV["GITLAB_ASSIGNEE_ID"])&.to_i],
label_language: true,
)
pull_request = pr_creator.create
puts " submitted"
rescue Dependabot::PrivateSourceAuthenticationFailure => e
puts "Failed to updated #{e.message}"
end
puts "Done"