Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

service doesn't create PRs for the same dependency across multiple directories with wildcard #10090

Closed
1 task done
lucacome opened this issue Jun 26, 2024 · 10 comments
Closed
1 task done
Assignees
Labels
service 💁 Relates to Dependabot features GitHub provides T: bug 🐞 Something isn't working

Comments

@lucacome
Copy link

lucacome commented Jun 26, 2024

Is there an existing issue for this?

  • I have searched the existing issues

Package ecosystem

Docker

Package manager version

No response

Language version

No response

Manifest location and content before the Dependabot update

No response

dependabot.yml content

https://github.com/opentracing-contrib/nginx-opentracing/blob/master/.github/dependabot.yml

Updated dependency

No response

What you expected to see, versus what you actually saw

Dependabot says this in the logs:

updater | 2024/06/26 23:45:12 INFO Results:
updater | +------------------------------------------+
updater | |   Changes to Dependabot Pull Requests    |
updater | +---------+--------------------------------+
updater | | created | ubuntu ( from 22.04 to 24.04 ) |
updater | | created | php ( from 7-fpm to 8-fpm )    |
updater | | created | ubuntu ( from 18.04 to 24.04 ) |
updater | | created | ubuntu ( from 18.04 to 24.04 ) |
updater | | created | ubuntu ( from 18.04 to 24.04 ) |
updater | | created | ubuntu ( from 17.10 to 24.04 ) |
updater | | created | ubuntu ( from 17.10 to 24.04 ) |
updater | | created | ubuntu ( from 22.04 to 24.04 ) |
updater | | created | python ( from 3.10 to 3.12 )   |
updater | +---------+--------------------------------+

but it only opened:

I expected a PR for ubuntu with changes to all the Dockerfiles

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

No response

Smallest manifest that reproduces the issue

No response

@lucacome lucacome added the T: bug 🐞 Something isn't working label Jun 26, 2024
@github-actions github-actions bot added L: git:submodules Git submodules L: php:composer Issues and code for Composer L: python labels Jun 26, 2024
@lucacome
Copy link
Author

I triggered dependabot again after merging 631 and it opened one for the next ubuntu on the list
opentracing-contrib/nginx-opentracing#634
but then decided to supersede it with one in another folder
opentracing-contrib/nginx-opentracing#635

@robbert-nlo
Copy link

robbert-nlo commented Jun 27, 2024

I'm seeing something similar with this config:

version: 2
updates:
  - package-ecosystem: "terraform"
    directories:
      - "*"
    schedule:
      interval: "monthly"

This is running on a Terraform project having multiple envs in multiple directories, with manifest files like this:

lab/providers.tf
acc/providers.tf
prd/providers.tf

It only creates a PR for one of the dirs/files.

@jakecoffman jakecoffman added service 💁 Relates to Dependabot features GitHub provides and removed L: php:composer Issues and code for Composer L: git:submodules Git submodules L: python labels Jun 27, 2024
@lucacome
Copy link
Author

lucacome commented Jul 5, 2024

From the conversation in #2178 it seemed like using the grouping settings would force dependabot to open a PR with all the changes across multiple directories.

But this doesn't seem to be working either.

I have a grouping of go.opentelemetry.io/otel dependencies and dependabot opened just one PR for a single directory instead of two.

@deki
Copy link

deki commented Jul 8, 2024

@lucacome same behavior on my end

@anthonysomerset
Copy link

anthonysomerset commented Jul 12, 2024

I'm seeing something similar with this config:

version: 2
updates:
  - package-ecosystem: "terraform"
    directories:
      - "*"
    schedule:
      interval: "monthly"

This is running on a Terraform project having multiple envs in multiple directories, with manifest files like this:

lab/providers.tf
acc/providers.tf
prd/providers.tf

It only creates a PR for one of the dirs/files.

i ran this same config, and then created seperate lines for individual directories thinking this was the issue but i get the same behaviour in both scenarios

EDIT

i was able to make this work with the following groups config:

    groups:
      minor-and-patch:
        update-types:
          - "patch"
          - "minor"

however not keen on the PR name that gets opened but it gets the job done:
Bump the minor-and-patch group across 8 directories with 1 update #6

for me i would love a grouping that bases on the directory with updates so 1 PR per folder

@jakecoffman jakecoffman changed the title Wildcard doesn't work service doesn't create PRs for the same dependency across multiple directories with wildcard Jul 25, 2024
@github-actions github-actions bot added L: git:submodules Git submodules L: php:composer Issues and code for Composer L: python labels Jul 25, 2024
@jakecoffman jakecoffman removed L: php:composer Issues and code for Composer L: git:submodules Git submodules L: python labels Jul 25, 2024
@jakecoffman
Copy link
Member

This should be fixed now.

Our service wasn't taking the directory of the dependency into account yet, so it would create the first PR for ubuntu in one directory, but then see the next one was also ubuntu and would skip it thinking it was already created by the previous PR.

@jakecoffman jakecoffman self-assigned this Jul 31, 2024
@lucacome
Copy link
Author

lucacome commented Aug 1, 2024

@jakecoffman seems like we're going in the wrong direction, I have two different PRs updating the same thing now

The first one doesn't say "in /tests" but it's the same file.

@jakecoffman jakecoffman reopened this Aug 1, 2024
@jakecoffman
Copy link
Member

Looks like the error is in dependabot-core this time, from the job logs:

+------------------------------------------------------------------------------------------------------------------------------------+
|                                                Changes to Dependabot Pull Requests                                                 |
+---------+--------------------------------------------------------------------------------------------------------------------------+
| created | grpcio ( from 1.65.1 to 1.65.2 ), grpcio ( from 1.65.1 to 1.65.2 ), grpcio ( from 1.65.1 to 1.65.2 ), grpcio-health-c... |
| created | protobuf ( from 5.27.2 to 5.27.3 )                                                                                       |
| created | protobuf ( from 5.27.2 to 5.27.3 )                                                                                       |
+---------+--------------------------------------------------------------------------------------------------------------------------+

I'll get this fixed!

@jakecoffman
Copy link
Member

I was able to reproduce the behavior and tracked down the reason why. I opened a new issue to track that fix: #10340

@deki
Copy link

deki commented Aug 12, 2024

Just opened another issue related to duplicate PRs in Java #10415

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
service 💁 Relates to Dependabot features GitHub provides T: bug 🐞 Something isn't working
Projects
Status: Done
Development

No branches or pull requests

5 participants