Merge pull request #1378 from Devils-Knight/fix-dependabot

Create or update dependabot config based on input

Author: varunsh-coder

dependabotconfig.go

@@ -2,6 +2,7 @@ package main
 
 import (
 	"bufio"
+	"encoding/json"
 	"strings"
 
 	dependabot "github.com/paulvollmer/dependabot-config-go"
@@ -15,40 +16,69 @@ type UpdateDependabotConfigResponse struct {
 	ConfigfileFetchError bool
 }
 
+type Ecosystem struct {
+	PackageEcosystem string
+	Directory        string
+	Interval         string
+}
+
+type UpdateDependabotConfigRequest struct {
+	Ecosystems []Ecosystem
+	Content    string
+}
+
 func UpdateDependabotConfig(dependabotConfig string) (*UpdateDependabotConfigResponse, error) {
-	inputConfigFile := []byte(dependabotConfig)
+	var updateDependabotConfigRequest UpdateDependabotConfigRequest
+	json.Unmarshal([]byte(dependabotConfig), &updateDependabotConfigRequest)
+	inputConfigFile := []byte(updateDependabotConfigRequest.Content)
 	configMetadata := dependabot.New()
 	err := configMetadata.Unmarshal(inputConfigFile)
 	if err != nil {
 		return nil, err
 	}
 
 	response := new(UpdateDependabotConfigResponse)
-	response.FinalOutput = dependabotConfig
-	response.OriginalInput = dependabotConfig
+	response.FinalOutput = updateDependabotConfigRequest.Content
+	response.OriginalInput = updateDependabotConfigRequest.Content
 	response.IsChanged = false
 
-	if !configMetadata.HasPackageEcosystem("github-actions") {
-		item := dependabot.Update{}
-		item.PackageEcosystem = "github-actions"
-		item.Directory = "/"
+	if updateDependabotConfigRequest.Content == "" {
+		if len(updateDependabotConfigRequest.Ecosystems) == 0 {
+			return response, nil
+		}
+		response.FinalOutput = "version: 2\nupdates:"
+	} else {
+		response.FinalOutput += "\n"
+	}
+	for _, Update := range updateDependabotConfigRequest.Ecosystems {
+		updateAlreadyExist := false
+		for _, update := range configMetadata.Updates {
+			if update.PackageEcosystem == Update.PackageEcosystem && update.Directory == Update.Directory {
+				updateAlreadyExist = true
+				break
+			}
+		}
+		if !updateAlreadyExist {
+			item := dependabot.Update{}
+			item.PackageEcosystem = Update.PackageEcosystem
+			item.Directory = Update.Directory
 
-		schedule := dependabot.Schedule{}
-		schedule.Interval = "daily"
+			schedule := dependabot.Schedule{}
+			schedule.Interval = Update.Interval
 
-		item.Schedule = schedule
-		items := []dependabot.Update{}
-		items = append(items, item)
-		addedItem, err := yaml.Marshal(items)
-		data := string(addedItem)
+			item.Schedule = schedule
+			items := []dependabot.Update{}
+			items = append(items, item)
+			addedItem, err := yaml.Marshal(items)
+			data := string(addedItem)
 
-		data = addIndentation(data)
-		if err != nil {
-			return nil, err
+			data = addIndentation(data)
+			if err != nil {
+				return nil, err
+			}
+			response.FinalOutput = response.FinalOutput + data
+			response.IsChanged = true
 		}
-
-		response.FinalOutput = response.FinalOutput + "\n" + data
-		response.IsChanged = true
 	}
 
 	return response, nil

dependabotconfig_test.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+	"encoding/json"
 	"io/ioutil"
 	"log"
 	"path"
@@ -13,27 +14,51 @@ func TestConfigDependabotFile(t *testing.T) {
 	const outputDirectory = "./testfiles/dependabotfiles/output"
 
 	tests := []struct {
-		fileName  string
-		isChanged bool
+		fileName   string
+		Ecosystems []Ecosystem
+		isChanged  bool
 	}{
-		{fileName: "DependabotFile-without-github-action.yml", isChanged: true},
-		{fileName: "DependabotFile-with-github-action.yml", isChanged: false},
+		{
+			fileName:   "Without-github-action.yml",
+			Ecosystems: []Ecosystem{{"github-actions", "/", "daily"}, {"npm", "/app", "daily"}},
+			isChanged:  true,
+		},
+		{
+			fileName:   "With-github-action.yml",
+			Ecosystems: []Ecosystem{{"github-actions", "/", "daily"}},
+			isChanged:  false,
+		},
+		{
+			fileName:   "File-not-exit.yml",
+			Ecosystems: []Ecosystem{{"github-actions", "/", "daily"}},
+			isChanged:  true,
+		},
+		{
+			fileName:   "Same-ecosystem-different-directory.yml",
+			Ecosystems: []Ecosystem{{"github-actions", "/", "daily"}, {"npm", "/sample", "daily"}},
+			isChanged:  true,
+		},
 	}
 
 	for _, test := range tests {
-
+		var updateDependabotConfigRequest UpdateDependabotConfigRequest
 		input, err := ioutil.ReadFile(path.Join(inputDirectory, test.fileName))
 		if err != nil {
 			log.Fatal(err)
 		}
+		updateDependabotConfigRequest.Content = string(input)
+		updateDependabotConfigRequest.Ecosystems = test.Ecosystems
+		inputRequest, err := json.Marshal(updateDependabotConfigRequest)
+		if err != nil {
+			log.Fatal(err)
+		}
 
-		output, err := UpdateDependabotConfig(string(input))
+		output, err := UpdateDependabotConfig(string(inputRequest))
 		if err != nil {
 			t.Fatalf("Error not expected: %s", err)
 		}
 
 		expectedOutput, err := ioutil.ReadFile(path.Join(outputDirectory, test.fileName))
-
 		if err != nil {
 			log.Fatal(err)
 		}

main.go

@@ -183,28 +183,10 @@ func (h Handler) Invoke(ctx context.Context, req []byte) ([]byte, error) {
 
 		if strings.Contains(httpRequest.RawPath, "/update-dependabot-config") {
 
-			configFile := ""
-			queryStringParams := httpRequest.QueryStringParameters
-			// if owner is set, assuming that repo, path are also set
-			// get the dockerfile using API
-			if _, ok := queryStringParams["owner"]; ok {
-				configFile, err = GetGitHubWorkflowContents(httpRequest.QueryStringParameters)
-				if err != nil {
-					fixResponse := &UpdateDependabotConfigResponse{ConfigfileFetchError: true}
-					output, _ := json.Marshal(fixResponse)
-					response = events.APIGatewayProxyResponse{
-						StatusCode: http.StatusOK,
-						Body:       string(output),
-					}
-					returnValue, _ := json.Marshal(&response)
-					return returnValue, nil
-				}
-			} else {
-				// if owner is not set, then dockerfile should be sent in the body
-				configFile = httpRequest.Body
-			}
+			updateDependabotConfigRequest := ""
+			updateDependabotConfigRequest = httpRequest.Body
 
-			fixResponse, err := UpdateDependabotConfig(configFile)
+			fixResponse, err := UpdateDependabotConfig(updateDependabotConfigRequest)
 			if err != nil {
 				response = events.APIGatewayProxyResponse{
 					StatusCode: http.StatusInternalServerError,

testfiles/dependabotfiles/input/File-not-exit.yml

@@ -0,0 +1,7 @@
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    # Files stored in `app` directory
+    directory: "/app"
+    schedule:
+      interval: "daily"

testfiles/dependabotfiles/input/DependabotFile-without-github-action.yml renamed to testfiles/dependabotfiles/input/Same-ecosystem-different-directory.yml

@@ -0,0 +1,6 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: daily

testfiles/dependabotfiles/input/DependabotFile-with-github-action.yml renamed to testfiles/dependabotfiles/input/With-github-action.yml

@@ -0,0 +1,17 @@
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    # Files stored in `app` directory
+    directory: "/app"
+    schedule:
+      interval: "daily"
+
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: daily
+
+  - package-ecosystem: npm
+    directory: /sample
+    schedule:
+      interval: daily

testfiles/dependabotfiles/input/Without-github-action.yml

@@ -11,4 +11,4 @@ updates:
     # default location of `.github/workflows`
     directory: "/"
     schedule:
-      interval: "daily"
+      interval: "daily"