From 0419dc1dec6fcd64b646a9854d3acae0a2e37e7d Mon Sep 17 00:00:00 2001 From: Jonas Martin Date: Wed, 2 Oct 2024 17:07:57 +0200 Subject: [PATCH 1/6] feat: Add action configuration for labels to be set in dependabot.yml --- dependabot_file.py | 17 ++++++++++++++--- env.py | 10 ++++++++++ evergreen.py | 2 ++ 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/dependabot_file.py b/dependabot_file.py index c20fd30..81d296a 100644 --- a/dependabot_file.py +++ b/dependabot_file.py @@ -5,7 +5,7 @@ def make_dependabot_config( - ecosystem, group_dependencies, indent, schedule, schedule_day + ecosystem, group_dependencies, indent, schedule, schedule_day, labels ) -> str: """ Make the dependabot configuration for a specific package ecosystem @@ -16,6 +16,7 @@ def make_dependabot_config( indent: the number of spaces to indent the dependabot configuration ex: " " schedule: the schedule to run dependabot ex: "daily" schedule_day: the day of the week to run dependabot ex: "monday" if schedule is "weekly" + labels: the list of labels to be added to dependabot configuration Returns: str: the dependabot configuration for the package ecosystem @@ -31,6 +32,13 @@ def make_dependabot_config( {indent}{indent}{indent}interval: '{schedule}'{schedule_day_line} """ + if labels: + dependabot_config += f"""{indent}{indent}labels: +""" + for label in labels: + dependabot_config += f"""{indent}{indent}{indent}- \"{label}\" +""" + if group_dependencies: dependabot_config += f"""{indent}{indent}groups: {indent}{indent}{indent}production-dependencies: @@ -49,6 +57,7 @@ def build_dependabot_file( existing_config, schedule, schedule_day, + labels, ) -> str | None: """ Build the dependabot.yml file for a repo based on the repo contents @@ -61,6 +70,7 @@ def build_dependabot_file( existing_config: the existing dependabot configuration file or None if it doesn't exist schedule: the schedule to run dependabot ex: "daily" schedule_day: the day of the week to run dependabot ex: "monday" if schedule is "daily" + labels: the list of labels to be added to dependabot configuration Returns: str: the dependabot.yml file for the repo @@ -144,7 +154,7 @@ def build_dependabot_file( if dependabot_file and dependabot_file[-1] != "\n": dependabot_file += "\n" dependabot_file += make_dependabot_config( - manager, group_dependencies, indent, schedule, schedule_day + manager, group_dependencies, indent, schedule, schedule_day, labels ) break except github3.exceptions.NotFoundError: @@ -157,7 +167,7 @@ def build_dependabot_file( if file[0].endswith(".tf"): package_managers_found["terraform"] = True dependabot_file += make_dependabot_config( - "terraform", group_dependencies, indent, schedule, schedule_day + "terraform", group_dependencies, indent, schedule, schedule_day, labels ) break except github3.exceptions.NotFoundError: @@ -173,6 +183,7 @@ def build_dependabot_file( indent, schedule, schedule_day, + labels, ) break except github3.exceptions.NotFoundError: diff --git a/env.py b/env.py index 4facb77..51a691f 100644 --- a/env.py +++ b/env.py @@ -117,6 +117,7 @@ def get_env_vars( dict, str, str, + list[str], ]: """ Get the environment variables for use in the action. @@ -148,6 +149,7 @@ def get_env_vars( repo_specific_exemptions (dict): A dictionary of per repository ecosystem exemptions schedule (str): The schedule to run the action on schedule_day (str): The day of the week to run the action on if schedule is daily + labels (list[str]): A list of labels to be added to dependabot configuration """ if not test: @@ -324,6 +326,13 @@ def get_env_vars( "SCHEDULE_DAY environment variable not 'monday', 'tuesday', 'wednesday', 'thursday', 'friday', 'saturday', or 'sunday'" ) + labels_str = os.getenv("LABELS") + labels_list = [] + if labels_str: + labels_list = [ + label.lower().strip() for label in labels_str.split(",") + ] + return ( organization, repositories_list, @@ -349,4 +358,5 @@ def get_env_vars( repo_specific_exemptions, schedule, schedule_day, + labels_list ) diff --git a/evergreen.py b/evergreen.py index ba64f49..c008d92 100644 --- a/evergreen.py +++ b/evergreen.py @@ -39,6 +39,7 @@ def main(): # pragma: no cover repo_specific_exemptions, schedule, schedule_day, + labels, ) = env.get_env_vars() # Auth to GitHub.com or GHE @@ -114,6 +115,7 @@ def main(): # pragma: no cover existing_config, schedule, schedule_day, + labels ) if dependabot_file is None: From 8f69aa9a15353b0eb2449247213be62e30cc49c8 Mon Sep 17 00:00:00 2001 From: Jonas Martin Date: Wed, 2 Oct 2024 17:08:38 +0200 Subject: [PATCH 2/6] test: add tests for labels configuration parsing and config creation --- test_dependabot_file.py | 99 ++++++++++++++++++++++++++++----------- test_env.py | 101 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 174 insertions(+), 26 deletions(-) diff --git a/test_dependabot_file.py b/test_dependabot_file.py index cb018b7..8073ffc 100644 --- a/test_dependabot_file.py +++ b/test_dependabot_file.py @@ -20,7 +20,7 @@ def test_not_found_error(self): response.status_code = 404 repo.file_contents.side_effect = github3.exceptions.NotFoundError(resp=response) - result = build_dependabot_file(repo, False, [], {}, None, "", "") + result = build_dependabot_file(repo, False, [], {}, None, "", "", []) self.assertEqual(result, None) def test_build_dependabot_file_with_schedule_day(self): @@ -40,7 +40,7 @@ def test_build_dependabot_file_with_schedule_day(self): day: 'tuesday' """ result = build_dependabot_file( - repo, False, [], {}, None, "weekly", "tuesday" + repo, False, [], {}, None, "weekly", "tuesday", [] ) self.assertEqual(result, expected_result) @@ -59,7 +59,7 @@ def test_build_dependabot_file_with_bundler(self): schedule: interval: 'weekly' """ - result = build_dependabot_file(repo, False, [], {}, None, "weekly", "") + result = build_dependabot_file(repo, False, [], {}, None, "weekly", "", []) self.assertEqual(result, expected_result) def test_build_dependabot_file_with_existing_config_bundler_no_update(self): @@ -73,7 +73,7 @@ def test_build_dependabot_file_with_existing_config_bundler_no_update(self): existing_config.decoded = b'---\nversion: 2\nupdates:\n - package-ecosystem: "bundler"\n\ directory: "/"\n schedule:\n interval: "weekly"\n commit-message:\n prefix: "chore(deps)"\n' result = build_dependabot_file( - repo, False, [], {}, existing_config, "weekly", "" + repo, False, [], {}, existing_config, "weekly", "", [] ) self.assertEqual(result, expected_result) @@ -104,7 +104,7 @@ def test_build_dependabot_file_with_2_space_indent_existing_config_bundler_with_ existing_config.decoded = b'---\nversion: 2\nupdates:\n - package-ecosystem: "pip"\n directory: "/"\n\ schedule:\n interval: "weekly"\n commit-message:\n prefix: "chore(deps)"\n' result = build_dependabot_file( - repo, False, [], {}, existing_config, "weekly", "" + repo, False, [], {}, existing_config, "weekly", "", [] ) self.assertEqual(result, expected_result) @@ -135,7 +135,7 @@ def test_build_dependabot_file_with_2_space_indent_existing_config_bundler_with_ existing_config.decoded = b'---\nversion: 2\nupdates:\n - package-ecosystem: "pip"\n directory: "/"\n\ schedule:\n interval: "weekly"\n commit-message:\n prefix: "chore(deps)"' result = build_dependabot_file( - repo, False, [], {}, existing_config, "weekly", "" + repo, False, [], {}, existing_config, "weekly", "", [] ) self.assertEqual(result, expected_result) @@ -152,7 +152,7 @@ def test_build_dependabot_file_with_weird_space_indent_existing_config_bundler_w existing_config.decoded = b'---\nversion: 2\nupdates:\n- package-ecosystem: "pip"\n directory: "/"\n\ schedule:\n interval: "weekly"\n commit-message:\n prefix: "chore(deps)"\n' result = build_dependabot_file( - repo, False, [], {}, existing_config, "weekly", "" + repo, False, [], {}, existing_config, "weekly", "", [] ) self.assertEqual(result, None) @@ -171,7 +171,7 @@ def test_build_dependabot_file_with_npm(self): schedule: interval: 'weekly' """ - result = build_dependabot_file(repo, False, [], {}, None, "weekly", "") + result = build_dependabot_file(repo, False, [], {}, None, "weekly", "", []) self.assertEqual(result, expected_result) def test_build_dependabot_file_with_pip(self): @@ -195,7 +195,7 @@ def test_build_dependabot_file_with_pip(self): schedule: interval: 'weekly' """ - result = build_dependabot_file(repo, False, [], {}, None, "weekly", "") + result = build_dependabot_file(repo, False, [], {}, None, "weekly", "", []) self.assertEqual(result, expected_result) def test_build_dependabot_file_with_cargo(self): @@ -216,7 +216,7 @@ def test_build_dependabot_file_with_cargo(self): schedule: interval: 'weekly' """ - result = build_dependabot_file(repo, False, [], {}, None, "weekly", "") + result = build_dependabot_file(repo, False, [], {}, None, "weekly", "", []) self.assertEqual(result, expected_result) def test_build_dependabot_file_with_gomod(self): @@ -232,7 +232,7 @@ def test_build_dependabot_file_with_gomod(self): schedule: interval: 'weekly' """ - result = build_dependabot_file(repo, False, [], {}, None, "weekly", "") + result = build_dependabot_file(repo, False, [], {}, None, "weekly", "", []) self.assertEqual(result, expected_result) def test_build_dependabot_file_with_composer(self): @@ -253,7 +253,7 @@ def test_build_dependabot_file_with_composer(self): schedule: interval: 'weekly' """ - result = build_dependabot_file(repo, False, [], {}, None, "weekly", "") + result = build_dependabot_file(repo, False, [], {}, None, "weekly", "", []) self.assertEqual(result, expected_result) def test_build_dependabot_file_with_hex(self): @@ -274,7 +274,7 @@ def test_build_dependabot_file_with_hex(self): schedule: interval: 'weekly' """ - result = build_dependabot_file(repo, False, [], {}, None, "weekly", "") + result = build_dependabot_file(repo, False, [], {}, None, "weekly", "", []) self.assertEqual(result, expected_result) def test_build_dependabot_file_with_nuget(self): @@ -290,7 +290,7 @@ def test_build_dependabot_file_with_nuget(self): schedule: interval: 'weekly' """ - result = build_dependabot_file(repo, False, [], {}, None, "weekly", "") + result = build_dependabot_file(repo, False, [], {}, None, "weekly", "", []) self.assertEqual(result, expected_result) def test_build_dependabot_file_with_docker(self): @@ -306,7 +306,7 @@ def test_build_dependabot_file_with_docker(self): schedule: interval: 'weekly' """ - result = build_dependabot_file(repo, False, [], {}, None, "weekly", "") + result = build_dependabot_file(repo, False, [], {}, None, "weekly", "", []) self.assertEqual(result, expected_result) def test_build_dependabot_file_with_terraform_with_files(self): @@ -327,7 +327,7 @@ def test_build_dependabot_file_with_terraform_with_files(self): schedule: interval: 'weekly' """ - result = build_dependabot_file(repo, False, [], {}, None, "weekly", "") + result = build_dependabot_file(repo, False, [], {}, None, "weekly", "", []) self.assertEqual(result, expected_result) def test_build_dependabot_file_with_terraform_without_files(self): @@ -339,7 +339,7 @@ def test_build_dependabot_file_with_terraform_without_files(self): # Test absence of Terraform files repo.directory_contents.side_effect = lambda path: [] if path == "/" else [] - result = build_dependabot_file(repo, False, [], {}, None, "weekly", "") + result = build_dependabot_file(repo, False, [], {}, None, "weekly", "", []) self.assertIsNone(result) # Test empty repository @@ -348,7 +348,7 @@ def test_build_dependabot_file_with_terraform_without_files(self): repo.directory_contents.side_effect = github3.exceptions.NotFoundError( resp=response ) - result = build_dependabot_file(repo, False, [], {}, None, "weekly", "") + result = build_dependabot_file(repo, False, [], {}, None, "weekly", "", []) self.assertIsNone(result) def test_build_dependabot_file_with_github_actions(self): @@ -369,7 +369,7 @@ def test_build_dependabot_file_with_github_actions(self): schedule: interval: 'weekly' """ - result = build_dependabot_file(repo, False, [], None, None, "weekly", "") + result = build_dependabot_file(repo, False, [], None, None, "weekly", "", []) self.assertEqual(result, expected_result) def test_build_dependabot_file_with_github_actions_without_files(self): @@ -382,7 +382,7 @@ def test_build_dependabot_file_with_github_actions_without_files(self): resp=response ) - result = build_dependabot_file(repo, False, [], None, None, "weekly", "") + result = build_dependabot_file(repo, False, [], None, None, "weekly", "", []) self.assertEqual(result, None) def test_build_dependabot_file_with_groups(self): @@ -403,7 +403,7 @@ def test_build_dependabot_file_with_groups(self): development-dependencies: dependency-type: 'development' """ - result = build_dependabot_file(repo, True, [], {}, None, "weekly", "") + result = build_dependabot_file(repo, True, [], {}, None, "weekly", "", []) self.assertEqual(result, expected_result) def test_build_dependabot_file_with_exempt_ecosystems(self): @@ -411,7 +411,7 @@ def test_build_dependabot_file_with_exempt_ecosystems(self): repo = MagicMock() repo.file_contents.side_effect = lambda filename: filename == "Dockerfile" - result = build_dependabot_file(repo, False, ["docker"], {}, None, "weekly", "") + result = build_dependabot_file(repo, False, ["docker"], {}, None, "weekly", "", []) self.assertEqual(result, None) def test_build_dependabot_file_with_repo_specific_exempt_ecosystems(self): @@ -421,7 +421,7 @@ def test_build_dependabot_file_with_repo_specific_exempt_ecosystems(self): repo.file_contents.side_effect = lambda filename: filename == "Dockerfile" result = build_dependabot_file( - repo, False, [], {"test/test": ["docker"]}, None, "weekly", "" + repo, False, [], {"test/test": ["docker"]}, None, "weekly", "", [] ) self.assertEqual(result, None) @@ -468,6 +468,7 @@ def test_build_dependabot_file_for_multiple_repos_with_few_existing_config(self) existing_config, "weekly", "", + [], ) self.assertEqual(result, None) @@ -486,7 +487,7 @@ def test_build_dependabot_file_for_multiple_repos_with_few_existing_config(self) interval: 'weekly' """ result = build_dependabot_file( - no_existing_config_repo, False, exempt_ecosystems, {}, None, "weekly", "" + no_existing_config_repo, False, exempt_ecosystems, {}, None, "weekly", "", [] ) self.assertEqual(result, expected_result) @@ -507,7 +508,7 @@ def test_check_multiple_repos_with_no_dependabot_config(self): """ exempt_ecosystems = [] result = build_dependabot_file( - mock_repo_1, False, exempt_ecosystems, {}, None, "weekly", "" + mock_repo_1, False, exempt_ecosystems, {}, None, "weekly", "", [] ) self.assertEqual(result, expected_result) @@ -526,10 +527,56 @@ def test_check_multiple_repos_with_no_dependabot_config(self): interval: 'weekly' """ result = build_dependabot_file( - no_existing_config_repo, False, exempt_ecosystems, {}, None, "weekly", "" + no_existing_config_repo, False, exempt_ecosystems, {}, None, "weekly", "", [] ) self.assertEqual(result, expected_result) + def test_build_dependabot_file_with_label(self): + """Test that the dependabot.yml file is built correctly with one label set""" + repo = MagicMock() + filename_list = ["Gemfile", "Gemfile.lock"] + + for filename in filename_list: + repo.file_contents.side_effect = lambda f, filename=filename: f == filename + expected_result = """--- +version: 2 +updates: + - package-ecosystem: 'bundler' + directory: '/' + schedule: + interval: 'weekly' + labels: + - "dependencies" +""" + result = build_dependabot_file( + repo, False, [], {}, None, "weekly", "", ["dependencies"] + ) + self.assertEqual(result, expected_result) + + def test_build_dependabot_file_with_labels(self): + """Test that the dependabot.yml file is built correctly with labels set""" + repo = MagicMock() + filename_list = ["Gemfile", "Gemfile.lock"] + + for filename in filename_list: + repo.file_contents.side_effect = lambda f, filename=filename: f == filename + expected_result = """--- +version: 2 +updates: + - package-ecosystem: 'bundler' + directory: '/' + schedule: + interval: 'weekly' + labels: + - "dependencies" + - "test1" + - "test2" +""" + result = build_dependabot_file( + repo, False, [], {}, None, "weekly", "", ["dependencies", "test1", "test2"] + ) + self.assertEqual(result, expected_result) + if __name__ == "__main__": unittest.main() diff --git a/test_env.py b/test_env.py index ba0e38f..3d7038a 100644 --- a/test_env.py +++ b/test_env.py @@ -33,6 +33,7 @@ def setUp(self): "REPO_SPECIFIC_EXEMPTIONS", "SCHEDULE", "SCHEDULE_DAY", + "LABELS", ] for key in env_keys: if key in os.environ: @@ -81,6 +82,7 @@ def test_get_env_vars_with_org(self): {}, # repo_specific_exemptions "weekly", # schedule "", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) @@ -132,6 +134,7 @@ def test_get_env_vars_with_org_and_repo_specific_exemptions(self): }, # repo_specific_exemptions "weekly", # schedule "", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) @@ -240,6 +243,7 @@ def test_get_env_vars_with_repos(self): }, # repo_specific_exemptions "weekly", # schedule "", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) @@ -281,6 +285,7 @@ def test_get_env_vars_optional_values(self): {}, # repo_specific_exemptions "weekly", # schedule "", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) @@ -323,6 +328,7 @@ def test_get_env_vars_with_update_existing(self): {}, # repo_specific_exemptions "weekly", # schedule "", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) @@ -379,6 +385,7 @@ def test_get_env_vars_auth_with_github_app_installation(self): {}, # repo_specific_exemptions "weekly", # schedule "", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) @@ -443,6 +450,7 @@ def test_get_env_vars_with_repos_no_dry_run(self): {}, # repo_specific_exemptions "weekly", # schedule "", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) @@ -485,6 +493,7 @@ def test_get_env_vars_with_repos_disabled_security_updates(self): {}, # repo_specific_exemptions "weekly", # schedule "", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) @@ -528,6 +537,7 @@ def test_get_env_vars_with_repos_filter_visibility_multiple_values(self): {}, # repo_specific_exemptions "weekly", # schedule "", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) @@ -571,6 +581,7 @@ def test_get_env_vars_with_repos_filter_visibility_single_value(self): {}, # repo_specific_exemptions "weekly", # schedule "", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) @@ -644,6 +655,7 @@ def test_get_env_vars_with_repos_filter_visibility_no_duplicates(self): {}, # repo_specific_exemptions "weekly", # schedule "", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) @@ -688,6 +700,7 @@ def test_get_env_vars_with_repos_exempt_ecosystems(self): {}, # repo_specific_exemptions "weekly", # schedule "", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) @@ -731,6 +744,7 @@ def test_get_env_vars_with_no_batch_size(self): {}, # repo_specific_exemptions "weekly", # schedule "", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) @@ -775,6 +789,7 @@ def test_get_env_vars_with_batch_size(self): {}, # repo_specific_exemptions "weekly", # schedule "", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) @@ -908,10 +923,96 @@ def test_get_env_vars_with_valid_schedule_and_schedule_day(self): {}, # repo_specific_exemptions "weekly", # schedule "tuesday", # schedule_day + [], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) + @patch.dict( + os.environ, + { + "ORGANIZATION": "my_organization", + "GH_TOKEN": "my_token", + "LABELS": "dependencies" + }, + clear=True, + ) + def test_get_env_vars_with_a_valid_label(self): + """Test valid single label""" + expected_result = ( + "my_organization", + [], + None, + None, + b"", + "my_token", + "", + [], + "pull", + "Enable Dependabot", + "Dependabot could be enabled for this repository. \ +Please enable it by merging this pull request so that \ +we can keep our dependencies up to date and secure.", + "", + False, + "Create/Update dependabot.yaml", + None, + False, + ["internal", "private", "public"], + None, # batch_size + True, # enable_security_updates + [], # exempt_ecosystems + False, # update_existing + {}, # repo_specific_exemptions + "weekly", # schedule + "", # schedule_day + ["dependencies"], # labels + ) + result = get_env_vars(True) + self.assertEqual(result, expected_result) + + @patch.dict( + os.environ, + { + "ORGANIZATION": "my_organization", + "GH_TOKEN": "my_token", + "LABELS": "dependencies, test ,test2 " + }, + clear=True, + ) + def test_get_env_vars_with_valid_labels_containing_spaces(self): + """Test valid list of labels with spaces""" + expected_result = ( + "my_organization", + [], + None, + None, + b"", + "my_token", + "", + [], + "pull", + "Enable Dependabot", + "Dependabot could be enabled for this repository. \ +Please enable it by merging this pull request so that \ +we can keep our dependencies up to date and secure.", + "", + False, + "Create/Update dependabot.yaml", + None, + False, + ["internal", "private", "public"], + None, # batch_size + True, # enable_security_updates + [], # exempt_ecosystems + False, # update_existing + {}, # repo_specific_exemptions + "weekly", # schedule + "", # schedule_day + ["dependencies", "test" ,"test2"], # labels + ) + result = get_env_vars(True) + self.assertEqual(result, expected_result) if __name__ == "__main__": unittest.main() From e75ce9d2e4cf05d7bbc9497e9aeeb622a9858302 Mon Sep 17 00:00:00 2001 From: Jonas Martin Date: Wed, 2 Oct 2024 17:09:44 +0200 Subject: [PATCH 3/6] docs: add entry for LABELS configuration to list of options in README.md --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 957b33a..746e6d2 100644 --- a/README.md +++ b/README.md @@ -61,7 +61,7 @@ This action can be configured to authenticate with GitHub App Installation or Pe #### Other Configuration Options | field | required | default | description | -| -------------------------- | ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +|----------------------------|-------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | `GH_ENTERPRISE_URL` | False | "" | The `GH_ENTERPRISE_URL` is used to connect to an enterprise server instance of GitHub. github.com users should not enter anything here. | | `ORGANIZATION` | Required to have `ORGANIZATION` or `REPOSITORY` | | The name of the GitHub organization which you want this action to work from. ie. github.com/github would be `github` | | `REPOSITORY` | Required to have `ORGANIZATION` or `REPOSITORY` | | The name of the repository and organization which you want this action to work from. ie. `github/evergreen` or a comma separated list of multiple repositories `github/evergreen,super-linter/super-linter` | @@ -82,6 +82,7 @@ This action can be configured to authenticate with GitHub App Installation or Pe | `REPO_SPECIFIC_EXEMPTIONS` | False | "" | A list of repositories that should be exempt from specific package ecosystems similar to EXEMPT_ECOSYSTEMS but those apply to all repositories. ex: `org1/repo1:docker,github-actions;org1/repo2:pip` would set exempt_ecosystems for `org1/repo1` to be `['docker', 'github-actions']`, and for `org1/repo2` it would be `['pip']`, while for every other repository evaluated, it would be set by the env variable `EXEMPT_ECOSYSTEMS`. NOTE: If you want specific exemptions to be added on top of the already specified global exemptions, you need to add the global exemptions to each repo specific exemption. | | `SCHEDULE` | False | 'weekly' | Schedule interval by which to check for dependency updates via Dependabot. Allowed values are 'daily', 'weekly', or 'monthly' | | `SCHEDULE_DAY` | False | '' | Scheduled day by which to check for dependency updates via Dependabot. Allowed values are days of the week full names (i.e., 'monday') | +| `LABELS` | False | "" | A comma separated list of labels that should be added to pull requests opened by dependabot. | ### Example workflows From a08a95e28919179303ef79e130bea93a46b5ea78 Mon Sep 17 00:00:00 2001 From: Jonas Martin Date: Wed, 2 Oct 2024 17:27:43 +0200 Subject: [PATCH 4/6] style: fix linting issues --- dependabot_file.py | 14 ++++++++++++-- env.py | 6 ++---- evergreen.py | 2 +- test_dependabot_file.py | 34 +++++++++++++++++++++++++++++----- test_env.py | 9 +++++---- 5 files changed, 49 insertions(+), 16 deletions(-) diff --git a/dependabot_file.py b/dependabot_file.py index 81d296a..fae8878 100644 --- a/dependabot_file.py +++ b/dependabot_file.py @@ -154,7 +154,12 @@ def build_dependabot_file( if dependabot_file and dependabot_file[-1] != "\n": dependabot_file += "\n" dependabot_file += make_dependabot_config( - manager, group_dependencies, indent, schedule, schedule_day, labels + manager, + group_dependencies, + indent, + schedule, + schedule_day, + labels, ) break except github3.exceptions.NotFoundError: @@ -167,7 +172,12 @@ def build_dependabot_file( if file[0].endswith(".tf"): package_managers_found["terraform"] = True dependabot_file += make_dependabot_config( - "terraform", group_dependencies, indent, schedule, schedule_day, labels + "terraform", + group_dependencies, + indent, + schedule, + schedule_day, + labels, ) break except github3.exceptions.NotFoundError: diff --git a/env.py b/env.py index 51a691f..8bb71cf 100644 --- a/env.py +++ b/env.py @@ -329,9 +329,7 @@ def get_env_vars( labels_str = os.getenv("LABELS") labels_list = [] if labels_str: - labels_list = [ - label.lower().strip() for label in labels_str.split(",") - ] + labels_list = [label.lower().strip() for label in labels_str.split(",")] return ( organization, @@ -358,5 +356,5 @@ def get_env_vars( repo_specific_exemptions, schedule, schedule_day, - labels_list + labels_list, ) diff --git a/evergreen.py b/evergreen.py index c008d92..98c69e2 100644 --- a/evergreen.py +++ b/evergreen.py @@ -115,7 +115,7 @@ def main(): # pragma: no cover existing_config, schedule, schedule_day, - labels + labels, ) if dependabot_file is None: diff --git a/test_dependabot_file.py b/test_dependabot_file.py index 8073ffc..769ae45 100644 --- a/test_dependabot_file.py +++ b/test_dependabot_file.py @@ -1,3 +1,4 @@ +# pylint: disable=too-many-public-methods """Tests for the dependabot_file.py functions.""" import unittest @@ -411,7 +412,9 @@ def test_build_dependabot_file_with_exempt_ecosystems(self): repo = MagicMock() repo.file_contents.side_effect = lambda filename: filename == "Dockerfile" - result = build_dependabot_file(repo, False, ["docker"], {}, None, "weekly", "", []) + result = build_dependabot_file( + repo, False, ["docker"], {}, None, "weekly", "", [] + ) self.assertEqual(result, None) def test_build_dependabot_file_with_repo_specific_exempt_ecosystems(self): @@ -487,7 +490,14 @@ def test_build_dependabot_file_for_multiple_repos_with_few_existing_config(self) interval: 'weekly' """ result = build_dependabot_file( - no_existing_config_repo, False, exempt_ecosystems, {}, None, "weekly", "", [] + no_existing_config_repo, + False, + exempt_ecosystems, + {}, + None, + "weekly", + "", + [], ) self.assertEqual(result, expected_result) @@ -527,11 +537,17 @@ def test_check_multiple_repos_with_no_dependabot_config(self): interval: 'weekly' """ result = build_dependabot_file( - no_existing_config_repo, False, exempt_ecosystems, {}, None, "weekly", "", [] + no_existing_config_repo, + False, + exempt_ecosystems, + {}, + None, + "weekly", + "", + [], ) self.assertEqual(result, expected_result) - def test_build_dependabot_file_with_label(self): """Test that the dependabot.yml file is built correctly with one label set""" repo = MagicMock() @@ -574,9 +590,17 @@ def test_build_dependabot_file_with_labels(self): - "test2" """ result = build_dependabot_file( - repo, False, [], {}, None, "weekly", "", ["dependencies", "test1", "test2"] + repo, + False, + [], + {}, + None, + "weekly", + "", + ["dependencies", "test1", "test2"], ) self.assertEqual(result, expected_result) + if __name__ == "__main__": unittest.main() diff --git a/test_env.py b/test_env.py index 3d7038a..600150a 100644 --- a/test_env.py +++ b/test_env.py @@ -1,4 +1,4 @@ -# pylint: disable=too-many-public-methods +# pylint: disable=too-many-public-methods,too-many-lines """Test the get_env_vars function""" @@ -933,7 +933,7 @@ def test_get_env_vars_with_valid_schedule_and_schedule_day(self): { "ORGANIZATION": "my_organization", "GH_TOKEN": "my_token", - "LABELS": "dependencies" + "LABELS": "dependencies", }, clear=True, ) @@ -976,7 +976,7 @@ def test_get_env_vars_with_a_valid_label(self): { "ORGANIZATION": "my_organization", "GH_TOKEN": "my_token", - "LABELS": "dependencies, test ,test2 " + "LABELS": "dependencies, test ,test2 ", }, clear=True, ) @@ -1009,10 +1009,11 @@ def test_get_env_vars_with_valid_labels_containing_spaces(self): {}, # repo_specific_exemptions "weekly", # schedule "", # schedule_day - ["dependencies", "test" ,"test2"], # labels + ["dependencies", "test", "test2"], # labels ) result = get_env_vars(True) self.assertEqual(result, expected_result) + if __name__ == "__main__": unittest.main() From 8f84c976b0a663ecedbbd56346d777d5dc507508 Mon Sep 17 00:00:00 2001 From: Zack Koppert Date: Thu, 3 Oct 2024 16:29:01 -0700 Subject: [PATCH 5/6] chore:run prettier for markdown formatting Signed-off-by: Zack Koppert --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 746e6d2..02eef53 100644 --- a/README.md +++ b/README.md @@ -61,7 +61,7 @@ This action can be configured to authenticate with GitHub App Installation or Pe #### Other Configuration Options | field | required | default | description | -|----------------------------|-------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| -------------------------- | ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | `GH_ENTERPRISE_URL` | False | "" | The `GH_ENTERPRISE_URL` is used to connect to an enterprise server instance of GitHub. github.com users should not enter anything here. | | `ORGANIZATION` | Required to have `ORGANIZATION` or `REPOSITORY` | | The name of the GitHub organization which you want this action to work from. ie. github.com/github would be `github` | | `REPOSITORY` | Required to have `ORGANIZATION` or `REPOSITORY` | | The name of the repository and organization which you want this action to work from. ie. `github/evergreen` or a comma separated list of multiple repositories `github/evergreen,super-linter/super-linter` | From 98ee9161babcf22f07cede5d9bc0334ce079664d Mon Sep 17 00:00:00 2001 From: Zack Koppert Date: Fri, 4 Oct 2024 11:58:06 -0700 Subject: [PATCH 6/6] chore: clarify language --- test_dependabot_file.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test_dependabot_file.py b/test_dependabot_file.py index 769ae45..aeff3ad 100644 --- a/test_dependabot_file.py +++ b/test_dependabot_file.py @@ -571,7 +571,7 @@ def test_build_dependabot_file_with_label(self): self.assertEqual(result, expected_result) def test_build_dependabot_file_with_labels(self): - """Test that the dependabot.yml file is built correctly with labels set""" + """Test that the dependabot.yml file is built correctly with multiple labels set""" repo = MagicMock() filename_list = ["Gemfile", "Gemfile.lock"]