Merge pull request #7525 from dependabot/deivid-rodriguez/swift-support

Support for Swift package manager

.github/labeler.yml

@@ -45,3 +45,6 @@
 
 "L: terraform":
   - terraform/**/*
+
+"L: swift":
+  - swift/**/*

.github/workflows/ci.yml

@@ -46,6 +46,8 @@ jobs:
           - { path: python, name: python, ci_node_total: 2, ci_node_index: 1, ecosystem: pip }
           - { path: python, name: python_slow, ci_node_total: 2, ci_node_index: 0, ecosystem: pip }
           - { path: python, name: python_slow, ci_node_total: 2, ci_node_index: 1, ecosystem: pip }
+          - { path: swift, name: swift, ci_node_total: 2, ci_node_index: 0, ecosystem: swift }
+          - { path: swift, name: swift, ci_node_total: 2, ci_node_index: 1, ecosystem: swift }
           - { path: terraform, name: terraform, ecosystem: terraform }
 
     steps:
@@ -164,6 +166,13 @@ jobs:
               - 'omnibus/**'
               - 'python/**'
               - '.github/workflows/ci.yml'
+            swift:
+              - Dockerfile.updater-core
+              - 'common/**'
+              - 'updater/Gemfil*'
+              - 'omnibus/**'
+              - 'swift/**'
+              - '.github/workflows/ci.yml'
             terraform:
               - Dockerfile.updater-core
               - 'common/**'

.github/workflows/images-branch.yml

@@ -40,6 +40,7 @@ jobs:
           - { name: nuget, ecosystem: nuget }
           - { name: pub, ecosystem: pub }
           - { name: python, ecosystem: pip }
+          - { name: swift, ecosystem: swift }
           - { name: terraform, ecosystem: terraform }
     permissions:
       contents: read

.github/workflows/images-latest.yml

@@ -47,6 +47,7 @@ jobs:
           - { name: nuget, ecosystem: nuget }
           - { name: pub, ecosystem: pub }
           - { name: python, ecosystem: pip }
+          - { name: swift, ecosystem: swift }
           - { name: terraform, ecosystem: terraform }
     env:
       COMMIT_SHA: ${{ github.sha }}

.github/workflows/smoke.yml

@@ -54,6 +54,7 @@ jobs:
           - { path: python, name: pipenv, ecosystem: pip}
           - { path: python, name: pip-compile, ecosystem: pip }
           - { path: python, name: poetry, ecosystem: pip }
+          - { path: swift, name: swift, ecosystem: swift }
           - { path: terraform, name: terraform, ecosystem: terraform }
     steps:
     - uses: actions/checkout@v3
@@ -212,6 +213,12 @@ jobs:
             - 'common/**'
             - 'updater/**'
             - 'git_submodules/**'
+          swift:
+            - .github/workflows/smoke.yml
+            - Dockerfile.updater-core
+            - 'common/**'
+            - 'updater/**'
+            - 'swift/**'
           terraform:
             - .github/workflows/smoke.yml
             - Dockerfile.updater-core

Dockerfile.development

@@ -44,6 +44,7 @@ COPY --chown=dependabot:dependabot npm_and_yarn/Gemfile npm_and_yarn/dependabot-
 COPY --chown=dependabot:dependabot nuget/Gemfile nuget/dependabot-nuget.gemspec ${CODE_DIR}/nuget/
 COPY --chown=dependabot:dependabot python/Gemfile python/dependabot-python.gemspec ${CODE_DIR}/python/
 COPY --chown=dependabot:dependabot pub/Gemfile pub/dependabot-pub.gemspec ${CODE_DIR}/pub/
+COPY --chown=dependabot:dependabot swift/Gemfile swift/dependabot-swift.gemspec ${CODE_DIR}/swift/
 COPY --chown=dependabot:dependabot terraform/Gemfile terraform/dependabot-terraform.gemspec ${CODE_DIR}/terraform/
 
 # Prepare the updater project

Dockerfile.updater-core

@@ -79,10 +79,11 @@ COPY --chown=dependabot:dependabot npm_and_yarn/Gemfile npm_and_yarn/dependabot-
 COPY --chown=dependabot:dependabot nuget/Gemfile nuget/dependabot-nuget.gemspec nuget/
 COPY --chown=dependabot:dependabot pub/Gemfile pub/dependabot-pub.gemspec pub/
 COPY --chown=dependabot:dependabot python/Gemfile python/dependabot-python.gemspec python/
+COPY --chown=dependabot:dependabot swift/Gemfile swift/dependabot-swift.gemspec swift/
 COPY --chown=dependabot:dependabot terraform/Gemfile terraform/dependabot-terraform.gemspec terraform/
 
 # prevent having all the source in every ecosystem image
-RUN for ecosystem in git_submodules terraform github_actions hex elm docker nuget maven gradle cargo composer go_modules python pub npm_and_yarn bundler; do \
+RUN for ecosystem in git_submodules terraform github_actions hex elm docker nuget maven gradle cargo composer go_modules python pub npm_and_yarn bundler swift; do \
     mkdir -p $ecosystem/lib/dependabot; \
     touch $ecosystem/lib/dependabot/$ecosystem.rb; \
   done

Rakefile

@@ -31,6 +31,7 @@ GEMSPECS = %w(
   python/dependabot-python.gemspec
   pub/dependabot-pub.gemspec
   omnibus/dependabot-omnibus.gemspec
+  swift/dependabot-swift.gemspec
 ).freeze
 
 def run_command(command)

bin/docker-dev-shell

@@ -226,6 +226,12 @@ docker run --rm -ti \
   -v "$(pwd)/python/lib:$CODE_DIR/python/lib" \
   -v "$(pwd)/python/script:$CODE_DIR/python/script" \
   -v "$(pwd)/python/spec:$CODE_DIR/python/spec" \
+  -v "$(pwd)/swift/.rubocop.yml:$CODE_DIR/swift/.rubocop.yml" \
+  -v "$(pwd)/swift/Gemfile:$CODE_DIR/swift/Gemfile" \
+  -v "$(pwd)/swift/dependabot-swift.gemspec:$CODE_DIR/swift/dependabot-swift.gemspec" \
+  -v "$(pwd)/swift/lib:$CODE_DIR/swift/lib" \
+  -v "$(pwd)/swift/script:$CODE_DIR/swift/script" \
+  -v "$(pwd)/swift/spec:$CODE_DIR/swift/spec" \
   -v "$(pwd)/terraform/.rubocop.yml:$CODE_DIR/terraform/.rubocop.yml" \
   -v "$(pwd)/terraform/Gemfile:$CODE_DIR/terraform/Gemfile" \
   -v "$(pwd)/terraform/dependabot-terraform.gemspec:$CODE_DIR/terraform/dependabot-terraform.gemspec" \

bin/dry-run.rb

@@ -33,6 +33,7 @@
 # - docker
 # - terraform
 # - pub
+# - swift
 
 # rubocop:disable Style/GlobalVars
 
@@ -62,6 +63,7 @@
 $LOAD_PATH << "./nuget/lib"
 $LOAD_PATH << "./python/lib"
 $LOAD_PATH << "./pub/lib"
+$LOAD_PATH << "./swift/lib"
 $LOAD_PATH << "./terraform/lib"
 
 require "bundler"
@@ -100,6 +102,7 @@
 require "dependabot/nuget"
 require "dependabot/python"
 require "dependabot/pub"
+require "dependabot/swift"
 require "dependabot/terraform"
 
 # GitHub credentials with write permission to the repo you want to update

common/lib/dependabot/config/file.rb

@@ -53,6 +53,7 @@ def self.parse(config)
         "npm" => "npm_and_yarn",
         "pip" => "pip",
         "pub" => "pub",
+        "swift" => "swift",
         "terraform" => "terraform"
       }.freeze
 

omnibus/Gemfile

@@ -18,6 +18,7 @@ gemspec path: "../npm_and_yarn"
 gemspec path: "../nuget"
 gemspec path: "../pub"
 gemspec path: "../python"
+gemspec path: "../swift"
 gemspec path: "../terraform"
 
 # Visual Studio Code integration

omnibus/dependabot-omnibus.gemspec

@@ -42,6 +42,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency "dependabot-nuget", Dependabot::VERSION
   spec.add_dependency "dependabot-pub", Dependabot::VERSION
   spec.add_dependency "dependabot-python", Dependabot::VERSION
+  spec.add_dependency "dependabot-swift", Dependabot::VERSION
   spec.add_dependency "dependabot-terraform", Dependabot::VERSION
 
   common_gemspec.development_dependencies.each do |dep|

omnibus/lib/dependabot/omnibus.rb

@@ -16,3 +16,4 @@
 require "dependabot/npm_and_yarn"
 require "dependabot/bundler"
 require "dependabot/pub"
+require "dependabot/swift"

script/dependabot

@@ -21,5 +21,6 @@ dependabot \
   -v "$(pwd)"/nuget:/home/dependabot/nuget \
   -v "$(pwd)"/pub:/home/dependabot/pub \
   -v "$(pwd)"/python:/home/dependabot/python \
+  -v "$(pwd)"/swift:/home/dependabot/swift \
   -v "$(pwd)"/terraform:/home/dependabot/terraform \
   "$@"

swift/.gitignore

@@ -0,0 +1,5 @@
+/.bundle/
+/.env
+/tmp
+/dependabot-*.gem
+Gemfile.lock

swift/.rubocop.yml

@@ -0,0 +1 @@
+inherit_from: ../omnibus/.rubocop.yml

swift/Dockerfile

@@ -0,0 +1,44 @@
+FROM ghcr.io/dependabot/dependabot-updater-core
+ARG TARGETARCH
+
+ENV PATH="${PATH}:/opt/swift/usr/bin"
+
+# OS dependencies
+RUN apt-get update \
+  && apt-get install -y --no-install-recommends \
+    binutils \
+    libc6-dev \
+    libcurl4 \
+    libedit2 \
+    libgcc-9-dev \
+    libpython2.7 \
+    libsqlite3-0 \
+    libstdc++-9-dev \
+    libxml2 \
+    libz3-dev \
+    pkg-config \
+    tzdata \
+    uuid-dev \
+  && rm -rf /var/lib/apt/lists/*
+
+USER dependabot
+
+# https://www.swift.org/download/
+ARG SWIFT_VERSION=5.8.1
+ARG SWIFT_UBUNTU_VERSION=ubuntu20.04
+
+RUN if [ "$TARGETARCH" = "arm64" ]; then SWIFT_UBUNTU_VERSION="${SWIFT_UBUNTU_VERSION}-aarch64"; fi \
+  && SWIFT_SHORT_UBUNTU_VERSION=$(echo $SWIFT_UBUNTU_VERSION | tr -d .) \
+  && SWIFT_TARBALL="swift-${SWIFT_VERSION}-RELEASE-${SWIFT_UBUNTU_VERSION}.tar.gz" \
+  && DOWNLOAD_URL=https://download.swift.org/swift-${SWIFT_VERSION}-release/${SWIFT_SHORT_UBUNTU_VERSION}/swift-${SWIFT_VERSION}-RELEASE/${SWIFT_TARBALL} \
+  && curl --connect-timeout 15 --retry 5 "${DOWNLOAD_URL}" > "/tmp/${SWIFT_TARBALL}" \
+  && curl --connect-timeout 15 --retry 5 "${DOWNLOAD_URL}.sig" > "/tmp/${SWIFT_TARBALL}.sig" \
+  && sh -c 'curl --connect-timeout 15 --retry 5 https://www.swift.org/keys/all-keys.asc | gpg --import -' \
+  && gpg --keyserver hkp://keyserver.ubuntu.com --refresh-keys Swift \
+  && gpg --verify /tmp/${SWIFT_TARBALL}.sig \
+  && mkdir /opt/swift \
+  && tar -C /opt/swift -xzf /tmp/${SWIFT_TARBALL} --strip-components 1
+
+COPY --chown=dependabot:dependabot swift $DEPENDABOT_HOME/swift
+COPY --chown=dependabot:dependabot common $DEPENDABOT_HOME/common
+COPY --chown=dependabot:dependabot updater $DEPENDABOT_HOME/dependabot-updater

swift/Gemfile

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+gem "dependabot-common", path: "../common"
+
+gemspec

swift/README.md

@@ -0,0 +1,18 @@
+## `dependabot-swift`
+
+Swift Package Manager support for [`dependabot-core`][core-repo].
+
+### Running locally
+
+1. Start a development shell
+
+  ```
+  $ bin/docker-dev-shell swift
+  ```
+
+2. Run tests
+   ```
+   [dependabot-core-dev] ~/dependabot-core $ cd swift && rspec
+   ```
+
+[core-repo]: https://github.com/dependabot/dependabot-core

swift/dependabot-swift.gemspec

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+Gem::Specification.new do |spec|
+  common_gemspec =
+    Bundler.load_gemspec_uncached("../common/dependabot-common.gemspec")
+
+  spec.name         = "dependabot-swift"
+  spec.summary      = "Provides Dependabot support for Swift"
+  spec.description  = "Dependabot-Swift provides support for bumping Swift packages via Dependabot. " \
+                      "If you want support for multiple package managers, you probably want the meta-gem " \
+                      "dependabot-omnibus."
+
+  spec.author       = common_gemspec.author
+  spec.email        = common_gemspec.email
+  spec.homepage     = common_gemspec.homepage
+  spec.license      = common_gemspec.license
+
+  spec.metadata = {
+    "bug_tracker_uri" => common_gemspec.metadata["bug_tracker_uri"],
+    "changelog_uri" => common_gemspec.metadata["changelog_uri"]
+  }
+
+  spec.version = common_gemspec.version
+  spec.required_ruby_version = common_gemspec.required_ruby_version
+  spec.required_rubygems_version = common_gemspec.required_ruby_version
+
+  spec.require_path = "lib"
+  spec.files        = Dir["lib/**/*"]
+
+  spec.add_dependency "dependabot-common", Dependabot::VERSION
+
+  common_gemspec.development_dependencies.each do |dep|
+    spec.add_development_dependency dep.name, *dep.requirement.as_list
+  end
+end

swift/lib/dependabot/swift.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+# These all need to be required so the various classes can be registered in a
+# lookup table of package manager names to concrete classes.
+require "dependabot/swift/file_fetcher"
+require "dependabot/swift/file_parser"
+require "dependabot/swift/update_checker"
+require "dependabot/swift/file_updater"
+require "dependabot/swift/metadata_finder"
+require "dependabot/swift/requirement"
+require "dependabot/swift/version"
+
+require "dependabot/pull_request_creator/labeler"
+Dependabot::PullRequestCreator::Labeler.
+  register_label_details("swift", name: "swift_package_manager", colour: "F05138")
+
+require "dependabot/dependency"
+Dependabot::Dependency.
+  register_production_check("swift", ->(_) { true })
+
+require "dependabot/utils"
+Dependabot::Utils.register_always_clone("swift")

swift/lib/dependabot/swift/file_fetcher.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+require "dependabot/file_fetchers"
+require "dependabot/file_fetchers/base"
+
+module Dependabot
+  module Swift
+    class FileFetcher < Dependabot::FileFetchers::Base
+      def self.required_files_in?(filenames)
+        filenames.include?("Package.swift")
+      end
+
+      def self.required_files_message
+        "Repo must contain a Package.swift configuration file."
+      end
+
+      private
+
+      def fetch_files
+        check_required_files_present
+
+        fetched_files = []
+        fetched_files << package_manifest
+        fetched_files << package_resolved if package_resolved
+        fetched_files
+      end
+
+      def package_manifest
+        @package_manifest ||= fetch_file_from_host("Package.swift")
+      end
+
+      def package_resolved
+        return @package_resolved if defined?(@package_resolved)
+
+        @package_resolved = fetch_file_if_present("Package.resolved")
+      end
+
+      def check_required_files_present
+        return if package_manifest
+
+        path = Pathname.new(File.join(directory, "Package.swift")).
+               cleanpath.to_path
+        raise Dependabot::DependencyFileNotFound, path
+      end
+    end
+  end
+end
+
+Dependabot::FileFetchers.
+  register("swift", Dependabot::Swift::FileFetcher)