forked from trejjam/azure-dependabot
/
update.rb
108 lines (88 loc) · 2.73 KB
/
update.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
require "dependabot/omnibus"
package_manager = "nuget"
repo = "YOUR_ORG/YOUR_PROJECT/_git/YOUR_REPO"
directory = "."
credentials = [{
"type" => "git_source",
"host" => "dev.azure.com",
"username" => "",
"password" => ENV["SYSTEM_ACCESSTOKEN"]
},{
"type" => "git_source",
"host" => "github.com",
"username" => "x-access-token",
"password" => ENV["GITHUB_ACCESS_TOKEN"] # A GitHub access token with read access to public repos
},{
"type" => "nuget_feed",
"url" => "https://pkgs.dev.azure.com/YOUR_ORG/_packaging/YOUR_FEED/nuget/v3/index.json",
"token" => ":#{ENV["SYSTEM_ACCESSTOKEN"]}"
}]
source = Dependabot::Source.new(
provider: "azure",
repo: repo,
directory: directory
)
fetcher = Dependabot::FileFetchers.for_package_manager(package_manager).new(
source: source,
credentials: credentials,
)
files = fetcher.files
commit = fetcher.commit
parser = Dependabot::FileParsers.for_package_manager(package_manager).new(
dependency_files: files,
source: source,
credentials: credentials,
)
dependencies = parser.parse
dependencies.select(&:top_level?).each do |dep|
puts "Found #{dep.name} @ #{dep.version}..."
checker = Dependabot::UpdateCheckers.for_package_manager(package_manager).new(
dependency: dep,
dependency_files: files,
credentials: credentials,
)
if checker.up_to_date?
puts " already using latest version"
next
end
requirements_to_unlock =
if !checker.requirements_unlocked_or_can_be?
if checker.can_update?(requirements_to_unlock: :none) then :none
else :update_not_possible
end
elsif checker.can_update?(requirements_to_unlock: :own) then :own
elsif checker.can_update?(requirements_to_unlock: :all) then :all
else :update_not_possible
end
next if requirements_to_unlock == :update_not_possible
updated_deps = checker.updated_dependencies(
requirements_to_unlock: requirements_to_unlock
)
puts " considering upgrade to #{checker.latest_version}"
updater = Dependabot::FileUpdaters.for_package_manager(package_manager).new(
dependencies: updated_deps,
dependency_files: files,
credentials: credentials,
)
updated_files = updater.updated_dependency_files
pr_creator = Dependabot::PullRequestCreator.new(
source: source,
base_commit: commit,
dependencies: updated_deps,
files: updated_files,
credentials: credentials,
label_language: true,
author_details: {
email: "dependabot@YOUR_DOMAIN",
name: "dependabot"
},
)
pull_request = pr_creator.create
if pull_request&.status == 201
content = JSON[pull_request.body]
puts " PR ##{content["pullRequestId"]} submitted"
else
puts " PR already exists or an error has occurred"
end
next unless pull_request
end