Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependabot task throws "Usage Error: Parse error when loading .yarnrc.yml" #1068

Closed
jw3n opened this issue Apr 5, 2024 · 2 comments
Closed

Dependabot task throws "Usage Error: Parse error when loading .yarnrc.yml" #1068

jw3n opened this issue Apr 5, 2024 · 2 comments

Comments

@jw3n
Copy link

jw3n commented Apr 5, 2024
edited
Loading

Describe the bug
For the past month, we've smoothly utilized the Dependabot task without encountering any issues. However, three days ago, our weekly executed pipeline failed, presenting the following error:

Requirements to unlock own
Requirements update strategy #<Dependabot::RequirementsUpdateStrategy::BumpVersions>
Updating @azure/msal-browser from 3.11.0 to 3.11.1
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.249.0/lib/dependabot/shared_helpers.rb:429:in 'run_shell_command': Usage Error: Parse error when loading /home/dependabot/dependabot-updater/tmp/<org>/<project>/_git/<repo>/.yarnrc.yml; please check it's proper Yaml (Dependabot::SharedHelpers::HelperSubprocessFailed)

Yarn Package Manager - 4.0.2

  $ yarn <command>

You can also print more details about any of these commands by calling them with the `-h,--help` flag right after the command name.

We haven't made any modifications to dependabot.yml or the pipeline definition file, nor have there been changes to our .yarnrc.yml, which maintains the following structure:

npmAlwaysAuth: true

npmAuthIdent: "<org>:${NPM_TOKEN}"

npmRegistryServer: <registryUrl>

yarnPath: .yarn/releases/yarn-4.0.2.cjs

Our pipeline configuration resembles this:

trigger: none # Disable CI trigger

schedules:
  - cron: '0 4 * * 3' # on every wednesday at 4am UTC
    always: true # run even when there are no code changes
    branches:
      include:
        - develop
    batch: true
    displayName: Daily
pool:
  vmImage: 'ubuntu-latest'

steps:
  - task: dependabot@1
    inputs:
      extraEnvironmentVariables: NPM_TOKEN=$(System.AccessToken)
      gitHubConnection: github-dependabot
    env:
      NPM_TOKEN: $(System.AccessToken)

and the dependabot.yml within the .azuredevops folder structured as follows:

version: 2
registries:
  web-components:
    type: npm-registry
    url: <registryUrl>
    token: PAT:${{NPM_TOKEN}}
updates:
  - package-ecosystem: npm
    directory: '/'
    open-pull-requests-limit: 100
    registries: 
      - web-components
    target-branch: develop
    schedule:
      interval: weekly

To Reproduce
Steps to reproduce the behavior:

  1. Use a yarn project and configure it for dependabot
  2. Run a pipeline with the dependabot task

Expected behavior
The task/pipeline should ran through as expected without throwing an error.

Extension:

  • Host: Azure DevOps
  • Version 1
@jw3n
Copy link
Author

jw3n commented Apr 5, 2024
edited
Loading

Update:
I have tried using the older versions 1.27.1 and 1.27.0 (dockerImageTag) which works fine for a few packages but then fails with another error:

Checking if ag-grid-enterprise 31.1.1 needs updating
🌍 --> GET https://pkgs.dev.azure.com/baugruppe/_packaging/brz365-web-components/npm/registry/ag-grid-enterprise
🌍 <-- 200 https://pkgs.dev.azure.com/baugruppe/_packaging/brz365-web-components/npm/registry/ag-grid-enterprise
🌍 --> GET https://pkgs.dev.azure.com/baugruppe/_packaging/brz365-web-components/npm/registry/ag-grid-enterprise/31.2.0
🌍 <-- 404 https://pkgs.dev.azure.com/baugruppe/_packaging/brz365-web-components/npm/registry/ag-grid-enterprise/31.2.0
🌍 --> GET https://pkgs.dev.azure.com/baugruppe/_packaging/brz365-web-components/npm/registry/ag-grid-enterprise/31.2.0
🌍 <-- 404 https://pkgs.dev.azure.com/baugruppe/_packaging/brz365-web-components/npm/registry/ag-grid-enterprise/31.2.0
🌍 --> GET https://pkgs.dev.azure.com/baugruppe/_packaging/brz365-web-components/npm/registry/ag-grid-enterprise/latest
🌍 <-- 404 https://pkgs.dev.azure.com/baugruppe/_packaging/brz365-web-components/npm/registry/ag-grid-enterprise/latest
Requirements to unlock own
Requirements update strategy bump_versions
Updating ag-grid-enterprise from 31.1.1 to 31.2.0
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-npm_and_yarn-0.246.0/lib/dependabot/npm_and_yarn/file_updater.rb:47:in `updated_dependency_files': No files were updated! (Dependabot::NpmAndYarn::FileUpdater::NoChangeError)
	from bin/update_script.rb:667:in `block in <main>'
	from bin/update_script.rb:545:in `each'
	from bin/update_script.rb:545:in `<main>'

@mburumaxwell
Copy link
Contributor

For ecosystem-specific behavior, please open an issue at https://github.com/dependabot/dependabot-core

@mburumaxwell mburumaxwell closed this as not planned Won't fix, can't repro, duplicate, stale Jun 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mburumaxwell @jw3n