Keep Bundler version at a single place

When shelling out to native helpers, we don't need to know the exact version, we just need to know the major version to figure out the path to native helpers run.rb script and everything else. Proper activation of bundler can be done inside the run.rb script without needing the full version either.
dependabot · Aug 1, 2022 · 0412766 · 0412766
1 parent 909734b
commit 0412766
Show file tree

Hide file tree

Showing 9 changed files with 22 additions and 61 deletions.
diff --git a/bin/update-bundler.rb b/bin/update-bundler.rb
diff --git a/bundler/helpers/v1/run.rb b/bundler/helpers/v1/run.rb
@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
-require "bundler"
+gem "bundler", "~> 1.17"
+require "bundler/setup"
 require "json"
 
 $LOAD_PATH.unshift(File.expand_path("./lib", __dir__))

diff --git a/bundler/helpers/v2/run.rb b/bundler/helpers/v2/run.rb
@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
-require "bundler"
+gem "bundler", "~> 2.3"
+require "bundler/setup"
 require "json"
 
 $LOAD_PATH.unshift(File.expand_path("./lib", __dir__))

diff --git a/bundler/lib/dependabot/bundler/helpers.rb b/bundler/lib/dependabot/bundler/helpers.rb
@@ -3,8 +3,8 @@
 module Dependabot
   module Bundler
     module Helpers
-      V1 = "1.17.3"
-      V2 = "2.3.18"
+      V1 = "1"
+      V2 = "2"
       # If we are updating a project with no Gemfile.lock, we default to the
       # newest version we support
       DEFAULT = V2

diff --git a/bundler/lib/dependabot/bundler/native_helpers.rb b/bundler/lib/dependabot/bundler/native_helpers.rb
@@ -15,7 +15,7 @@ def initialize(timeout_seconds)
         end
 
         def build(script)
-          [timeout_command, :bundle, :exec, :ruby, script].compact.join(" ")
+          [timeout_command, :ruby, script].compact.join(" ")
         end
 
         private
@@ -35,8 +35,7 @@ def clamp(seconds)
 
       def self.run_bundler_subprocess(function:, args:, bundler_version:, options: {})
         # Run helper suprocess with all bundler-related ENV variables removed
-        bundler_major_version = bundler_version.split(".").first
-        helpers_path = versioned_helper_path(bundler_major_version)
+        helpers_path = versioned_helper_path(bundler_version)
         ::Bundler.with_original_env do
           command = BundleCommand.
                     new(options[:timeout_per_operation_seconds]).
@@ -46,8 +45,6 @@ def self.run_bundler_subprocess(function:, args:, bundler_version:, options: {})
             function: function,
             args: args,
             env: {
-              # Bundler will pick the matching installed major version
-              "BUNDLER_VERSION" => installed_bundler_version(bundler_major_version),
               "BUNDLE_GEMFILE" => File.join(helpers_path, "Gemfile"),
               # Prevent the GEM_HOME from being set to a folder owned by root
               "GEM_HOME" => File.join(helpers_path, ".bundle")
@@ -65,13 +62,6 @@ def self.versioned_helper_path(bundler_major_version)
         File.join(native_helpers_root, "v#{bundler_major_version}")
       end
 
-      # Maps the major version unto the specific version we have installed
-      def self.installed_bundler_version(bundler_major_version)
-        return Helpers::V1 if bundler_major_version == "1"
-
-        Helpers::V2
-      end
-
       def self.native_helpers_root
         helpers_root = ENV["DEPENDABOT_NATIVE_HELPERS_PATH"]
         return File.join(helpers_root, "bundler") unless helpers_root.nil?

diff --git a/bundler/spec/dependabot/bundler/file_parser_spec.rb b/bundler/spec/dependabot/bundler/file_parser_spec.rb
@@ -734,7 +734,7 @@
       parser.parse
 
       expect(events.last.payload).to eq(
-        { ecosystem: "bundler", package_managers: { "bundler" => PackageManagerHelper.bundler_major_version } }
+        { ecosystem: "bundler", package_managers: { "bundler" => PackageManagerHelper.bundler_version } }
       )
     end
   end

diff --git a/bundler/spec/dependabot/bundler/helper_spec.rb b/bundler/spec/dependabot/bundler/helper_spec.rb
@@ -40,32 +40,29 @@
     LOCKFILE
   end
 
-  let(:v1) { "1.17.3" }
-  let(:v2) { "2.3.18" }
-
   describe "#bundler_version" do
     def described_method(lockfile)
       described_class.bundler_version(lockfile)
     end
 
     it "is 2 if there is no lockfile" do
-      expect(described_method(no_lockfile)).to eql(v2)
+      expect(described_method(no_lockfile)).to eql("2")
     end
 
     it "is 1 if there is no bundled with string" do
-      expect(described_method(lockfile_bundled_with_missing)).to eql(v1)
+      expect(described_method(lockfile_bundled_with_missing)).to eql("1")
     end
 
     it "is 1 if it was bundled with a v1.x version" do
-      expect(described_method(lockfile_bundled_with_v1)).to eql(v1)
+      expect(described_method(lockfile_bundled_with_v1)).to eql("1")
     end
 
     it "is 2 if it was bundled with a v2.x version" do
-      expect(described_method(lockfile_bundled_with_v2)).to eql(v2)
+      expect(described_method(lockfile_bundled_with_v2)).to eql("2")
     end
 
     it "is 2 if it was bundled with a future version" do
-      expect(described_method(lockfile_bundled_with_future_version)).to eql(v2)
+      expect(described_method(lockfile_bundled_with_future_version)).to eql("2")
     end
   end
 

diff --git a/bundler/spec/dependabot/bundler/native_helpers_spec.rb b/bundler/spec/dependabot/bundler/native_helpers_spec.rb
@@ -18,7 +18,7 @@
         subject.run_bundler_subprocess(
           function: "noop",
           args: [],
-          bundler_version: "2.0.0",
+          bundler_version: "2",
           options: options
         )
       end
@@ -31,7 +31,7 @@
         expect(Dependabot::SharedHelpers).
           to have_received(:run_helper_subprocess).
           with(
-            command: "timeout -s HUP 120 bundle exec ruby /opt/bundler/v2/run.rb",
+            command: "timeout -s HUP 120 ruby /opt/bundler/v2/run.rb",
             function: "noop",
             args: [],
             env: anything
@@ -51,7 +51,7 @@
         expect(Dependabot::SharedHelpers).
           to have_received(:run_helper_subprocess).
           with(
-            command: "timeout -s HUP 1800 bundle exec ruby /opt/bundler/v2/run.rb",
+            command: "timeout -s HUP 1800 ruby /opt/bundler/v2/run.rb",
             function: "noop",
             args: [],
             env: anything
@@ -71,7 +71,7 @@
         expect(Dependabot::SharedHelpers).
           to have_received(:run_helper_subprocess).
           with(
-            command: "timeout -s HUP 60 bundle exec ruby /opt/bundler/v2/run.rb",
+            command: "timeout -s HUP 60 ruby /opt/bundler/v2/run.rb",
             function: "noop",
             args: [],
             env: anything
@@ -86,7 +86,7 @@
         expect(Dependabot::SharedHelpers).
           to have_received(:run_helper_subprocess).
           with(
-            command: "bundle exec ruby /opt/bundler/v2/run.rb",
+            command: "ruby /opt/bundler/v2/run.rb",
             function: "noop",
             args: [],
             env: anything
@@ -101,7 +101,7 @@
         expect(Dependabot::SharedHelpers).
           to have_received(:run_helper_subprocess).
           with(
-            command: "bundle exec ruby #{File.expand_path('../../../helpers/v2/run.rb', __dir__)}",
+            command: "ruby #{File.expand_path('../../../helpers/v2/run.rb', __dir__)}",
             function: "noop",
             args: [],
             env: anything

diff --git a/bundler/spec/spec_helper.rb b/bundler/spec/spec_helper.rb
@@ -20,16 +20,12 @@ def self.use_bundler_2?
   end
 
   def self.bundler_version
-    use_bundler_2? ? "2.3.18" : "1.17.3"
-  end
-
-  def self.bundler_major_version
-    bundler_version.split(".").first
+    use_bundler_2? ? "2" : "1"
   end
 end
 
 def bundler_project_dependency_files(project)
-  project_dependency_files(File.join("bundler#{PackageManagerHelper.bundler_major_version}", project))
+  project_dependency_files(File.join("bundler#{PackageManagerHelper.bundler_version}", project))
 end
 
 def bundler_project_dependency_file(project, filename:)