From 8c5e5e4c0673cb6aad08780b63864fe5fcbc9998 Mon Sep 17 00:00:00 2001 From: Rhys Koedijk Date: Sun, 15 Dec 2024 11:01:41 +1300 Subject: [PATCH] If no experiments are specified, use the GitHub service defaults --- .../utils/dependabot-cli/DependabotJobBuilder.ts | 9 ++++++++- .../dependabotV2/utils/dependabot/experiments.ts | 15 +++++++++++++++ .../dependabotV2/utils/getSharedVariables.ts | 9 +++++++++ 3 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 extension/tasks/dependabotV2/utils/dependabot/experiments.ts diff --git a/extension/tasks/dependabotV2/utils/dependabot-cli/DependabotJobBuilder.ts b/extension/tasks/dependabotV2/utils/dependabot-cli/DependabotJobBuilder.ts index b6ff1dbc..79f0bd69 100644 --- a/extension/tasks/dependabotV2/utils/dependabot-cli/DependabotJobBuilder.ts +++ b/extension/tasks/dependabotV2/utils/dependabot-cli/DependabotJobBuilder.ts @@ -148,7 +148,14 @@ function buildUpdateJobConfig( 'prefix-development': update['commit-message']?.['prefix-development'], 'include-scope': update['commit-message']?.['include'], }, - 'experiments': taskInputs.experiments, + 'experiments': Object.keys(taskInputs.experiments || {}).reduce( + (acc, key) => { + // Replace '-' with '_' in the experiment keys to match the dependabot-core models + acc[key.replace(/-/g, '_')] = taskInputs.experiments[key]; + return acc; + }, + {} as Record, + ), 'max-updater-run-time': undefined, // TODO: add config for this? 'reject-external-code': update['insecure-external-code-execution']?.toLocaleLowerCase() == 'allow', 'repo-private': undefined, // TODO: add config for this? diff --git a/extension/tasks/dependabotV2/utils/dependabot/experiments.ts b/extension/tasks/dependabotV2/utils/dependabot/experiments.ts new file mode 100644 index 00000000..c99987a5 --- /dev/null +++ b/extension/tasks/dependabotV2/utils/dependabot/experiments.ts @@ -0,0 +1,15 @@ +// The default experiments known to be used by the GitHub Dependabot service. +// This changes often, update as needed by extracting them from a Dependabot GitHub Action run. +// e.g. https://github.com/tinglesoftware/dependabot-azure-devops/actions/workflows/dependabot/dependabot-updates +export const DEFAULT_EXPERIMENTS: Record = { + 'record-ecosystem-versions': true, + 'record-update-job-unknown-error': true, + 'proxy-cached': true, + 'move-job-token': true, + 'dependency-change-validation': true, + 'nuget-native-analysis': true, + 'nuget-use-direct-discovery': true, + 'enable-file-parser-python-local': true, + 'lead-security-dependency': true, + 'enable-record-ecosystem-meta': true, +}; diff --git a/extension/tasks/dependabotV2/utils/getSharedVariables.ts b/extension/tasks/dependabotV2/utils/getSharedVariables.ts index bcf83e67..244bc877 100644 --- a/extension/tasks/dependabotV2/utils/getSharedVariables.ts +++ b/extension/tasks/dependabotV2/utils/getSharedVariables.ts @@ -1,4 +1,5 @@ import * as tl from 'azure-pipelines-task-lib/task'; +import { DEFAULT_EXPERIMENTS } from './dependabot/experiments'; import extractHostname from './extractHostname'; import extractOrganization from './extractOrganization'; import extractVirtualDirectory from './extractVirtualDirectory'; @@ -140,6 +141,14 @@ export default function getSharedVariables(): ISharedVariables { {} as Record, ); + // If no experiments are defined, use the default experiments + if (!experiments) { + experiments = DEFAULT_EXPERIMENTS; + tl.debug('No experiments provided; Using default experiments.'); + } + + console.log('Experiments:', experiments); + let debug: boolean = tl.getVariable('System.Debug')?.match(/true/i) ? true : false; // Get the target identifiers