Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problem trying to use the directories in the dependabot.yml #1253

Closed
1 task done
bm-fez opened this issue Jul 29, 2024 · 2 comments
Closed
1 task done

Problem trying to use the directories in the dependabot.yml #1253

bm-fez opened this issue Jul 29, 2024 · 2 comments

Comments

@bm-fez
Copy link

bm-fez commented Jul 29, 2024

Describe the bug
We are trying to use the following dependabot.yml file with the directories

version: 2
updates:
  - package-ecosystem: "npm"
    directories:
      - "/api"
      - "/BM.DocumentAddin"

We can see from the logs that this results in the expected docker run command line

/usr/bin/docker run --rm -i -e DEPENDABOT_PACKAGE_MANAGER=npm -e DEPENDABOT_OPEN_PULL_REQUESTS_LIMIT=5 -e DEPENDABOT_DIRECTORIES=["/api","/BM.DocumentAddin"] -e DEPENDABOT_FAIL_ON_EXCEPTION=true -e AZURE_ORGANIZATION=blackmarble-source -e AZURE_PROJECT=BM -e AZURE_REPOSITORY=BlackMarble.DocumentAddin -e AZURE_ACCESS_TOKEN=*** -e AZURE_MERGE_STRATEGY=squash ghcr.io/tinglesoftware/dependabot-updater-npm:1.30.2 update_script

However the logs show the analysis is being done of the default directory

Working in blackmarble-source/BM/_git/BlackMarble.DocumentAddin, 'default' branch under '/' directory

It appears the DEPENDABOT_DIRECTORIES is not being honoured

We have also tried (using a locally hosted docker container

  • DEPENDABOT_DIRECTORIES=["/api"] - same result
  • DEPENDABOT_DIRECTORIES=["**/*"] - docs say globstar format sold be accessed, but same result
  • DIRECTORY=**/* - does not work as DIRECTORY does not accept wildcard
  • DIRECTORY=/api - If we swap to using a single directory entry, for either two listed directories, analysis works as expected

I have no Ruby skills (hence I have not attempted to submit a PR), but unless I missed it I don't think the directories array is passed into the update_script code.

Categorization

To Reproduce
Attempt to use the directories as opposed to the directory

Expected behavior
Should be able to do analysis of multiple listed directories, or ones specified with Globstar syntax

Extension (please complete the following information):

  • Host: Azure DevOps
  • Version 1.30.800

Server (please complete the following information):

  • Region uksouth
  • Version 1.30.2
@rhyskoedijk
Copy link

rhyskoedijk commented Jul 29, 2024
edited
Loading

@bm-fez support for directories is a relatively new change and isn't supported in the default "update_script" shown in your logs.

You can use directories by switching to "update_script_vnext". Enable it by checking the "Use latest update script (vNext)" checkbox under "Advanced" in the task options, or using useUpdateScriptvNext: true if using YML pipelines.

More info about the vNext script and the new features it supports can be found in #1186.

@bm-fez
Copy link
Author

bm-fez commented Jul 30, 2024

Thanks the useUpdateScriptvNext: true parameter unblocked us.

@bm-fez bm-fez closed this as completed Jul 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rhyskoedijk @bm-fez