Merge pull request #24 from dependabot/hello-dependabot-updater

Updater

.eslintrc.json

@@ -23,7 +23,7 @@
       "@typescript-eslint/func-call-spacing": ["error", "never"],
       "@typescript-eslint/no-array-constructor": "error",
       "@typescript-eslint/no-empty-interface": "error",
-      "@typescript-eslint/no-explicit-any": "error",
+      "@typescript-eslint/no-explicit-any": "off",
       "@typescript-eslint/no-extraneous-class": "error",
       "@typescript-eslint/no-for-in-array": "error",
       "@typescript-eslint/no-inferrable-types": "error",
@@ -44,7 +44,9 @@
       "semi": "off",
       "@typescript-eslint/semi": ["error", "never"],
       "@typescript-eslint/type-annotation-spacing": "error",
-      "@typescript-eslint/unbound-method": "error"
+      "@typescript-eslint/unbound-method": "error",
+      "@typescript-eslint/no-shadow": "error",
+      "no-shadow": "off"
     },
     "env": {
       "node": true,

.gitignore

@@ -1,3 +1,6 @@
+# Updater output
+output/output.json
+
 # Dependency directory
 node_modules
 
@@ -96,4 +99,4 @@ Thumbs.db
 
 # Ignore built ts files
 __tests__/runner/*
-lib/**/*
+lib/**/*

__tests__/dependabot-api.test.ts

@@ -1,4 +1,3 @@
-import axios, {AxiosInstance} from 'axios'
 import {DependabotAPI, PackageManager} from '../src/dependabot-api'
 
 describe('DependabotAPI', () => {
@@ -8,7 +7,8 @@ describe('DependabotAPI', () => {
   const api = new DependabotAPI(mockAxios, {
     jobID: 1,
     jobToken: 'xxx',
-    credentialsToken: 'yyy'
+    credentialsToken: 'yyy',
+    dependabotAPI: 'https://localhost'
   })
   beforeEach(jest.clearAllMocks)
 

__tests__/fixtures/job-details/npm.json

@@ -0,0 +1,47 @@
+{
+  "data": {
+      "attributes": {
+          "allowed-updates": [
+              {
+                  "dependency-type": "direct",
+                  "update-type": "all"
+              }
+          ],
+          "credentials-metadata": [
+              {
+                  "type": "git_source",
+                  "host": "github.com"
+              }
+          ],
+          "dependencies": null,
+          "existing-pull-requests": [],
+          "ignore-conditions": [],
+          "lockfile-only": false,
+          "max-updater-run-time": 2700,
+          "package-manager": "npm_and_yarn",
+          "source": {
+              "provider": "github",
+              "repo": "dsp-testing/dependabot-all-updates-test",
+              "directory": "/",
+              "branch": null,
+              "api-endpoint": "https://api.github.com/",
+              "hostname": "github.com"
+          },
+          "updating-a-pull-request": false,
+          "update-subdependencies": false,
+          "requirements-update-strategy": null,
+          "security-advisories": [],
+          "security-updates-only": false,
+          "vendor-dependencies": false,
+          "reject-external-code": false,
+          "experiments": {},
+          "commit-message-options": {
+              "include-scope": null,
+              "prefix": null,
+              "prefix-development": null
+          }
+      },
+      "id": "1001",
+      "type": "update-jobs"
+  }
+}

__tests__/updater-integration.test.ts

@@ -0,0 +1,51 @@
+import Docker from 'dockerode'
+import fs from 'fs'
+import path from 'path'
+import {Updater} from '../src/updater'
+
+describe('Updater', () => {
+  const docker = new Docker()
+  const mockDependabotAPI: any = {
+    getJobDetails: jest.fn(),
+    getCredentials: jest.fn(),
+    params: {
+      jobID: 1,
+      jobToken: 'xxx',
+      credentialsToken: 'yyy',
+      dependabotAPI: 'http://localhost'
+    }
+  }
+  const updater = new Updater(docker, mockDependabotAPI)
+
+  afterEach(() => {
+    docker.listContainers(function (err, containers) {
+      if (!containers) return
+
+      containers.forEach(function (containerInfo) {
+        if (containerInfo.Image.includes('docker.pkg.github.com/dependabot/dependabot-updater')) {
+          console.log('removing');
+
+          docker.getContainer(containerInfo.Id).remove();
+        }
+      });
+    });
+  });
+
+  jest.setTimeout(20000)
+  it('should fetch manifests', async () => {
+    mockDependabotAPI.getJobDetails.mockImplementation(() => {
+      return JSON.parse(fs.readFileSync(path.join(__dirname, "fixtures/job-details/npm.json")).toString()).data.attributes
+    })
+    mockDependabotAPI.getCredentials.mockImplementation(() => {
+      return [{
+        type: "git_source",
+        host: "github.com",
+        username: "x-access-token",
+        password: process.env.GITHUB_TOKEN,
+      }]
+    })
+
+    await updater.pullImage()
+    await updater.runUpdater()
+  })
+})

__tests__/updater.test.ts

@@ -0,0 +1,24 @@
+import Docker from 'dockerode'
+import {Updater} from '../src/updater'
+
+describe('Updater', () => {
+  const docker = new Docker()
+  const mockDependabotAPI: any = {
+    getJobDetails: jest.fn(),
+    getCredentials: jest.fn(),
+    params: {
+      jobID: 1,
+      jobToken: 'xxx',
+      credentialsToken: 'yyy',
+      dependabotAPI: 'http://localhost'
+    }
+  }
+  const updater = new Updater(docker, mockDependabotAPI)
+
+  it('should fetch job details', async () => {
+    mockDependabotAPI.getJobDetails.mockImplementation(() => {
+      throw new Error('kaboom')
+    })
+    updater.runUpdater()
+  })
+})