-
Notifications
You must be signed in to change notification settings - Fork 49
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Skip DFIU PRs for repos onboarded to Renovate Enterprise #1128
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1128 +/- ##
============================================
+ Coverage 85.69% 85.91% +0.22%
- Complexity 385 390 +5
============================================
Files 27 27
Lines 1272 1292 +20
Branches 165 167 +2
============================================
+ Hits 1090 1110 +20
Misses 146 146
Partials 36 36
|
@@ -51,4 +51,6 @@ private Constants() { | |||
public static final Duration DEFAULT_TOKEN_ADDING_RATE = Duration.ofMinutes(DEFAULT_CONSUMING_TOKEN_RATE); | |||
public static final String FILENAME_DOCKERFILE = "dockerfile"; | |||
public static final String FILENAME_DOCKER_COMPOSE = "docker-compose"; | |||
public static final String CHECK_FOR_RENOVATE = "checkforrenovate"; | |||
public static final String RENOVATE_CONFIG_FILEPATH = "renovate.json"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
While we will using renovate.json
internally there are actually 9 different potential renovate configuration files, see https://docs.renovatebot.com/configuration-options/ . We might want to check for all of these paths.
InputStream is = fileContent.read(); | ||
BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(is)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think these should be closed after use.
if (json.has("enabled") && json.getBoolean("enabled") == false) { | ||
return false; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you can replace this if statement with
return json.optBoolean("enabled", true)
If the file exists and enabled is not set it is assumed to be true, otherwise return the value of the enabled field.
return false; | ||
} | ||
return true; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you can remove the return
inside of the catch and change the last return
to return false
. If the file isn't found should be only way the last return is executed so we should assume that renovate is not enabled.
@@ -65,6 +65,10 @@ static ArgumentParser getArgumentParser() { | |||
ArgumentParsers.newFor("dockerfile-image-update").addHelp(true).build() | |||
.description("Image Updates through Pull Request Automator"); | |||
|
|||
parser.addArgument("-re", "--" + CHECK_FOR_RENOVATE) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What about -R
instead for the short opt?
is.close(); | ||
bufferedReader.close(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You might want to do this in a try-with-resources statement, see https://stackoverflow.com/a/56151320 . If is.close
throws an exception then the close on buffered reader won't happen.
try (InputStream is = fileContent.read(); | ||
BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(is))) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the input stream is closed when the buffered reader is closed so I think you can inline fileContent.read()
in the InputStreamReader
constructor.
@@ -69,6 +69,11 @@ | |||
|
|||
|
|||
<dependencies> | |||
<dependency> | |||
<groupId>org.json</groupId> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is there something we can't go with gson dependency that we already have https://github.com/avimanyum/dockerfile-image-update/blob/master/dockerfile-image-update/pom.xml#L116. or you are brining it in for easy of use?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah its just a cleaner and easier way to convert to Json object
* @param fork A GitHubContentToProcess object that contains the fork repository that is under process | ||
* @return true if the file is found in the path specified and is not disabled, false otherwise | ||
*/ | ||
protected boolean isRenovateEnabled(List<String> filePaths, GitHubContentToProcess fork) throws IOException { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we can also extract reading Json from GHContent, that way we can reuse this method if needed
private JSONObject readJsonFromContent(GHContent content) throws IOException {
try (BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(content.read()))) {
JSONTokener tokener = new JSONTokener(bufferedReader);
return new JSONObject(tokener);
}
}
JSONTokener tokener = new JSONTokener(bufferedReader); | ||
json = new JSONObject(tokener); | ||
//If the file has the key 'enabled' set to false, it indicates that while the repo has been onboarded to renovate, it has been disabled for some reason | ||
return json.optBoolean("enabled", true); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So the users need to delete this key altogether to get DFIU PRs back? true/false both mean we skip DFIU PRs?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here are the scenarios
- Renovate config file not found - Send DFIU PR
- Renovate config file found and file does not have key
enabled
- Skip DFIU PR - Renovate config file found and file has the key
enabled
- return the boolean value for that key. If set totrue
, skip DFIU PR, if set tofalse
, send DFIU PR
This key is usually used when a repo onboards to Renovate but then decides to off board by adding the key enabled
: false
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"Renovate config file found and file does not have key enabled - Skip DFIU PR" Should we do this? the config file doesn't have this key, doesn't that mean it's enabled? the default is set to true https://docs.renovatebot.com/configuration-options/#enabled
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
https://github.com/stleary/JSON-java/blob/master/src/main/java/org/json/JSONObject.java#L1143
The method will return true if the file doesn't have the key enabled and we'll skip the PR
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
or am I overlooking something?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"Renovate config file found and file does not have key enabled - Skip DFIU PR" Should we do this? the config file doesn't have this key, doesn't that mean it's enabled? the default is set to true https://docs.renovatebot.com/configuration-options/#enabled
Yes, it does mean it is enabled. So we will skip DFIU because we expect to receive PRs from Renovate
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The method will return true if the file doesn't have the key enabled and we'll skip the PR
Yes, it will return true
. We will assume that Renovate is enabled
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see. This comment confused me a little, I thought we wanted to skip sending the PR in this case.
//If the file has the key 'enabled' set to false, it indicates that while the repo has been onboarded to renovate, it has been disabled for some reason.
Renovate enterprise is another solution that can be used to receive remediation PRs. This change disables sending DFIU PRs for those repositories that have been onboarded to Renovate Enterprise.