Skip DFIU PRs for repos onboarded to Renovate Enterprise #1128
Conversation
github-actions
bot
added
chore
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1128 +/- ##
============================================
+ Coverage 85.69% 85.91% +0.22%
- Complexity 385 390 +5
============================================
Files 27 27
Lines 1272 1292 +20
Branches 165 167 +2
============================================
+ Hits 1090 1110 +20
Misses 146 146
Partials 36 36
|
avimanyum
removed
chore
github-actions
bot
added
chore
| @@ -51,4 +51,6 @@ private Constants() { | |||
| public static final Duration DEFAULT_TOKEN_ADDING_RATE = Duration.ofMinutes(DEFAULT_CONSUMING_TOKEN_RATE); | |||
| public static final String FILENAME_DOCKERFILE = "dockerfile"; | |||
| public static final String FILENAME_DOCKER_COMPOSE = "docker-compose"; | |||
| public static final String CHECK_FOR_RENOVATE = "checkforrenovate"; | |||
| public static final String RENOVATE_CONFIG_FILEPATH = "renovate.json"; | |||
There was a problem hiding this comment.
While we will using renovate.json internally there are actually 9 different potential renovate configuration files, see https://docs.renovatebot.com/configuration-options/ . We might want to check for all of these paths.
| InputStream is = fileContent.read(); | ||
| BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(is)); |
There was a problem hiding this comment.
I think these should be closed after use.
| if (json.has("enabled") && json.getBoolean("enabled") == false) { | ||
| return false; | ||
| } |
There was a problem hiding this comment.
I think you can replace this if statement with
return json.optBoolean("enabled", true)If the file exists and enabled is not set it is assumed to be true, otherwise return the value of the enabled field.
| return false; | ||
| } | ||
| return true; |
There was a problem hiding this comment.
I think you can remove the return inside of the catch and change the last return to return false. If the file isn't found should be only way the last return is executed so we should assume that renovate is not enabled.
| @@ -65,6 +65,10 @@ static ArgumentParser getArgumentParser() { | |||
| ArgumentParsers.newFor("dockerfile-image-update").addHelp(true).build() | |||
| .description("Image Updates through Pull Request Automator"); | |||
|
|
|||
| parser.addArgument("-re", "--" + CHECK_FOR_RENOVATE) | |||
There was a problem hiding this comment.
What about -R instead for the short opt?
| is.close(); | ||
| bufferedReader.close(); |
There was a problem hiding this comment.
You might want to do this in a try-with-resources statement, see https://stackoverflow.com/a/56151320 . If is.close throws an exception then the close on buffered reader won't happen.
| try (InputStream is = fileContent.read(); | ||
| BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(is))) { |
There was a problem hiding this comment.
I think the input stream is closed when the buffered reader is closed so I think you can inline fileContent.read() in the InputStreamReader constructor.
| @@ -69,6 +69,11 @@ | |||
|
|
|||
|
|
|||
| <dependencies> | |||
| <dependency> | |||
| <groupId>org.json</groupId> | |||
There was a problem hiding this comment.
is there something we can't go with gson dependency that we already have https://github.com/avimanyum/dockerfile-image-update/blob/master/dockerfile-image-update/pom.xml#L116. or you are brining it in for easy of use?
There was a problem hiding this comment.
Yeah its just a cleaner and easier way to convert to Json object
| * @param fork A GitHubContentToProcess object that contains the fork repository that is under process | ||
| * @return true if the file is found in the path specified and is not disabled, false otherwise | ||
| */ | ||
| protected boolean isRenovateEnabled(List<String> filePaths, GitHubContentToProcess fork) throws IOException { |
There was a problem hiding this comment.
we can also extract reading Json from GHContent, that way we can reuse this method if needed
private JSONObject readJsonFromContent(GHContent content) throws IOException {
try (BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(content.read()))) {
JSONTokener tokener = new JSONTokener(bufferedReader);
return new JSONObject(tokener);
}
}
| JSONTokener tokener = new JSONTokener(bufferedReader); | ||
| json = new JSONObject(tokener); | ||
| //If the file has the key 'enabled' set to false, it indicates that while the repo has been onboarded to renovate, it has been disabled for some reason | ||
| return json.optBoolean("enabled", true); |
There was a problem hiding this comment.
So the users need to delete this key altogether to get DFIU PRs back? true/false both mean we skip DFIU PRs?
There was a problem hiding this comment.
Here are the scenarios
- Renovate config file not found - Send DFIU PR
- Renovate config file found and file does not have key
enabled- Skip DFIU PR - Renovate config file found and file has the key
enabled- return the boolean value for that key. If set totrue, skip DFIU PR, if set tofalse, send DFIU PR
This key is usually used when a repo onboards to Renovate but then decides to off board by adding the key enabled: false.
There was a problem hiding this comment.
"Renovate config file found and file does not have key enabled - Skip DFIU PR" Should we do this? the config file doesn't have this key, doesn't that mean it's enabled? the default is set to true https://docs.renovatebot.com/configuration-options/#enabled
There was a problem hiding this comment.
https://github.com/stleary/JSON-java/blob/master/src/main/java/org/json/JSONObject.java#L1143
The method will return true if the file doesn't have the key enabled and we'll skip the PR
There was a problem hiding this comment.
or am I overlooking something?
There was a problem hiding this comment.
"Renovate config file found and file does not have key enabled - Skip DFIU PR" Should we do this? the config file doesn't have this key, doesn't that mean it's enabled? the default is set to true https://docs.renovatebot.com/configuration-options/#enabled
Yes, it does mean it is enabled. So we will skip DFIU because we expect to receive PRs from Renovate
There was a problem hiding this comment.
The method will return true if the file doesn't have the key enabled and we'll skip the PR
Yes, it will return true. We will assume that Renovate is enabled
There was a problem hiding this comment.
I see. This comment confused me a little, I thought we wanted to skip sending the PR in this case.
//If the file has the key 'enabled' set to false, it indicates that while the repo has been onboarded to renovate, it has been disabled for some reason.
Renovate enterprise is another solution that can be used to receive remediation PRs. This change disables sending DFIU PRs for those repositories that have been onboarded to Renovate Enterprise.