Skip to content

Commit

Permalink
Merge branch 'main' into dependabot/docker/docker/dependabot-core-ima…
Browse files Browse the repository at this point in the history 
…ges-0baeb16950
  • Loading branch information
@Nishnha
Nishnha authored Feb 22, 2024
2 parents 1c0a860 + b6934e3 commit a394bb6
Show file tree
Hide file tree
Showing 10 changed files with 384 additions and 40 deletions.
33 changes: 24 additions & 9 deletions __tests__/api_client.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,17 +10,32 @@ describe('ApiClient', () => {
const mockHttpClient: any = {
getJson: jest.fn()
}
const api = new ApiClient(mockHttpClient, {
jobId: 1,
jobToken: 'xxx',
credentialsToken: 'yyy',
dependabotApiUrl: 'https://localhost',
dependabotApiDockerUrl: 'https://localhost',
updaterImage: '', // irrelevant for this test
workingDirectory: './job-directory'
})

// Define jobToken and credentialsToken
const jobToken = 'xxx'
const credentialsToken = 'yyy'

const api = new ApiClient(
mockHttpClient,
{
jobId: 1,
jobToken,
credentialsToken,
dependabotApiUrl: 'https://localhost',
dependabotApiDockerUrl: 'https://localhost',
updaterImage: '', // irrelevant for this test
workingDirectory: './job-directory'
},
jobToken,
credentialsToken
)
beforeEach(jest.clearAllMocks)

test('getJobToken returns the correct job token', async () => {
const actualJobToken = api.getJobToken()
expect(actualJobToken).toBe(jobToken)
})

test('get job details', async () => {
const apiResponse = {
data: {
Expand Down
261 changes: 261 additions & 0 deletions __tests__/main.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,9 @@ describe('run', () => {
process.env.GITHUB_SERVER_URL = 'https://test.dev'
process.env.GITHUB_REPOSITORY = 'foo/bar'

process.env.GITHUB_DEPENDABOT_JOB_TOKEN = 'xxx'
process.env.GITHUB_DEPENDABOT_CRED_TOKEN = 'yyy'

markJobAsProcessedSpy = jest.spyOn(
ApiClient.prototype,
'markJobAsProcessed'
Expand Down Expand Up @@ -471,4 +474,262 @@ describe('run', () => {
expect(markJobAsProcessedSpy).toHaveBeenCalled()
})
})

describe('when the there is no job token', () => {
beforeEach(() => {
jest.spyOn(inputs, 'getJobParameters').mockReturnValueOnce(
new inputs.JobParameters(
1,
'', // jobToken set as empty
'cred-token',
'https://example.com',
'172.17.0.1',
'image/name:tag',
'./'
)
)

process.env.GITHUB_DEPENDABOT_JOB_TOKEN = ''
process.env.GITHUB_DEPENDABOT_CRED_TOKEN = 'yyy'
context = new Context()
})

test('it fails the workflow with the specific error message for missing job token', async () => {
await run(context)

expect(core.setFailed).toHaveBeenCalledWith(
`Github Dependabot job token is not set`
)
})

test('it does not report this failed run to dependabot-api', async () => {
await run(context)

expect(markJobAsProcessedSpy).not.toHaveBeenCalled()
expect(reportJobErrorSpy).not.toHaveBeenCalled()
})

test('it does not inform dependabot-api as it cannot instantiate a client without the params', async () => {
await run(context)

expect(markJobAsProcessedSpy).not.toHaveBeenCalled()
expect(reportJobErrorSpy).not.toHaveBeenCalled()
})
})

describe('when the there is no cred token', () => {
beforeEach(() => {
jest.spyOn(inputs, 'getJobParameters').mockReturnValueOnce(
new inputs.JobParameters(
1,
'job-token',
'', // credToken set as empty
'https://example.com',
'172.17.0.1',
'image/name:tag',
'./'
)
)

process.env.GITHUB_DEPENDABOT_JOB_TOKEN = 'xxx'
process.env.GITHUB_DEPENDABOT_CRED_TOKEN = ''
context = new Context()
})

test('it fails the workflow with the specific error message for missing credentials token', async () => {
await run(context)

expect(core.setFailed).toHaveBeenCalledWith(
`Github Dependabot credentials token is not set`
)
})

test('it does not report this failed run to dependabot-api', async () => {
await run(context)

expect(markJobAsProcessedSpy).not.toHaveBeenCalled()
expect(reportJobErrorSpy).not.toHaveBeenCalled()
})

test('it does not inform dependabot-api as it cannot instantiate a client without the params', async () => {
await run(context)

expect(markJobAsProcessedSpy).not.toHaveBeenCalled()
expect(reportJobErrorSpy).not.toHaveBeenCalled()
})
})

describe('when only the job token is provided through the Action environment', () => {
beforeEach(() => {
jest
.spyOn(inputs, 'getJobParameters')
.mockReturnValueOnce(
new inputs.JobParameters(
1,
'',
'',
'https://example.com',
'172.17.0.1',
'image/name:tag',
'./'
)
)
jest.spyOn(ApiClient.prototype, 'getJobDetails').mockImplementationOnce(
jest.fn(async () => {
return {'package-manager': 'npm_and_yarn'} as JobDetails
})
)

process.env.GITHUB_DEPENDABOT_JOB_TOKEN = 'xxx'
process.env.GITHUB_DEPENDABOT_CRED_TOKEN = 'yyy'
context = new Context()
})

test('it signs off at completion without any errors', async () => {
await run(context)

expect(core.setFailed).not.toHaveBeenCalled()
expect(core.info).toHaveBeenCalledWith(
expect.stringContaining('🤖 ~ finished ~')
)
})

test('it defers reporting back to dependabot-api to the updater itself', async () => {
await run(context)

expect(markJobAsProcessedSpy).not.toHaveBeenCalled()
expect(reportJobErrorSpy).not.toHaveBeenCalled()
})
})

describe('when only the cred token is provided through the Action environment', () => {
beforeEach(() => {
jest
.spyOn(inputs, 'getJobParameters')
.mockReturnValueOnce(
new inputs.JobParameters(
1,
'',
'',
'https://example.com',
'172.17.0.1',
'image/name:tag',
'./'
)
)
jest.spyOn(ApiClient.prototype, 'getJobDetails').mockImplementationOnce(
jest.fn(async () => {
return {'package-manager': 'npm_and_yarn'} as JobDetails
})
)

process.env.GITHUB_DEPENDABOT_JOB_TOKEN = 'xxx'
process.env.GITHUB_DEPENDABOT_CRED_TOKEN = 'yyy'
context = new Context()
})

test('it signs off at completion without any errors', async () => {
await run(context)

expect(core.setFailed).not.toHaveBeenCalled()
expect(core.info).toHaveBeenCalledWith(
expect.stringContaining('🤖 ~ finished ~')
)
})

test('it defers reporting back to dependabot-api to the updater itself', async () => {
await run(context)

expect(markJobAsProcessedSpy).not.toHaveBeenCalled()
expect(reportJobErrorSpy).not.toHaveBeenCalled()
})
})

// The below tests are to support backward compatibility when the job token and cred token
// are not provided through the Action environment
describe('when only the job token is provided through the jobParmeters', () => {
beforeEach(() => {
jest
.spyOn(inputs, 'getJobParameters')
.mockReturnValueOnce(
new inputs.JobParameters(
1,
'xxx',
'yyy',
'https://example.com',
'172.17.0.1',
'image/name:tag',
'./'
)
)
jest.spyOn(ApiClient.prototype, 'getJobDetails').mockImplementationOnce(
jest.fn(async () => {
return {'package-manager': 'npm_and_yarn'} as JobDetails
})
)

process.env.GITHUB_DEPENDABOT_JOB_TOKEN = ''
process.env.GITHUB_DEPENDABOT_CRED_TOKEN = ''
context = new Context()
})

test('it signs off at completion without any errors', async () => {
await run(context)

expect(core.setFailed).not.toHaveBeenCalled()
expect(core.info).toHaveBeenCalledWith(
expect.stringContaining('🤖 ~ finished ~')
)
})

test('it defers reporting back to dependabot-api to the updater itself', async () => {
await run(context)

expect(markJobAsProcessedSpy).not.toHaveBeenCalled()
expect(reportJobErrorSpy).not.toHaveBeenCalled()
})
})

describe('when only the cred token is provided through the jobParmeters', () => {
beforeEach(() => {
jest
.spyOn(inputs, 'getJobParameters')
.mockReturnValueOnce(
new inputs.JobParameters(
1,
'xxx',
'yyy',
'https://example.com',
'172.17.0.1',
'image/name:tag',
'./'
)
)
jest.spyOn(ApiClient.prototype, 'getJobDetails').mockImplementationOnce(
jest.fn(async () => {
return {'package-manager': 'npm_and_yarn'} as JobDetails
})
)

process.env.GITHUB_DEPENDABOT_JOB_TOKEN = ''
process.env.GITHUB_DEPENDABOT_CRED_TOKEN = ''
context = new Context()
})

test('it signs off at completion without any errors', async () => {
await run(context)

expect(core.setFailed).not.toHaveBeenCalled()
expect(core.info).toHaveBeenCalledWith(
expect.stringContaining('🤖 ~ finished ~')
)
})

test('it defers reporting back to dependabot-api to the updater itself', async () => {
await run(context)

expect(markJobAsProcessedSpy).not.toHaveBeenCalled()
expect(reportJobErrorSpy).not.toHaveBeenCalled()
})
})
})
10 changes: 7 additions & 3 deletions __tests__/updater-integration.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,10 +32,14 @@ integration('Updater', () => {
'./integration_working_directory'
)

// Define jobToken and credentialsToken
const jobToken = 'xxx'
const credentialsToken = 'yyy'

const params = new JobParameters(
1,
'job-token',
'cred-token',
jobToken,
credentialsToken,
dependabotApiUrl,
dependabotApiDockerUrl,
updaterImage,
Expand All @@ -45,7 +49,7 @@ integration('Updater', () => {
const client = new httpClient.HttpClient(
'github/dependabot-action integration'
)
const apiClient = new ApiClient(client, params)
const apiClient = new ApiClient(client, params, jobToken, credentialsToken)

beforeAll(async () => {
await ImageService.pull(updaterImageName('npm_and_yarn'))
Expand Down
7 changes: 4 additions & 3 deletions __tests__/updater.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,12 +25,13 @@ describe('Updater', () => {
const mockApiClient: any = {
getJobDetails: jest.fn(),
getCredentials: jest.fn(),
getJobToken: jest.fn(),
params: {
jobId: 1,
jobToken: 'job-token',
credentialsToken: 'job-credentials-token',
dependabotApiUrl: 'http://localhost:3001'
}
},
jobToken: 'job-token',
credentialsToken: 'job-credentials-token'
}

const mockJobDetails: any = {
Expand Down
Loading

0 comments on commit a394bb6

Please sign in to comment.