Support for helm #366
Comments
|
Hi @nilekhc , yes a new release of the docker image is required but after there's a new release of the |
|
@mburumaxwell, does the latest tag of tingle/dependabot-azure-devops pull main branch of |
|
@nilekhc no it doesn't because this repository uses the gem packages that have been released. I am unsure of the stability in supporting "nightly" versions of dependabot-core |
|
@mburumaxwell Looks like dependabot core has changed its release model. Could you make changes to your release pipeline? |
|
@mburumaxwell Looks like they have released a new version - dependabot/dependabot-core#5738 (comment) |
|
@mburumaxwell Any luck with new release of the extension? |
|
@nilekhc quite a number of changes I needed to go through to see if there is anything that's an issue. A new version should be available later in a few hours. |
|
@mburumaxwell any luck? |
|
@nilekhc , the release on 7th November has the updated dependabot libraries. Does this fail on your setup? |
|
Hi @mburumaxwell, I am now pulling jobs:
- job:
steps:
- task: dependabot@1
inputs:
useConfigFile: trueThe config file looks like this: version: 2
updates:
- package-ecosystem: "docker"
directory: "/"
assignees:
- "dependabot"Test helm chart has values.yaml file which contains: image:
repository: nginx
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: "1.17.7"I am expecting it to create PR for |
|
I'm not sure about the functionality specific for Helm vs Docker/Kubernetes. Could it be that a second nesting level is required, similar to the examples in dependabot/dependabot-core#5738 Say controller:
image:
repository: nginx
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: "1.17.7"
|
|
I don't think that's the issue. It's working correctly on the github - https://github.com/Azure/secrets-store-csi-driver-provider-azure/pull/1021/files#diff-466a916b0bbb09a9284539477d45df8196d11009e1ab0a1c90bac23227f8037fL117 And you also said that the extension has picked up the latest bits from dependabot-core which supports this feature right? |
|
Latest tag released. The latest bits are still not released/tagged. |
|
What do you mean? Sorry I did not follow. |
|
The updates are managed by the hosted version of dependabot. It has been the case since the beginning. The logic for reaching to Docker/Kubernetes is the same from this extension's POV except of registration of experiments is required. Current version is also latest release ( That said, you can toy around with the Gemfile to use a git SHA in place of a tag. build the container image and test out the latest bits of the core logic. |
|
@nilekhc seems we have a new version If this persists, could you offer a public repo on Azure DevOps to repro? |
|
Looks like it correctly picks up the version to upgrade from values.yaml but failing to update the content. Status: Downloaded newer image for tingle/dependabot-azure-devops:0.11
warning: parser/current is loading parser/ruby31, which recognizes3.1.3-compliant syntax, but you are running 3.1.2.
Please see https://github.com/whitequark/parser#compatibility-with-ruby-mri.
/home/dependabot/dependabot-script/vendor/ruby/3.1.0/gems/dependabot-docker-0.214.0/lib/dependabot/docker/file_updater.rb:158:in `updated_yaml_content': Expected content to change! (RuntimeError)
from /home/dependabot/dependabot-script/vendor/ruby/3.1.0/gems/dependabot-docker-0.214.0/lib/dependabot/docker/file_updater.rb:28:in `block in updated_dependency_files'
from /home/dependabot/dependabot-script/vendor/ruby/3.1.0/gems/dependabot-docker-0.214.0/lib/dependabot/docker/file_updater.rb:22:in `each'
from /home/dependabot/dependabot-script/vendor/ruby/3.1.0/gems/dependabot-docker-0.214.0/lib/dependabot/docker/file_updater.rb:22:in `updated_dependency_files'
from ./update-script.rb:379:in `block in <main>'
from ./update-script.rb:317:in `each'
from ./update-script.rb:317:in `<main>'
Using hostname = '<hostname>', protocol = 'https', port = '443'.
Registering exepriment 'kubernetes_updates=true'
Using 'https://<hostname>:443/' as API endpoint
Fetching docker dependency files for RenovateBotTest/DependencyManagement/_git/dependabot-test
Targeting 'default' branch under '/helm-test' directory
Parsing dependencies information
Checking if nginx 1.17.7 needs updating
Requirements to unlock own
Updating nginx from 1.17.7 to 1.23.2 |
|
@mburumaxwell Looks like Ruby version mismatch. The extension doesn't manage Ruby version, does it? |
|
Which versions don't match? |
|
Ruby version warning: parser/current is loading parser/ruby31, which recognizes3.1.3-compliant syntax, but you are running 3.1.2 |
|
This is aligned with the main repo at https://github.com/dependabot/dependabot-core/blob/main/.ruby-version. My attempts at using 3.1.3 didn't work. Further, it's a warning and we've had many of those in the past. The bigger question is what is making |
|
@nilekhc I cloned the https://github.com/Azure/secrets-store-csi-driver-provider-azure reference repo and did some changes to allow me to use this extension and the pipeline seems to have run just fine. Here's the pipeline run: Seems to be producing the same PR as Azure/secrets-store-csi-driver-provider-azure#1021 I also run this in an organization using the currently available version and it worked to the point of PR creation: 2022-12-12T16:52:01.3200644Z ##[section]Starting: Dependabot
2022-12-12T16:52:01.3210172Z ==============================================================================
2022-12-12T16:52:01.3210448Z Task : Dependabot
2022-12-12T16:52:01.3210686Z Description : Automatically update dependencies and vulnerabilities in your code
2022-12-12T16:52:01.3210904Z Version : 1.11.314
2022-12-12T16:52:01.3211139Z Author : Tingle Software
2022-12-12T16:52:01.3211396Z Help : For help please visit https://github.com/tinglesoftware/dependabot-azure-devops
2022-12-12T16:52:01.3211706Z ==============================================================================
2022-12-12T16:52:01.6427028Z [command]/usr/bin/docker run --rm -i -e DEPENDABOT_PACKAGE_MANAGER=docker -e DEPENDABOT_DIRECTORY=/manifest_staging/charts/csi-secrets-store-provider-azure -e DEPENDABOT_OPEN_PULL_REQUESTS_LIMIT=5 -e DEPENDABOT_FAIL_ON_EXCEPTION=true -e AZURE_ORGANIZATION=*** -e AZURE_PROJECT=*** -e AZURE_REPOSITORY=repro-366 -e AZURE_ACCESS_TOKEN=*** -e AZURE_MERGE_STRATEGY=2 tingle/dependabot-azure-devops:0.11
2022-12-12T16:52:01.7409074Z Unable to find image 'tingle/dependabot-azure-devops:0.11' locally
2022-12-12T16:52:02.7711573Z 0.11: Pulling from tingle/dependabot-azure-devops
2022-12-12T16:53:18.9872017Z Status: Downloaded newer image for tingle/dependabot-azure-devops:0.11
2022-12-12T16:53:20.9769332Z warning: parser/current is loading parser/ruby31, which recognizes3.1.3-compliant syntax, but you are running 3.1.2.
2022-12-12T16:53:20.9770303Z Please see https://github.com/whitequark/parser#compatibility-with-ruby-mri.
2022-12-12T16:53:25.9749786Z Using hostname = 'dev.azure.com', protocol = 'https', port = '443'.
2022-12-12T16:53:25.9750690Z Using 'https://dev.azure.com:443/' as API endpoint
2022-12-12T16:53:25.9751152Z Fetching docker dependency files for ***/***/_git/repro-366
2022-12-12T16:53:25.9751626Z Targeting 'default' branch under '/manifest_staging/charts/csi-secrets-store-provider-azure' directory
2022-12-12T16:53:25.9751996Z Parsing dependencies information
2022-12-12T16:53:25.9752370Z Checking if oss/azure/secrets-store/provider-azure v1.3.0 needs updating
2022-12-12T16:53:25.9752811Z No update needed for oss/azure/secrets-store/provider-azure v1.3.0
2022-12-12T16:53:25.9753232Z Checking if oss/kubernetes-csi/secrets-store/driver v1.2.3 needs updating
2022-12-12T16:53:25.9753519Z Requirements to unlock own
2022-12-12T16:53:25.9753885Z Updating oss/kubernetes-csi/secrets-store/driver from v1.2.3 to v1.2.4.2
2022-12-12T16:53:25.9754354Z Submitting oss/kubernetes-csi/secrets-store/driver pull request for creation. Done (PR #21934).
2022-12-12T16:53:25.9754836Z Checking if oss/kubernetes-csi/secrets-store/driver-crds v1.2.3 needs updating
2022-12-12T16:53:25.9755129Z Requirements to unlock own
2022-12-12T16:53:25.9755499Z Updating oss/kubernetes-csi/secrets-store/driver-crds from v1.2.3 to v1.2.4
2022-12-12T16:53:25.9755982Z Submitting oss/kubernetes-csi/secrets-store/driver-crds pull request for creation. Done (PR #21935).
2022-12-12T16:53:25.9756276Z Done
2022-12-12T16:53:26.1266256Z ##[section]Finishing: Dependabot
|
|
@mburumaxwell It appears to be working with this exact values.yaml. I am still unsure what's wrong with the sample chart I created with Nonetheless, thanks for your help. |
|
@mburumaxwell fyi, I think I have found the bug - dependabot/dependabot-core#6313 |
|
This having been fixed by dependabot/dependabot-core#6344, the next tagged release of |
|
@nilekhc there's still no new release for dependabot since 0.215.0 but the new bits are now available here. Could you test using the specific input |
|
@mburumaxwe, I tested this, and works as expected. |
|
Awesome. Thanks for reporting back |
Hey @mburumaxwell,
Recently, we have added support for helm in dependabot core. dependabot/dependabot-core#5738
Do we need a new release of the docker image here?
The text was updated successfully, but these errors were encountered: