From 536a5645f7c23100654ec7d006f8c212b683c4d7 Mon Sep 17 00:00:00 2001 From: Jeroen Bobbeldijk Date: Tue, 30 Mar 2021 20:05:04 +0200 Subject: [PATCH 01/13] Generate alternatives for every git source --- common/lib/dependabot/shared_helpers.rb | 57 ++++++++++++------------- 1 file changed, 27 insertions(+), 30 deletions(-) diff --git a/common/lib/dependabot/shared_helpers.rb b/common/lib/dependabot/shared_helpers.rb index 82ea8e5fde..0380c76653 100644 --- a/common/lib/dependabot/shared_helpers.rb +++ b/common/lib/dependabot/shared_helpers.rb @@ -161,41 +161,12 @@ def self.with_git_configured(credentials:) reset_global_git_config(backup_git_config_path) end + # rubocop:disable Metrics/PerceivedComplexity def self.configure_git_to_use_https_with_credentials(credentials) File.open(GIT_CONFIG_GLOBAL_PATH, "w") do |file| file << "# Generated by dependabot/dependabot-core" end - configure_git_to_use_https - configure_git_credentials(credentials) - end - - def self.configure_git_to_use_https - # NOTE: we use --global here (rather than --system) so that Dependabot - # can be run without privileged access - run_shell_command( - "git config --global --replace-all url.https://github.com/."\ - "insteadOf ssh://git@github.com/" - ) - run_shell_command( - "git config --global --add url.https://github.com/."\ - "insteadOf ssh://git@github.com:" - ) - run_shell_command( - "git config --global --add url.https://github.com/."\ - "insteadOf git@github.com:" - ) - run_shell_command( - "git config --global --add url.https://github.com/."\ - "insteadOf git@github.com/" - ) - run_shell_command( - "git config --global --add url.https://github.com/."\ - "insteadOf git://github.com/" - ) - end - # rubocop:disable Metrics/PerceivedComplexity - def self.configure_git_credentials(credentials) # Then add a file-based credential store that loads a file in this repo. # Under the hood this uses git credential-store, but it's invoked through # a wrapper binary that only allows non-mutating commands. Without this, @@ -234,6 +205,7 @@ def self.configure_git_credentials(credentials) "@#{cred.fetch('host')}" git_store_content += authenticated_url + "\n" + configure_git_to_use_https(cred.fetch('host')) end # Save the file @@ -241,6 +213,31 @@ def self.configure_git_credentials(credentials) end # rubocop:enable Metrics/PerceivedComplexity + def self.configure_git_to_use_https(host) + # NOTE: we use --global here (rather than --system) so that Dependabot + # can be run without privileged access + run_shell_command( + "git config --global --replace-all url.https://#{host}/."\ + "insteadOf ssh://git@#{host}/" + ) + run_shell_command( + "git config --global --add url.https://#{host}/."\ + "insteadOf ssh://git@#{host}:" + ) + run_shell_command( + "git config --global --add url.https://#{host}/."\ + "insteadOf git@#{host}:" + ) + run_shell_command( + "git config --global --add url.https://#{host}/."\ + "insteadOf git@#{host}/" + ) + run_shell_command( + "git config --global --add url.https://#{host}/."\ + "insteadOf git://#{host}/" + ) + end + def self.reset_git_repo(path) Dir.chdir(path) do run_shell_command("git reset HEAD --hard") From efd72cfb793cac01d5b6ebf148158b2eda087f1e Mon Sep 17 00:00:00 2001 From: Jeroen Bobbeldijk Date: Tue, 30 Mar 2021 21:10:11 +0200 Subject: [PATCH 02/13] Always add github.com alternatives, disable rubocop for method --- common/lib/dependabot/shared_helpers.rb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/common/lib/dependabot/shared_helpers.rb b/common/lib/dependabot/shared_helpers.rb index 0380c76653..3dac962d3a 100644 --- a/common/lib/dependabot/shared_helpers.rb +++ b/common/lib/dependabot/shared_helpers.rb @@ -190,6 +190,9 @@ def self.configure_git_to_use_https_with_credentials(credentials) github_credentials.find { |c| !c["password"]&.start_with?("v1.") } || github_credentials.first + # Make sure we always have https alternatives for github.com. + configure_git_to_use_https("github.com") if github_credential.nil? + deduped_credentials = credentials - github_credentials + [github_credential].compact @@ -205,7 +208,7 @@ def self.configure_git_to_use_https_with_credentials(credentials) "@#{cred.fetch('host')}" git_store_content += authenticated_url + "\n" - configure_git_to_use_https(cred.fetch('host')) + configure_git_to_use_https(cred.fetch("host")) end # Save the file @@ -213,6 +216,7 @@ def self.configure_git_to_use_https_with_credentials(credentials) end # rubocop:enable Metrics/PerceivedComplexity + # rubocop:disable Metrics/AbcSize def self.configure_git_to_use_https(host) # NOTE: we use --global here (rather than --system) so that Dependabot # can be run without privileged access @@ -237,6 +241,7 @@ def self.configure_git_to_use_https(host) "insteadOf git://#{host}/" ) end + # rubocop:enable Metrics/AbcSize def self.reset_git_repo(path) Dir.chdir(path) do From 28ac306fc6df937809ff54358f20d09bf498de8d Mon Sep 17 00:00:00 2001 From: Jeroen Bobbeldijk Date: Tue, 30 Mar 2021 21:10:33 +0200 Subject: [PATCH 03/13] Add tests --- common/spec/dependabot/shared_helpers_spec.rb | 94 +++++++++++++++++++ 1 file changed, 94 insertions(+) diff --git a/common/spec/dependabot/shared_helpers_spec.rb b/common/spec/dependabot/shared_helpers_spec.rb index 650f673a58..78b55a53ca 100644 --- a/common/spec/dependabot/shared_helpers_spec.rb +++ b/common/spec/dependabot/shared_helpers_spec.rb @@ -314,4 +314,98 @@ ) end end + + describe ".with_git_configured" do + let(:credentials) { [] } + + subject(:with_git_configured) do + Dependabot::SharedHelpers.with_git_configured(credentials: credentials) do + [git_config.call, git_credentials.call] + end + end + + let(:git_config) { -> { `cat ~/.gitconfig` } } + let(:git_credentials) { -> { `cat #{Dir.pwd}/git.store` } } + + context "when providing no extra credentials" do + let(:credentials) { [] } + + it "gitconfig contains the dependabot header" do + expect(with_git_configured[0]).to include("Generated by dependabot/dependabot-core") + end + + it "gitconfig contains the ssh://git@github.com/ alternative" do + expect(with_git_configured[0]).to include("ssh://git@github.com/") + end + + it "gitconfig contains the git@github.com/ alternative" do + expect(with_git_configured[0]).to include("git@github.com/") + end + + it "gitconfig contains the git@github.com: alternative" do + expect(with_git_configured[0]).to include("git@github.com:") + end + + it "gitconfig contains the git://github.com/ alternative" do + expect(with_git_configured[0]).to include("git://github.com/") + end + + it "git credentials store is empty" do + expect(with_git_configured[1]).to eq("") + end + end + + context "when using private git_source credentials" do + let(:credentials) { + [ + { + "type" => "git_source", + "host" => "private.com", + "username" => "x-access-token", + "password" => "fake-token" + } + ] + } + + it "gitconfig contains the dependabot header" do + expect(with_git_configured[0]).to include("Generated by dependabot/dependabot-core") + end + + it "gitconfig contains the ssh://git@github.com/ alternative" do + expect(with_git_configured[0]).to include("ssh://git@github.com/") + end + + it "gitconfig contains the git@github.com/ alternative" do + expect(with_git_configured[0]).to include("git@github.com/") + end + + it "gitconfig contains the git@github.com: alternative" do + expect(with_git_configured[0]).to include("git@github.com:") + end + + it "gitconfig contains the git://github.com/ alternative" do + expect(with_git_configured[0]).to include("git://github.com/") + end + + it "gitconfig contains the ssh://git@private.com/ alternative" do + expect(with_git_configured[0]).to include("ssh://git@private.com/") + end + + it "gitconfig contains the git@private.com/ alternative" do + expect(with_git_configured[0]).to include("git@private.com/") + end + + it "gitconfig contains the git@github.com: alternative" do + expect(with_git_configured[0]).to include("git@private.com:") + end + + it "gitconfig contains the git://private.com/ alternative" do + expect(with_git_configured[0]).to include("git://private.com/") + end + + it "git credentials store should contain private git credentials" do + expect(with_git_configured[1]).to eq("https://x-access-token:fake-token@private.com\n") + end + end + end end From 13a9fcc2b9d4ed3928b6bf9d5d254886a24c5333 Mon Sep 17 00:00:00 2001 From: Jeroen Bobbeldijk Date: Tue, 30 Mar 2021 21:14:23 +0200 Subject: [PATCH 04/13] Complete matches --- common/spec/dependabot/shared_helpers_spec.rb | 26 ++++++++++++++----- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/common/spec/dependabot/shared_helpers_spec.rb b/common/spec/dependabot/shared_helpers_spec.rb index 78b55a53ca..12712c808a 100644 --- a/common/spec/dependabot/shared_helpers_spec.rb +++ b/common/spec/dependabot/shared_helpers_spec.rb @@ -338,14 +338,18 @@ expect(with_git_configured[0]).to include("ssh://git@github.com/") end - it "gitconfig contains the git@github.com/ alternative" do - expect(with_git_configured[0]).to include("git@github.com/") + it "gitconfig contains the ssh://git@github.com: alternative" do + expect(with_git_configured[0]).to include("ssh://git@github.com:") end it "gitconfig contains the git@github.com: alternative" do expect(with_git_configured[0]).to include("git@github.com:") end + it "gitconfig contains the git@github.com/ alternative" do + expect(with_git_configured[0]).to include("git@github.com/") + end + it "gitconfig contains the git://github.com/ alternative" do expect(with_git_configured[0]).to include("git://github.com/") end @@ -375,14 +379,18 @@ expect(with_git_configured[0]).to include("ssh://git@github.com/") end - it "gitconfig contains the git@github.com/ alternative" do - expect(with_git_configured[0]).to include("git@github.com/") + it "gitconfig contains the ssh://git@github.com: alternative" do + expect(with_git_configured[0]).to include("ssh://git@github.com:") end it "gitconfig contains the git@github.com: alternative" do expect(with_git_configured[0]).to include("git@github.com:") end + it "gitconfig contains the git@github.com/ alternative" do + expect(with_git_configured[0]).to include("git@github.com/") + end + it "gitconfig contains the git://github.com/ alternative" do expect(with_git_configured[0]).to include("git://github.com/") end @@ -391,14 +399,18 @@ expect(with_git_configured[0]).to include("ssh://git@private.com/") end - it "gitconfig contains the git@private.com/ alternative" do - expect(with_git_configured[0]).to include("git@private.com/") + it "gitconfig contains the ssh://git@private.com: alternative" do + expect(with_git_configured[0]).to include("ssh://git@private.com:") end - it "gitconfig contains the git@github.com: alternative" do + it "gitconfig contains the git@private.com: alternative" do expect(with_git_configured[0]).to include("git@private.com:") end + it "gitconfig contains the git@private.com/ alternative" do + expect(with_git_configured[0]).to include("git@private.com/") + end + it "gitconfig contains the git://private.com/ alternative" do expect(with_git_configured[0]).to include("git://private.com/") end From c76fdc65a5c02b69070aff6ff37849ef0d933e68 Mon Sep 17 00:00:00 2001 From: Jeroen Bobbeldijk Date: Tue, 30 Mar 2021 21:20:42 +0200 Subject: [PATCH 05/13] Add more tests --- common/spec/dependabot/shared_helpers_spec.rb | 66 ++++++++++++++++++- 1 file changed, 65 insertions(+), 1 deletion(-) diff --git a/common/spec/dependabot/shared_helpers_spec.rb b/common/spec/dependabot/shared_helpers_spec.rb index 12712c808a..00bb988379 100644 --- a/common/spec/dependabot/shared_helpers_spec.rb +++ b/common/spec/dependabot/shared_helpers_spec.rb @@ -359,7 +359,71 @@ end end - context "when using private git_source credentials" do + context "when providing github.com credentials" do + let(:credentials) { + [ + { + "type" => "git_source", + "host" => "github.com", + "username" => "x-access-token", + "password" => "fake-token" + } + ] + } + + it "gitconfig contains the dependabot header" do + expect(with_git_configured[0]).to include("Generated by dependabot/dependabot-core") + end + + it "gitconfig contains the ssh://git@github.com/ alternative" do + expect(with_git_configured[0]).to include("ssh://git@github.com/") + end + + it "gitconfig contains the ssh://git@github.com: alternative" do + expect(with_git_configured[0]).to include("ssh://git@github.com:") + end + + it "gitconfig contains the git@github.com: alternative" do + expect(with_git_configured[0]).to include("git@github.com:") + end + + it "gitconfig contains the git@github.com/ alternative" do + expect(with_git_configured[0]).to include("git@github.com/") + end + + it "gitconfig contains the git://github.com/ alternative" do + expect(with_git_configured[0]).to include("git://github.com/") + end + + it "git credentials store should contain github.com git credentials" do + expect(with_git_configured[1]).to eq("https://x-access-token:fake-token@github.com\n") + end + end + + context "when providing multiple github.com credentials" do + let(:credentials) { + [ + { + "type" => "git_source", + "host" => "github.com", + "username" => "x-access-token", + "password" => "v1.fake-token" + }, + { + "type" => "git_source", + "host" => "github.com", + "username" => "x-access-token", + "password" => "fake-token" + } + ] + } + + it "git credentials store should contain the non-app-token github.com git credentials" do + expect(with_git_configured[1]).to eq("https://x-access-token:fake-token@github.com\n") + end + end + + context "when providing private git_source credentials" do let(:credentials) { [ { From b91bed5331b6208d2a8dc140ab94d3ba80d6bbad Mon Sep 17 00:00:00 2001 From: Jeroen Bobbeldijk Date: Tue, 30 Mar 2021 21:36:25 +0200 Subject: [PATCH 06/13] Fix rubocop --- common/lib/dependabot/shared_helpers.rb | 6 ++---- common/spec/dependabot/shared_helpers_spec.rb | 12 ++++++------ 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/common/lib/dependabot/shared_helpers.rb b/common/lib/dependabot/shared_helpers.rb index 3dac962d3a..d727b7f2a7 100644 --- a/common/lib/dependabot/shared_helpers.rb +++ b/common/lib/dependabot/shared_helpers.rb @@ -161,7 +161,7 @@ def self.with_git_configured(credentials:) reset_global_git_config(backup_git_config_path) end - # rubocop:disable Metrics/PerceivedComplexity + # rubocop:disable Metrics/AbcSize def self.configure_git_to_use_https_with_credentials(credentials) File.open(GIT_CONFIG_GLOBAL_PATH, "w") do |file| file << "# Generated by dependabot/dependabot-core" @@ -214,9 +214,8 @@ def self.configure_git_to_use_https_with_credentials(credentials) # Save the file File.write("git.store", git_store_content) end - # rubocop:enable Metrics/PerceivedComplexity + # rubocop:enable Metrics/AbcSize - # rubocop:disable Metrics/AbcSize def self.configure_git_to_use_https(host) # NOTE: we use --global here (rather than --system) so that Dependabot # can be run without privileged access @@ -241,7 +240,6 @@ def self.configure_git_to_use_https(host) "insteadOf git://#{host}/" ) end - # rubocop:enable Metrics/AbcSize def self.reset_git_repo(path) Dir.chdir(path) do diff --git a/common/spec/dependabot/shared_helpers_spec.rb b/common/spec/dependabot/shared_helpers_spec.rb index 00bb988379..0eefccf0b9 100644 --- a/common/spec/dependabot/shared_helpers_spec.rb +++ b/common/spec/dependabot/shared_helpers_spec.rb @@ -360,7 +360,7 @@ end context "when providing github.com credentials" do - let(:credentials) { + let(:credentials) do [ { "type" => "git_source", @@ -369,7 +369,7 @@ "password" => "fake-token" } ] - } + end it "gitconfig contains the dependabot header" do expect(with_git_configured[0]).to include("Generated by dependabot/dependabot-core") @@ -401,7 +401,7 @@ end context "when providing multiple github.com credentials" do - let(:credentials) { + let(:credentials) do [ { "type" => "git_source", @@ -416,7 +416,7 @@ "password" => "fake-token" } ] - } + end it "git credentials store should contain the non-app-token github.com git credentials" do expect(with_git_configured[1]).to eq("https://x-access-token:fake-token@github.com\n") @@ -424,7 +424,7 @@ end context "when providing private git_source credentials" do - let(:credentials) { + let(:credentials) do [ { "type" => "git_source", @@ -433,7 +433,7 @@ "password" => "fake-token" } ] - } + end it "gitconfig contains the dependabot header" do expect(with_git_configured[0]).to include("Generated by dependabot/dependabot-core") From 52b80b868d565b9d5ebedbb3cabc0b433da3c9a1 Mon Sep 17 00:00:00 2001 From: Jeroen Bobbeldijk Date: Tue, 30 Mar 2021 22:00:37 +0200 Subject: [PATCH 07/13] Test for having the credentials helper, improve tests --- common/lib/dependabot/shared_helpers.rb | 6 +- common/spec/dependabot/shared_helpers_spec.rb | 95 +++++-------------- 2 files changed, 30 insertions(+), 71 deletions(-) diff --git a/common/lib/dependabot/shared_helpers.rb b/common/lib/dependabot/shared_helpers.rb index d727b7f2a7..61024092f0 100644 --- a/common/lib/dependabot/shared_helpers.rb +++ b/common/lib/dependabot/shared_helpers.rb @@ -161,6 +161,10 @@ def self.with_git_configured(credentials:) reset_global_git_config(backup_git_config_path) end + def self.credential_helper_path + File.join(__dir__, "../../bin/git-credential-store-immutable") + end + # rubocop:disable Metrics/AbcSize def self.configure_git_to_use_https_with_credentials(credentials) File.open(GIT_CONFIG_GLOBAL_PATH, "w") do |file| @@ -171,8 +175,6 @@ def self.configure_git_to_use_https_with_credentials(credentials) # Under the hood this uses git credential-store, but it's invoked through # a wrapper binary that only allows non-mutating commands. Without this, # whenever the credentials are deemed to be invalid, they're erased. - credential_helper_path = - File.join(__dir__, "../../bin/git-credential-store-immutable") run_shell_command( "git config --global credential.helper "\ "'!#{credential_helper_path} --file #{Dir.pwd}/git.store'", diff --git a/common/spec/dependabot/shared_helpers_spec.rb b/common/spec/dependabot/shared_helpers_spec.rb index 0eefccf0b9..135088b229 100644 --- a/common/spec/dependabot/shared_helpers_spec.rb +++ b/common/spec/dependabot/shared_helpers_spec.rb @@ -316,6 +316,15 @@ end describe ".with_git_configured" do + # rubocop:disable Layout/LineLength + config_header = "Generated by dependabot/dependabot-core" + credentials_helper = "[credential]\n\thelper = !#{Dependabot::SharedHelpers.credential_helper_path} --file #{Dir.pwd}/git.store" + + def alternatives(host) + "[url \"https://#{host}/\"]\n\tinsteadOf = ssh://git@#{host}/\n\tinsteadOf = ssh://git@#{host}:\n\tinsteadOf = git@#{host}:\n\tinsteadOf = git@#{host}/\n\tinsteadOf = git://#{host}/" + end + # rubocop:enable Layout/LineLength + let(:credentials) { [] } subject(:with_git_configured) do @@ -331,27 +340,15 @@ let(:credentials) { [] } it "gitconfig contains the dependabot header" do - expect(with_git_configured[0]).to include("Generated by dependabot/dependabot-core") - end - - it "gitconfig contains the ssh://git@github.com/ alternative" do - expect(with_git_configured[0]).to include("ssh://git@github.com/") - end - - it "gitconfig contains the ssh://git@github.com: alternative" do - expect(with_git_configured[0]).to include("ssh://git@github.com:") + expect(with_git_configured[0]).to include(config_header) end - it "gitconfig contains the git@github.com: alternative" do - expect(with_git_configured[0]).to include("git@github.com:") + it "gitconfig contains the credentials helper" do + expect(with_git_configured[0]).to include(credentials_helper) end - it "gitconfig contains the git@github.com/ alternative" do - expect(with_git_configured[0]).to include("git@github.com/") - end - - it "gitconfig contains the git://github.com/ alternative" do - expect(with_git_configured[0]).to include("git://github.com/") + it "gitconfig contains the github.com alternatives" do + expect(with_git_configured[0]).to include(alternatives("github.com")) end it "git credentials store is empty" do @@ -372,27 +369,15 @@ end it "gitconfig contains the dependabot header" do - expect(with_git_configured[0]).to include("Generated by dependabot/dependabot-core") - end - - it "gitconfig contains the ssh://git@github.com/ alternative" do - expect(with_git_configured[0]).to include("ssh://git@github.com/") - end - - it "gitconfig contains the ssh://git@github.com: alternative" do - expect(with_git_configured[0]).to include("ssh://git@github.com:") - end - - it "gitconfig contains the git@github.com: alternative" do - expect(with_git_configured[0]).to include("git@github.com:") + expect(with_git_configured[0]).to include(config_header) end - it "gitconfig contains the git@github.com/ alternative" do - expect(with_git_configured[0]).to include("git@github.com/") + it "gitconfig contains the credentials helper" do + expect(with_git_configured[0]).to include(credentials_helper) end - it "gitconfig contains the git://github.com/ alternative" do - expect(with_git_configured[0]).to include("git://github.com/") + it "gitconfig contains the github.com alternatives" do + expect(with_git_configured[0]).to include(alternatives("github.com")) end it "git credentials store should contain github.com git credentials" do @@ -436,47 +421,19 @@ end it "gitconfig contains the dependabot header" do - expect(with_git_configured[0]).to include("Generated by dependabot/dependabot-core") - end - - it "gitconfig contains the ssh://git@github.com/ alternative" do - expect(with_git_configured[0]).to include("ssh://git@github.com/") - end - - it "gitconfig contains the ssh://git@github.com: alternative" do - expect(with_git_configured[0]).to include("ssh://git@github.com:") - end - - it "gitconfig contains the git@github.com: alternative" do - expect(with_git_configured[0]).to include("git@github.com:") - end - - it "gitconfig contains the git@github.com/ alternative" do - expect(with_git_configured[0]).to include("git@github.com/") - end - - it "gitconfig contains the git://github.com/ alternative" do - expect(with_git_configured[0]).to include("git://github.com/") - end - - it "gitconfig contains the ssh://git@private.com/ alternative" do - expect(with_git_configured[0]).to include("ssh://git@private.com/") - end - - it "gitconfig contains the ssh://git@private.com: alternative" do - expect(with_git_configured[0]).to include("ssh://git@private.com:") + expect(with_git_configured[0]).to include(config_header) end - it "gitconfig contains the git@private.com: alternative" do - expect(with_git_configured[0]).to include("git@private.com:") + it "gitconfig contains the credentials helper" do + expect(with_git_configured[0]).to include(credentials_helper) end - it "gitconfig contains the git@private.com/ alternative" do - expect(with_git_configured[0]).to include("git@private.com/") + it "gitconfig contains the github.com alternatives" do + expect(with_git_configured[0]).to include(alternatives("github.com")) end - it "gitconfig contains the git://private.com/ alternative" do - expect(with_git_configured[0]).to include("git://private.com/") + it "gitconfig contains the private.com alternatives" do + expect(with_git_configured[0]).to include(alternatives("private.com")) end it "git credentials store should contain private git credentials" do From 05e0f3bc3afa8fbc4a4e73db3c9338aeb90ecf5b Mon Sep 17 00:00:00 2001 From: Jeroen Bobbeldijk Date: Tue, 30 Mar 2021 22:01:37 +0200 Subject: [PATCH 08/13] Disable more checks --- common/lib/dependabot/shared_helpers.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/common/lib/dependabot/shared_helpers.rb b/common/lib/dependabot/shared_helpers.rb index 61024092f0..492b6c0cac 100644 --- a/common/lib/dependabot/shared_helpers.rb +++ b/common/lib/dependabot/shared_helpers.rb @@ -166,6 +166,7 @@ def self.credential_helper_path end # rubocop:disable Metrics/AbcSize + # rubocop:disable PerceivedComplexity def self.configure_git_to_use_https_with_credentials(credentials) File.open(GIT_CONFIG_GLOBAL_PATH, "w") do |file| file << "# Generated by dependabot/dependabot-core" @@ -217,6 +218,7 @@ def self.configure_git_to_use_https_with_credentials(credentials) File.write("git.store", git_store_content) end # rubocop:enable Metrics/AbcSize + # rubocop:enable PerceivedComplexity def self.configure_git_to_use_https(host) # NOTE: we use --global here (rather than --system) so that Dependabot From b7cd34704d7044a23c356074f1d926e80e3a00ea Mon Sep 17 00:00:00 2001 From: Jeroen Bobbeldijk Date: Tue, 30 Mar 2021 22:13:40 +0200 Subject: [PATCH 09/13] Fix rubocop --- common/lib/dependabot/shared_helpers.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/common/lib/dependabot/shared_helpers.rb b/common/lib/dependabot/shared_helpers.rb index 492b6c0cac..13d392984e 100644 --- a/common/lib/dependabot/shared_helpers.rb +++ b/common/lib/dependabot/shared_helpers.rb @@ -166,7 +166,7 @@ def self.credential_helper_path end # rubocop:disable Metrics/AbcSize - # rubocop:disable PerceivedComplexity + # rubocop:disable Metrics/PerceivedComplexity def self.configure_git_to_use_https_with_credentials(credentials) File.open(GIT_CONFIG_GLOBAL_PATH, "w") do |file| file << "# Generated by dependabot/dependabot-core" @@ -218,7 +218,7 @@ def self.configure_git_to_use_https_with_credentials(credentials) File.write("git.store", git_store_content) end # rubocop:enable Metrics/AbcSize - # rubocop:enable PerceivedComplexity + # rubocop:enable Metrics/PerceivedComplexity def self.configure_git_to_use_https(host) # NOTE: we use --global here (rather than --system) so that Dependabot From 3d671df8c65b1281f52490607019ee986011110b Mon Sep 17 00:00:00 2001 From: Jeroen Bobbeldijk Date: Tue, 30 Mar 2021 22:39:08 +0200 Subject: [PATCH 10/13] Improve test naming --- common/spec/dependabot/shared_helpers_spec.rb | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/common/spec/dependabot/shared_helpers_spec.rb b/common/spec/dependabot/shared_helpers_spec.rb index 135088b229..79eac75780 100644 --- a/common/spec/dependabot/shared_helpers_spec.rb +++ b/common/spec/dependabot/shared_helpers_spec.rb @@ -339,19 +339,19 @@ def alternatives(host) context "when providing no extra credentials" do let(:credentials) { [] } - it "gitconfig contains the dependabot header" do + it "creates a .gitconfig that contains the Dependabot header" do expect(with_git_configured[0]).to include(config_header) end - it "gitconfig contains the credentials helper" do + it "creates a .gitconfig that contains the credentials helper" do expect(with_git_configured[0]).to include(credentials_helper) end - it "gitconfig contains the github.com alternatives" do + it "creates a .gitconfig that contains the github.com alternatives" do expect(with_git_configured[0]).to include(alternatives("github.com")) end - it "git credentials store is empty" do + it "creates a git credentials store that is empty" do expect(with_git_configured[1]).to eq("") end end @@ -368,19 +368,19 @@ def alternatives(host) ] end - it "gitconfig contains the dependabot header" do + it "creates a .gitconfig that contains the dependabot header" do expect(with_git_configured[0]).to include(config_header) end - it "gitconfig contains the credentials helper" do + it "creates a .gitconfig that contains the credentials helper" do expect(with_git_configured[0]).to include(credentials_helper) end - it "gitconfig contains the github.com alternatives" do + it "creates a .gitconfig that contains the github.com alternatives" do expect(with_git_configured[0]).to include(alternatives("github.com")) end - it "git credentials store should contain github.com git credentials" do + it "creates a git credentials store that contains github.com credentials" do expect(with_git_configured[1]).to eq("https://x-access-token:fake-token@github.com\n") end end @@ -403,7 +403,7 @@ def alternatives(host) ] end - it "git credentials store should contain the non-app-token github.com git credentials" do + it "creates a git credentials store that contains non-app-token github.com credentials" do expect(with_git_configured[1]).to eq("https://x-access-token:fake-token@github.com\n") end end @@ -420,23 +420,23 @@ def alternatives(host) ] end - it "gitconfig contains the dependabot header" do + it "creates a .gitconfig that contains the dependabot header" do expect(with_git_configured[0]).to include(config_header) end - it "gitconfig contains the credentials helper" do + it "creates a .gitconfig that contains the credentials helper" do expect(with_git_configured[0]).to include(credentials_helper) end - it "gitconfig contains the github.com alternatives" do + it "creates a .gitconfig that contains the github.com alternatives" do expect(with_git_configured[0]).to include(alternatives("github.com")) end - it "gitconfig contains the private.com alternatives" do + it "creates a .gitconfig that contains the private.com alternatives" do expect(with_git_configured[0]).to include(alternatives("private.com")) end - it "git credentials store should contain private git credentials" do + it "creates a git credentials store that contains private git credentials" do expect(with_git_configured[1]).to eq("https://x-access-token:fake-token@private.com\n") end end From 00d16b69a15653062d499c3217ed14a8824e4649 Mon Sep 17 00:00:00 2001 From: Jeroen Bobbeldijk Date: Tue, 30 Mar 2021 22:43:20 +0200 Subject: [PATCH 11/13] Fix naming --- common/spec/dependabot/shared_helpers_spec.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/common/spec/dependabot/shared_helpers_spec.rb b/common/spec/dependabot/shared_helpers_spec.rb index 79eac75780..83f3e8de66 100644 --- a/common/spec/dependabot/shared_helpers_spec.rb +++ b/common/spec/dependabot/shared_helpers_spec.rb @@ -368,7 +368,7 @@ def alternatives(host) ] end - it "creates a .gitconfig that contains the dependabot header" do + it "creates a .gitconfig that contains the Dependabot header" do expect(with_git_configured[0]).to include(config_header) end @@ -420,7 +420,7 @@ def alternatives(host) ] end - it "creates a .gitconfig that contains the dependabot header" do + it "creates a .gitconfig that contains the Dependabot header" do expect(with_git_configured[0]).to include(config_header) end From 50b0c7082700ae9b78e0aad76a41c9a544fb3a4e Mon Sep 17 00:00:00 2001 From: Jeroen Bobbeldijk Date: Wed, 31 Mar 2021 11:31:57 +0200 Subject: [PATCH 12/13] Use better way to format expected .gitconfig content --- common/spec/dependabot/shared_helpers_spec.rb | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/common/spec/dependabot/shared_helpers_spec.rb b/common/spec/dependabot/shared_helpers_spec.rb index 83f3e8de66..9db95b0248 100644 --- a/common/spec/dependabot/shared_helpers_spec.rb +++ b/common/spec/dependabot/shared_helpers_spec.rb @@ -316,14 +316,23 @@ end describe ".with_git_configured" do - # rubocop:disable Layout/LineLength config_header = "Generated by dependabot/dependabot-core" - credentials_helper = "[credential]\n\thelper = !#{Dependabot::SharedHelpers.credential_helper_path} --file #{Dir.pwd}/git.store" + + credentials_helper = <<~CONFIG.chomp + [credential] + helper = !#{Dependabot::SharedHelpers.credential_helper_path} --file #{Dir.pwd}/git.store + CONFIG def alternatives(host) - "[url \"https://#{host}/\"]\n\tinsteadOf = ssh://git@#{host}/\n\tinsteadOf = ssh://git@#{host}:\n\tinsteadOf = git@#{host}:\n\tinsteadOf = git@#{host}/\n\tinsteadOf = git://#{host}/" + <<~CONFIG.chomp + [url "https://#{host}/"] + insteadOf = ssh://git@#{host}/ + insteadOf = ssh://git@#{host}: + insteadOf = git@#{host}: + insteadOf = git@#{host}/ + insteadOf = git://#{host}/ + CONFIG end - # rubocop:enable Layout/LineLength let(:credentials) { [] } From 0b758d46348a2492b571f31263c60027ad205edc Mon Sep 17 00:00:00 2001 From: Jeroen Bobbeldijk Date: Wed, 31 Mar 2021 12:16:51 +0200 Subject: [PATCH 13/13] Improve tests to be more readable --- common/spec/dependabot/shared_helpers_spec.rb | 38 +++++++++---------- 1 file changed, 18 insertions(+), 20 deletions(-) diff --git a/common/spec/dependabot/shared_helpers_spec.rb b/common/spec/dependabot/shared_helpers_spec.rb index 9db95b0248..21b5568efd 100644 --- a/common/spec/dependabot/shared_helpers_spec.rb +++ b/common/spec/dependabot/shared_helpers_spec.rb @@ -336,32 +336,30 @@ def alternatives(host) let(:credentials) { [] } - subject(:with_git_configured) do - Dependabot::SharedHelpers.with_git_configured(credentials: credentials) do - [git_config.call, git_credentials.call] - end + def with_git_configured(&block) + Dependabot::SharedHelpers.with_git_configured(credentials: credentials) { block.call } end - let(:git_config) { -> { `cat ~/.gitconfig` } } - let(:git_credentials) { -> { `cat #{Dir.pwd}/git.store` } } + let(:configured_git_config) { with_git_configured { `cat ~/.gitconfig` } } + let(:configured_git_credentials) { with_git_configured { `cat #{Dir.pwd}/git.store` } } context "when providing no extra credentials" do let(:credentials) { [] } it "creates a .gitconfig that contains the Dependabot header" do - expect(with_git_configured[0]).to include(config_header) + expect(configured_git_config).to include(config_header) end it "creates a .gitconfig that contains the credentials helper" do - expect(with_git_configured[0]).to include(credentials_helper) + expect(configured_git_config).to include(credentials_helper) end it "creates a .gitconfig that contains the github.com alternatives" do - expect(with_git_configured[0]).to include(alternatives("github.com")) + expect(configured_git_config).to include(alternatives("github.com")) end it "creates a git credentials store that is empty" do - expect(with_git_configured[1]).to eq("") + expect(configured_git_credentials).to eq("") end end @@ -378,19 +376,19 @@ def alternatives(host) end it "creates a .gitconfig that contains the Dependabot header" do - expect(with_git_configured[0]).to include(config_header) + expect(configured_git_config).to include(config_header) end it "creates a .gitconfig that contains the credentials helper" do - expect(with_git_configured[0]).to include(credentials_helper) + expect(configured_git_config).to include(credentials_helper) end it "creates a .gitconfig that contains the github.com alternatives" do - expect(with_git_configured[0]).to include(alternatives("github.com")) + expect(configured_git_config).to include(alternatives("github.com")) end it "creates a git credentials store that contains github.com credentials" do - expect(with_git_configured[1]).to eq("https://x-access-token:fake-token@github.com\n") + expect(configured_git_credentials).to eq("https://x-access-token:fake-token@github.com\n") end end @@ -413,7 +411,7 @@ def alternatives(host) end it "creates a git credentials store that contains non-app-token github.com credentials" do - expect(with_git_configured[1]).to eq("https://x-access-token:fake-token@github.com\n") + expect(configured_git_credentials).to eq("https://x-access-token:fake-token@github.com\n") end end @@ -430,23 +428,23 @@ def alternatives(host) end it "creates a .gitconfig that contains the Dependabot header" do - expect(with_git_configured[0]).to include(config_header) + expect(configured_git_config).to include(config_header) end it "creates a .gitconfig that contains the credentials helper" do - expect(with_git_configured[0]).to include(credentials_helper) + expect(configured_git_config).to include(credentials_helper) end it "creates a .gitconfig that contains the github.com alternatives" do - expect(with_git_configured[0]).to include(alternatives("github.com")) + expect(configured_git_config).to include(alternatives("github.com")) end it "creates a .gitconfig that contains the private.com alternatives" do - expect(with_git_configured[0]).to include(alternatives("private.com")) + expect(configured_git_config).to include(alternatives("private.com")) end it "creates a git credentials store that contains private git credentials" do - expect(with_git_configured[1]).to eq("https://x-access-token:fake-token@private.com\n") + expect(configured_git_credentials).to eq("https://x-access-token:fake-token@private.com\n") end end end