secure-repo icon indicating copy to clipboard operation
secure-repo copied to clipboard

Published 20 hours ago verified publisher icon step-security

Create or update dependabot config based on input

Open varunsh-coder opened this issue 3 years ago • 1 comments

  • [ ] If no dependabot file is specified in POST request and no path is specified to a dependabot file, assume that dependabot file does not exist.
  • [ ] Take the enable query string parameter and split it on ,. These should be ecosystem values and should be one of those specified here. e.g. enable=github-actions.
  • [ ] Create a new dependabot file for each of the ecosystems specified in the query string.
  • [ ] If dependabot file exists, either specified in the POST request or in the path, take the enable query string parameter and update the config by adding the missing ecosystems. e.g. if enable=github-actions,docker,gomod and config already exists for gomod, then add it for github-actions and docker`.
  • [ ] Add test cases by adding files to input and output folders for different scenarios, e.g. no file exists or file already exists, but few ecosystems were missing.

@Devils-Knight please take this up.

varunsh-coder avatar Oct 03 '22 04:10 varunsh-coder

@Devils-Knight I thought about how to send in the dependabot config file contents as well as the json input for ecosystem and directory, and think might be best to send in as JSON input.

The content of the file can be an attribute value, similar to this. It can be sent in the attribute value. The ecosystem and directory can be part of another attribute.

{
  "name": "canary.yml",
  "path": ".github/workflows/canary.yml",
  "download_url": "https://raw.githubusercontent.com/step-security/harden-runner/main/.github/workflows/canary.yml",
  "type": "file",
  "content": "bmFtZTogVGVzdCBhIGJyYW5jaCBvbi...AgY2FuYXJ5OiB0cnVlCg==\n",
  "encoding": "base64",
  "_links": {
    "self": "https://api.github.com/repos/step-security/harden-runner/contents/.github/workflows/canary.yml?ref=main",
    "git": "https://api.github.com/repos/step-security/harden-runner/git/blobs/c78ae4731a2e4bae37ccfb720e59dc01ff04d4cc",
    "html": "https://github.com/step-security/harden-runner/blob/main/.github/workflows/canary.yml"
  }
}

This is a response from GitHub's content API https://api.github.com/repos/step-security/harden-runner/contents/.github/workflows/canary.yml

We already send responses similar to this (example). So we can accept input in a similar manner. Let me know if you have questions.

varunsh-coder avatar Oct 10 '22 03:10 varunsh-coder

This is done. Good work @Devils-Knight!

varunsh-coder avatar Nov 22 '22 18:11 varunsh-coder