Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Switch to letting go get mutate go.mod #3590

Closed
wants to merge 16 commits into from
Closed

Switch to letting go get mutate go.mod #3590

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
9551b73
Switch to letting `go get` mutate `go.mod`
jeffwidman Apr 29, 2021
df0497a
drop comment that's out of scope for this PR
jeffwidman Apr 29, 2021
5ef6efb
pass multiple deps to go get
jeffwidman Apr 29, 2021
acce03d
Merge remote-tracking branch 'upstream/main' into switch-to-letting-g…
jeffwidman Apr 29, 2021
05cb135
use an unfrozen string
jeffwidman Apr 29, 2021
8cb409c
Fix two of the tests
jeffwidman Apr 29, 2021
a13eeee
Fix more tests
jeffwidman Apr 29, 2021
7c75b11
`go get -d <dep>@<version> no longer raises an error on rename
jeffwidman Apr 29, 2021
433a4f1
document the remaining two failures
jeffwidman Apr 30, 2021
8aff846
Merge remote-tracking branch 'upstream/main' into switch-to-letting-g…
jeffwidman May 6, 2021
478dc2c
Update go_modules/lib/dependabot/go_modules/file_updater/go_mod_updat…
jeffwidman May 17, 2021
475b919
Merge remote-tracking branch 'upstream/main' into switch-to-letting-g…
jeffwidman May 17, 2021
73cecb7
Remove no-longer applicable comment.
jeffwidman May 17, 2021
b466bb1
shorten lines to please the linter
jeffwidman May 18, 2021
4233836
hmm...
jeffwidman May 18, 2021
caaf083
Merge remote-tracking branch 'upstream/main' into switch-to-letting-g…
jeffwidman Aug 5, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 10 additions & 5 deletions go_modules/lib/dependabot/go_modules/file_updater/go_mod_updater.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,11 +96,6 @@ def update_files # rubocop:disable Metrics/AbcSize, Metrics/PerceivedComplexity
# Bump the deps we want to upgrade using `go get lib@version`
run_go_get(dependencies)

# Run `go get`'s internal validation checks against _each_ module in `go.mod`
# by running `go get` w/o specifying any library. It finds problems like when a
# module declares itself using a different name than specified in our `go.mod` etc.
run_go_get

# If we stubbed modules, don't run `go mod {tidy,vendor}` as
# dependencies are incomplete
if substitutions.empty?
Expand Down Expand Up @@ -169,11 +164,21 @@ def run_go_get(dependencies = [])
command = +"go get -d"
# `go get` accepts multiple packages, each separated by a space
dependencies.each do |dep|
# Use version pinning rather than `latest` just in case
# a new version gets released in the middle of our run.
version = "v" + dep.version.sub(/^v/i, "")
jeffwidman marked this conversation as resolved.
Show resolved Hide resolved
command << " #{dep.name}@#{version}"
end
command = SharedHelpers.escape_command(command)
_, stderr, status = Open3.capture3(ENVIRONMENT, command)
handle_subprocess_error(stderr) unless status.success?

# Hmm... I'm still unclear/digging to understand why we'd need a blank `go get -d`
# possibly re-jigger func defs
# https://github.com/dependabot/dependabot-core/pull/3590#discussion_r632456405
# TODO: go 1.18 will make `-d` the default behavior, so remove the flag then
command = "go get -d"
command = SharedHelpers.escape_command(command)
_, stderr, status = Open3.capture3(ENVIRONMENT, command)
handle_subprocess_error(stderr) unless status.success?
ensure
Expand Down
24 changes: 18 additions & 6 deletions go_modules/spec/dependabot/go_modules/file_updater/go_mod_updater_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -273,12 +273,23 @@
# OpenAPIV2 has been renamed to openapiv2 in this version
let(:dependency_version) { "v0.5.1" }

it "raises a DependencyFileNotResolvable error" do
error_class = Dependabot::DependencyFileNotResolvable
# NOTE: We explicitly don't want to raise a resolvability error from `go mod tidy`
it "does not raises a DependencyFileNotResolvable error" do
expect { updater.updated_go_sum_content }.
to raise_error(error_class) do |error|
expect(error.message).to include("googleapis/gnostic/OpenAPIv2")
end
to_not raise_error
end

it "updates the go.mod" do
# this is failing, but I'm not sure why.
# The code runs `go get -d github.com/googleapis/[email protected]`
# and then later runs `go mod tidy -e`.
# So I manually ran those in the test fixture, and it resulted in
# this line appearing. But when the test executes, this line is missing.
# I'm not sure why, and not sure how to run the Ruby debugger
# to step through it.
Copy link
Member Author

@jeffwidman jeffwidman Apr 30, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The test was failing. The backstory is pretty complicated:

  • aa67f7d removed catching the error, because go mod tidy didn't flag it.
  • Upgrade golang to v1.16 #3233 put it back because in go 1.16, go get -d started flagging the error again.
  • Now that we're switching from go get -d to go get -d <dep>@<version> this error is no longer thrown. Instead the go.mod file gets updated.

I manually replicated the go get -d github.com/googleapis/[email protected] followed by go mod tidy -e and then updated the test to match what I'm seeing in the go.mod file.

Surprisingly though, the test is still failing complaining that the line isn't present.

So now I'm unclear if the test is wrong somehow, or if there's some wrong code, or what. I'm hesitant to "fix" the test to something that doesn't match the output from when I manually ran the steps.

Anyone else want to take a stab at it?

expect(updater.updated_go_mod_content).to include(
%(github.com/googleapis/gnostic v0.5.1\n)
)
end
end
end
Expand Down Expand Up @@ -338,7 +349,8 @@

before do
allow(Open3).to receive(:capture3).and_call_original
allow(Open3).to receive(:capture3).with(anything, "go get -d").and_return(["", stderr, exit_status])
cmd = "go get -d github.com/spf13/[email protected]"
allow(Open3).to receive(:capture3).with(anything, cmd).and_return(["", stderr, exit_status])
end

it { expect { subject }.to raise_error(Dependabot::DependencyFileNotResolvable, /The remote end hung up/) }
Expand Down
4 changes: 3 additions & 1 deletion go_modules/spec/dependabot/go_modules/file_updater_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,9 +104,11 @@ module declares its path as: go.etcd.io/bbolt
before do
exit_status = double(success?: false)
allow(Open3).to receive(:capture3).and_call_original
allow(Open3).to receive(:capture3).with(anything, "go get -d").and_return(["", stderr, exit_status])
cmd = "go get -d github.com/etcd-io/[email protected]"
allow(Open3).to receive(:capture3).with(anything, cmd).and_return(["", stderr, exit_status])
end

# This is failing and I'm not sure why...
it "raises a helpful error" do
expect { updated_files }.to raise_error(Dependabot::GoModulePathMismatch)
end
Expand Down