forked from dependabot/dependabot-script
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcustom_nuget_native_helpers.rb
107 lines (87 loc) · 3.31 KB
/
custom_nuget_native_helpers.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
# frozen_string_literal: true
require "dependabot/nuget/native_helpers"
module Dependabot
module Nuget
module CustomNativeHelpers
extend T::Sig
sig do
params(
repo_root: String,
workspace_path: String,
output_path: String,
credentials: T::Array[Dependabot::Credential]
).void
end
def self.run_nuget_discover_tool(repo_root:, workspace_path:, output_path:, credentials:)
(command, fingerprint) = NativeHelpers.get_nuget_discover_tool_command(
repo_root: repo_root,
workspace_path: workspace_path,
output_path: output_path
)
env = get_env(credentials: credentials)
puts "running NuGet discovery:\n" + command
NuGetConfigCredentialHelpers.patch_nuget_config_for_action(credentials) do
output = SharedHelpers.run_shell_command(command, allow_unsafe_shell_command: true, env: env, fingerprint: fingerprint)
puts output
end
end
sig do
params(
job_path: String,
repo_root: String,
proj_path: String,
dependency: Dependency,
is_transitive: T::Boolean,
credentials: T::Array[Dependabot::Credential]
).void
end
def self.run_nuget_updater_tool(job_path:, repo_root:, proj_path:, dependency:, is_transitive:, credentials:)
(command, fingerprint) = NativeHelpers.get_nuget_updater_tool_command(
job_path: job_path, repo_root: repo_root,
proj_path: proj_path, dependency: dependency,
is_transitive: is_transitive,
result_output_path: update_result_file_path
)
env = get_env(credentials: credentials)
puts "running NuGet updater:\n" + command
NuGetConfigCredentialHelpers.patch_nuget_config_for_action(credentials) do
output = SharedHelpers.run_shell_command(
command,
allow_unsafe_shell_command: true,
fingerprint: fingerprint,
env: env
)
puts output
result_contents = File.read(update_result_file_path)
Dependabot.logger.info("update result: #{result_contents}")
result_json = T.let(JSON.parse(result_contents), T::Hash[String, T.untyped])
NativeHelpers.ensure_no_errors(result_json)
end
end
sig do
params(
credentials: T::Array[Dependabot::Credential]
).returns(T::Hash[String, String])
end
def self.get_env(credentials:)
nuget_credentials = credentials.select { |cred| cred["type"] == "nuget_feed" }
env = {}
if nuget_credentials.any?
endpoint_credentials = []
nuget_credentials.each do |c|
next unless c["token"]
exploded_token = T.must(c["token"]).split(":", 2)
next unless exploded_token.length == 2
username = exploded_token[0]
password = exploded_token[1]
endpoint_credentials << <<~NUGET_ENDPOINT_CREDENTIAL
{"endpoint":"#{c['url']}", "username":"#{username}", "password":"#{password}"}
NUGET_ENDPOINT_CREDENTIAL
end
env["VSS_NUGET_EXTERNAL_FEED_ENDPOINTS"] = "{\"endpointCredentials\": [#{endpoint_credentials.join(',')}]}"
end
env
end
end
end
end