Skip to content

Commit 531df6d

Browse files
marcingrzejszczakmarcingrzejszczak
committed
Added dependabot verification before running the relase process
1 parent c71489a commit 531df6d

10 files changed

+512
-108
lines changed

build.gradle

+1
Original file line numberDiff line numberDiff line change
@@ -157,6 +157,7 @@ pitest {
157157
testStrengthThreshold.set(85)
158158
mutationThreshold.set(75)
159159
setCoverageThreshold(80)
160+
excludedClasses.set(["io.micrometer.release.Main"])
160161

161162
testSourceSets = [sourceSets.test] // Only use the main test source set
162163
}

src/main/java/io/micrometer/release/single/ChangelogProcessor.java

+7-84
Original file line numberDiff line numberDiff line change
@@ -34,24 +34,22 @@ class ChangelogProcessor {
3434

3535
static final String OUTPUT_FILE = "changelog-output.md";
3636

37-
private final List<String> excludedDependencyScopes = List.of("testCompile", "testImplementation", "checkstyle",
38-
"runtime", "nohttp", "testRuntime", "optional");
39-
4037
private final File outputFile;
4138

42-
private final ProcessRunner processRunner;
39+
private final GradleParser gradleParser;
4340

4441
ChangelogProcessor(ProcessRunner processRunner) {
45-
this.processRunner = processRunner;
4642
this.outputFile = new File(OUTPUT_FILE);
43+
this.gradleParser = new GradleParser(processRunner);
4744
}
4845

49-
ChangelogProcessor(ProcessRunner processRunner, File changelogOutput) {
50-
this.processRunner = processRunner;
46+
ChangelogProcessor(File changelogOutput, GradleParser gradleParser) {
5147
this.outputFile = changelogOutput;
48+
this.gradleParser = gradleParser;
5249
}
5350

5451
File processChangelog(File changelog, File oldChangelog) throws Exception {
52+
log.info("Starting to process changelog...");
5553
Set<Dependency> dependencies = fetchAllDependencies();
5654
Set<Dependency> testOrOptional = dependencies.stream().filter(Dependency::toIgnore).collect(Collectors.toSet());
5755

@@ -92,87 +90,12 @@ File processChangelog(File changelog, File oldChangelog) throws Exception {
9290
writer.write("\n");
9391
}
9492
}
93+
log.info("Changelog processed");
9594
return outputFile;
9695
}
9796

9897
private Set<Dependency> fetchAllDependencies() {
99-
log.info("Fetching test and optional dependencies...");
100-
List<String> projectLines = projectLines();
101-
List<String> subprojects = projectLines.stream()
102-
.filter(line -> line.contains("Project") && line.contains(":") && line.contains("'"))
103-
.map(line -> line.substring(line.indexOf(":") + 1, line.lastIndexOf("'")).trim())
104-
.toList();
105-
106-
log.info("Subprojects: {}", subprojects);
107-
108-
Set<Dependency> dependencies = new HashSet<>();
109-
110-
if (!subprojects.isEmpty()) {
111-
List<String> gradleCommand = new ArrayList<>();
112-
gradleCommand.add("./gradlew");
113-
subprojects.forEach(subproject -> gradleCommand.add(subproject + ":dependencies"));
114-
115-
boolean testOrOptional = false;
116-
for (String line : dependenciesLines(gradleCommand)) {
117-
if (line.startsWith("+---") || line.startsWith("\\---")) {
118-
String[] parts = line.split("[: ]");
119-
String version = extractVersion(line);
120-
boolean finalTestOrOptional = testOrOptional;
121-
dependencies.stream()
122-
.filter(dependency -> dependency.group().equalsIgnoreCase(parts[1])
123-
&& dependency.artifact().equalsIgnoreCase(parts[2]))
124-
.findFirst()
125-
.ifPresentOrElse(dependency -> {
126-
log.debug("Dependency {} is already present in compile scope", parts[1] + ":" + parts[2]);
127-
if (dependency.toIgnore() && !finalTestOrOptional) {
128-
log.debug(
129-
"Dependency {} was previously set in test or compile scope and will be in favour of one in compile scope",
130-
dependency);
131-
dependencies.remove(dependency);
132-
dependencies.add(new Dependency(parts[1], parts[2], version, finalTestOrOptional));
133-
}
134-
}, () -> dependencies.add(new Dependency(parts[1], parts[2], version, finalTestOrOptional)));
135-
}
136-
else if (excludedDependencyScopes.stream()
137-
.anyMatch(string -> line.toLowerCase().contains(string.toLowerCase()))) {
138-
testOrOptional = true;
139-
}
140-
else if (line.isEmpty() || line.isBlank()) {
141-
testOrOptional = false;
142-
}
143-
}
144-
}
145-
146-
return dependencies;
147-
}
148-
149-
static String extractVersion(String line) {
150-
if (line == null || line.trim().isEmpty()) {
151-
return null;
152-
}
153-
if (line.contains("->")) {
154-
String[] parts = line.split("->");
155-
if (parts.length > 1) {
156-
return parts[1].trim().split("\\s+")[0];
157-
}
158-
return null;
159-
}
160-
String[] parts = line.split(":");
161-
if (parts.length < 2) {
162-
return null;
163-
}
164-
if (parts.length >= 3) {
165-
return parts[2].trim().split("\\s+")[0];
166-
}
167-
return null;
168-
}
169-
170-
List<String> dependenciesLines(List<String> gradleCommand) {
171-
return processRunner.runSilently(gradleCommand);
172-
}
173-
174-
List<String> projectLines() {
175-
return processRunner.runSilently("./gradlew", "projects");
98+
return gradleParser.fetchAllDependencies();
17699
}
177100

178101
private Collection<String> processDependencyUpgrades(Iterable<String> dependencyLines,

src/main/java/io/micrometer/release/single/DependencyVerifier.java

+167
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,167 @@
1+
/*
2+
* Copyright 2025 Broadcom.
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
*
8+
* https://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
package io.micrometer.release.single;
17+
18+
import static java.time.format.DateTimeFormatter.RFC_1123_DATE_TIME;
19+
20+
import io.micrometer.release.common.ProcessRunner;
21+
22+
import java.time.ZonedDateTime;
23+
24+
import org.slf4j.Logger;
25+
import org.slf4j.LoggerFactory;
26+
27+
import java.util.List;
28+
import java.util.concurrent.TimeUnit;
29+
30+
class DependencyVerifier {
31+
32+
private final Logger log = LoggerFactory.getLogger(DependencyVerifier.class);
33+
34+
private final ProcessRunner processRunner;
35+
36+
private final int initialWait;
37+
38+
private final int timeout;
39+
40+
private final int waitBetweenRuns;
41+
42+
private final TimeUnit timeUnit;
43+
44+
DependencyVerifier(ProcessRunner processRunner) {
45+
this.processRunner = processRunner;
46+
this.timeUnit = TimeUnit.SECONDS;
47+
this.initialWait = 15;
48+
this.timeout = 60 * 10;
49+
this.waitBetweenRuns = 30;
50+
}
51+
52+
// for tests
53+
DependencyVerifier(ProcessRunner processRunner, int initialWait, int timeout, int waitBetweenRuns,
54+
TimeUnit timeUnit) {
55+
this.processRunner = processRunner;
56+
this.initialWait = initialWait;
57+
this.timeout = timeout;
58+
this.waitBetweenRuns = waitBetweenRuns;
59+
this.timeUnit = timeUnit;
60+
}
61+
62+
boolean verifyDependencies(String orgRepository) {
63+
String githubServerTime = getGitHubServerTime();
64+
triggerDependabotCheck(orgRepository);
65+
log.info("Waiting {} {} for PRs to be created...", initialWait, timeUnit);
66+
sleep(initialWait);
67+
return waitForDependabotUpdates(githubServerTime);
68+
}
69+
70+
private void sleep(int timeoutToSleep) {
71+
if (timeoutToSleep <= 0) {
72+
log.warn("Timeout set to {} {}, won't wait, will continue...", timeoutToSleep, timeUnit);
73+
return;
74+
}
75+
try {
76+
Thread.sleep(timeUnit.toMillis(timeoutToSleep));
77+
}
78+
catch (InterruptedException e) {
79+
throw new IllegalStateException(e);
80+
}
81+
}
82+
83+
private String getGitHubServerTime() {
84+
log.info("Retrieving the GH server time...");
85+
List<String> response = processRunner.run("gh", "api", "/", "--include");
86+
String dateHeader = response.stream()
87+
.filter(line -> line.startsWith("Date:"))
88+
.findFirst()
89+
.orElseThrow(() -> new IllegalStateException("Could not get GitHub server time from response headers"));
90+
// Parse RFC 1123 date to ZonedDateTime and format as ISO-8601 (done by default by
91+
// dateTime.toInstant())
92+
ZonedDateTime dateTime = ZonedDateTime.parse(dateHeader.substring(5).trim(), RFC_1123_DATE_TIME);
93+
String serverTime = dateTime.toInstant().toString();
94+
log.info("GH server time: {}", serverTime);
95+
return serverTime;
96+
}
97+
98+
private void triggerDependabotCheck(String orgRepository) {
99+
log.info("Will trigger a Dependabot check...");
100+
processRunner.run("gh", "api", "/repos/" + orgRepository + "/dispatches", "-X", "POST", "-F",
101+
"event_type=check-dependencies");
102+
log.info("Triggered Dependabot check");
103+
}
104+
105+
private boolean waitForDependabotUpdates(String githubServerTime) {
106+
long startTime = System.currentTimeMillis();
107+
long timeoutMillis = timeUnit.toMillis(timeout);
108+
while (System.currentTimeMillis() - startTime < timeoutMillis) {
109+
List<String> openPRs = getOpenMicrometerDependabotPRs(githubServerTime);
110+
if (openPRs.isEmpty()) {
111+
log.info("No pending Micrometer updates");
112+
return true;
113+
}
114+
boolean allProcessed = true;
115+
for (String pr : openPRs) {
116+
if (!checkPRStatus(pr)) {
117+
allProcessed = false;
118+
}
119+
}
120+
if (allProcessed) {
121+
log.info("All Dependabot PRs processed");
122+
return true;
123+
}
124+
log.info("Not all PRs processed, will try again...");
125+
sleep(waitBetweenRuns);
126+
}
127+
log.error("Failed! PRs not processed within the provided timeout");
128+
throw new IllegalStateException("Timeout waiting for Dependabot updates");
129+
}
130+
131+
private List<String> getOpenMicrometerDependabotPRs(String githubServerTime) {
132+
log.info("Getting open Micrometer related dependabot PRs...");
133+
// Example response
134+
// 5954
135+
// 5948
136+
// 5772
137+
String result = String.join("\n",
138+
processRunner.run("gh", "pr", "list", "--search",
139+
String.format("is:open author:app/dependabot created:>=%s", githubServerTime), "--json",
140+
"number,title", "--jq", ".[] | select(.title | contains(\"io.micrometer\")) | .number"));
141+
List<String> prNumbers = result.lines().filter(line -> !line.trim().isEmpty()).toList();
142+
log.info("Got [{}] dependabot PRs related to micrometer", prNumbers.size());
143+
return prNumbers;
144+
}
145+
146+
private boolean checkPRStatus(String prNumber) {
147+
log.info("Will check PR status for PR with number [{}]...", prNumber);
148+
String status = String.join("\n", processRunner.run("gh", "pr", "view", prNumber, "--json",
149+
"mergeStateStatus,mergeable,state", "--jq", "[.mergeStateStatus, .state] | join(\",\")"));
150+
// BLOCKED,OPEN
151+
// CONFLICTING
152+
// CLOSED,MERGED
153+
if (status.contains("CONFLICTING")) {
154+
log.error("Failed! At least one PR is in CONFLICTING state");
155+
throw new IllegalStateException("PR #" + prNumber + " has conflicts");
156+
}
157+
boolean isCompleted = status.contains("CLOSED") || status.contains("MERGED");
158+
if (isCompleted) {
159+
log.info("PR #{} is completed", prNumber);
160+
}
161+
else {
162+
log.info("PR #{} status: {}", prNumber, status);
163+
}
164+
return isCompleted;
165+
}
166+
167+
}

0 commit comments

Comments
 (0)