Added triggering of dependabot via changing the dependabot.yml change

Author: marcingrzejszczak

src/main/java/io/micrometer/release/common/GradleParser.java

@@ -86,7 +86,7 @@ else if (line.isEmpty() || line.isBlank()) {
         return dependencies;
     }
 
-    static String extractVersion(String line) {
+    private static String extractVersion(String line) {
         if (line == null || line.trim().isEmpty()) {
             return null;
         }
@@ -112,7 +112,7 @@ public List<String> dependenciesLines(List<String> gradleCommand) {
     }
 
     public List<String> projectLines() {
-        return processRunner.runSilently("./gradlew", "projects");
+        return processRunner.runSilently(List.of("./gradlew", "projects"));
     }
 
 }

src/main/java/io/micrometer/release/train/DependencyVerifier.java

@@ -22,11 +22,14 @@
 import org.slf4j.LoggerFactory;
 
 import java.io.File;
+import java.nio.file.Files;
+import java.nio.file.Path;
 import java.time.ZonedDateTime;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
 import java.util.concurrent.TimeUnit;
+import java.util.stream.Collectors;
 
 import static java.time.format.DateTimeFormatter.RFC_1123_DATE_TIME;
 
@@ -63,19 +66,25 @@ class DependencyVerifier {
     }
 
     void verifyDependencies(String branch, String orgRepository) {
-        cloneRepo(branch, orgRepository);
-        GradleParser gradleParser = getGradleParser(branch);
+        File clonedRepo = cloneRepo(branch, orgRepository);
+        GradleParser gradleParser = getGradleParser(clonedRepo);
         log.info("Fetching all dependencies before dependabot...");
-        Set<Dependency> dependenciesBeforeDependabot = gradleParser.fetchAllDependencies();
-        Status status = dependabotUpdateStatus(orgRepository);
+        Set<Dependency> dependenciesBeforeDependabot = micrometerOnly(gradleParser.fetchAllDependencies());
+        Status status = dependabotUpdateStatus(clonedRepo, orgRepository);
         pullTheLatestRepoChanges();
-        Set<Dependency> dependenciesAfterDependabot = gradleParser.fetchAllDependencies();
+        Set<Dependency> dependenciesAfterDependabot = micrometerOnly(gradleParser.fetchAllDependencies());
         Set<Dependency> diff = new HashSet<>(dependenciesAfterDependabot);
         diff.removeAll(dependenciesBeforeDependabot);
         log.info("Dependency diff {}", diff);
         assertDependencyDiff(status, diff);
     }
 
+    private Set<Dependency> micrometerOnly(Set<Dependency> dependencies) {
+        return dependencies.stream()
+            .filter(dependency -> dependency.group().equalsIgnoreCase("io.micrometer"))
+            .collect(Collectors.toSet());
+    }
+
     private void assertDependencyDiff(Status status, Set<Dependency> diff) {
         if (status == Status.NO_PRS) {
             log.info("There were no dependabot PRs, the dependency diff should have no differences");
@@ -94,27 +103,31 @@ private void assertDependencyDiff(Status status, Set<Dependency> diff) {
         }
     }
 
-    private Status dependabotUpdateStatus(String orgRepository) {
+    private Status dependabotUpdateStatus(File clonedRepo, String orgRepository) {
         String githubServerTime = getGitHubServerTime();
-        triggerDependabotCheck(orgRepository);
-        log.info("Waiting {} {} for PRs to be created...", initialWait, timeUnit);
-        sleep(initialWait);
-        return waitForDependabotUpdates(githubServerTime);
+        triggerDependabotCheck(clonedRepo);
+        waitForDependabotJobsToFinish(orgRepository, githubServerTime);
+        return waitForDependabotPrsToFinish(githubServerTime);
     }
 
-    private GradleParser getGradleParser(String branch) {
-        ProcessRunner branchProcessRunner = new ProcessRunner(null, new File(branch));
+    private GradleParser getGradleParser(File branch) {
+        ProcessRunner branchProcessRunner = new ProcessRunner(null, branch);
         return gradleParser(branchProcessRunner);
     }
 
     GradleParser gradleParser(ProcessRunner branchProcessRunner) {
         return new GradleParser(branchProcessRunner);
     }
 
-    private void cloneRepo(String branch, String orgRepository) {
+    private File cloneRepo(String branch, String orgRepository) {
         log.info("Cloning out {} branch to folder {}", branch, branch);
         processRunner.run("git", "clone", "-b", branch, "--single-branch",
                 "https://github.com/" + orgRepository + ".git", branch);
+        return clonedDir(branch);
+    }
+
+    File clonedDir(String branch) {
+        return new File(branch);
     }
 
     private void pullTheLatestRepoChanges() {
@@ -150,14 +163,71 @@ private String getGitHubServerTime() {
         return serverTime;
     }
 
-    private void triggerDependabotCheck(String orgRepository) {
+    private void triggerDependabotCheck(File clonedRepo) {
         log.info("Will trigger a Dependabot check...");
-        processRunner.run("gh", "api", "/repos/" + orgRepository + "/dispatches", "-X", "POST", "-F",
-                "event_type=check-dependencies");
+        try {
+            String filePath = ".github/dependabot.yml";
+            Path path = new File(clonedRepo, filePath).toPath();
+            String fileContent = Files.readString(path);
+            String triggerComment = "# Triggering dependabot";
+            boolean hasComment = fileContent.trim().endsWith(triggerComment);
+            if (hasComment) {
+                fileContent = fileContent.substring(0, fileContent.lastIndexOf(triggerComment)).trim() + "\n";
+                log.info("Removed trigger comment from dependabot.yml");
+            }
+            else {
+                fileContent = fileContent.trim() + "\n" + triggerComment + "\n";
+                log.info("Added trigger comment to dependabot.yml");
+            }
+            Files.writeString(path, fileContent);
+            processRunner.run("git", "add", filePath);
+            processRunner.run("git", "commit", "-m",
+                    "ci: " + (hasComment ? "Remove" : "Add") + " dependabot trigger comment");
+            processRunner.run("git", "push");
+        }
+        catch (Exception e) {
+            log.error("Failed to modify dependabot.yml", e);
+            throw new IllegalStateException("Failed to trigger Dependabot check", e);
+        }
         log.info("Triggered Dependabot check");
     }
 
-    private Status waitForDependabotUpdates(String githubServerTime) {
+    private void waitForDependabotJobsToFinish(String orgRepository, String githubServerTime) {
+        log.info("Waiting {} {} for Dependabot jobs to be created...", initialWait, timeUnit);
+        sleep(initialWait);
+        log.info("Waiting for Dependabot jobs to finish...");
+        List<String> ids = processRunner.run("gh", "workflow", "list", "-R", orgRepository, "--json", "id,name", "--jq",
+                ".[] | select(.name==\"Dependabot Updates\") | .id");
+        if (ids.isEmpty()) {
+            throw new IllegalStateException("Could not find dependabot updates");
+        }
+        String id = ids.get(0);
+        long startTime = System.currentTimeMillis();
+        long timeoutMillis = timeUnit.toMillis(timeout / 2);
+        while (System.currentTimeMillis() - startTime < timeoutMillis) {
+            List<String> statuses = processRunner.run("gh", "run", "list", "--workflow=" + id, "-R", orgRepository,
+                    "--created=\">" + githubServerTime + "\"", "--json", "--jq", "'.[].status");
+            if (statuses.isEmpty()) {
+                log.info("No dependabot jobs found");
+            }
+            else {
+                log.info("Found {} Dependabot jobs", statuses.size());
+                boolean allCompleted = statuses.stream().allMatch(s -> s.equalsIgnoreCase("completed"));
+                if (allCompleted) {
+                    log.info("All dependabot jobs completed");
+                    return;
+                }
+            }
+            log.info("Not all Dependabot jobs processed, will try again...");
+            sleep(waitBetweenRuns);
+        }
+        log.error("Failed! Dependabot jobs not processed within the provided timeout");
+        throw new IllegalStateException("Timeout waiting for Dependabot jobs to complete");
+    }
+
+    private Status waitForDependabotPrsToFinish(String githubServerTime) {
+        log.info("Waiting {} {} for Dependabot PRs to be created...", initialWait, timeUnit);
+        sleep(initialWait);
         long startTime = System.currentTimeMillis();
         long timeoutMillis = timeUnit.toMillis(timeout);
         while (System.currentTimeMillis() - startTime < timeoutMillis) {

src/test/java/io/micrometer/release/common/GradleParserTests.java

@@ -0,0 +1,66 @@
+/**
+ * Copyright 2025 the original author or authors.
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ * <p>
+ * https://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package io.micrometer.release.common;
+
+import static org.assertj.core.api.BDDAssertions.then;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+
+import java.util.List;
+import java.util.Set;
+import org.junit.jupiter.api.Test;
+
+class GradleParserTests {
+
+    ProcessRunner runner = mock();
+
+    GradleParser gradleParser = new GradleParser(runner) {
+        @Override
+        public List<String> dependenciesLines(List<String> gradleCommand) {
+            return TestGradleParser.dependenciesFromFile();
+        }
+
+        @Override
+        public List<String> projectLines() {
+            return TestGradleParser.projectLinesFromFile();
+        }
+    };
+
+    @Test
+    void should_fetch_dependencies() {
+        Set<Dependency> dependencies = gradleParser.fetchAllDependencies();
+
+        then(dependencies).hasSize(176);
+        List<Dependency> micrometerDeps = dependencies.stream()
+            .filter(dependency -> dependency.group().equalsIgnoreCase("io.micrometer"))
+            .toList();
+        then(micrometerDeps).hasSize(1);
+        then(micrometerDeps.get(0)).isEqualTo(new Dependency("io.micrometer", "context-propagation", "1.1.1", false));
+    }
+
+    @Test
+    void should_run_dependencies() {
+        new GradleParser(runner).dependenciesLines(List.of("foo", "bar"));
+
+        verify(runner).runSilently(List.of("foo", "bar"));
+    }
+
+    @Test
+    void should_run_project_lines() {
+        new GradleParser(runner).projectLines();
+
+        verify(runner).runSilently(List.of("./gradlew", "projects"));
+    }
+
+}

src/test/java/io/micrometer/release/common/TestGradleParser.java

@@ -1,17 +1,15 @@
 /**
  * Copyright 2025 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ * <p>
  * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
  */
 package io.micrometer.release.common;
 
@@ -24,7 +22,7 @@
 
 public class TestGradleParser extends GradleParser {
 
-    private static List<String> expectedGradleCommand = List.of("./gradlew", "concurrency-tests:dependencies",
+    static List<String> expectedGradleCommand = List.of("./gradlew", "concurrency-tests:dependencies",
             "docs:dependencies", "micrometer-benchmarks-core:dependencies", "micrometer-bom:dependencies",
             "micrometer-commons:dependencies", "micrometer-core:dependencies", "micrometer-jakarta9:dependencies",
             "micrometer-java11:dependencies", "micrometer-jetty11:dependencies", "micrometer-jetty12:dependencies",
@@ -55,7 +53,15 @@ public TestGradleParser() {
 
     @Override
     public List<String> projectLines() {
-        URL resource = TestGradleParser.class.getResource("/gradle/projects_output.txt");
+        return projectLinesFromFile();
+    }
+
+    static List<String> projectLinesFromFile() {
+        return textFromFile("/gradle/projects_output.txt");
+    }
+
+    private static List<String> textFromFile(String name) {
+        URL resource = TestGradleParser.class.getResource(name);
         try {
             return Files.readAllLines(new File(resource.toURI()).toPath());
         }
@@ -67,13 +73,11 @@ public List<String> projectLines() {
     @Override
     public List<String> dependenciesLines(List<String> gradleCommand) {
         then(gradleCommand).isEqualTo(expectedGradleCommand);
-        URL resource = TestGradleParser.class.getResource("/gradle/dependencies_output.txt");
-        try {
-            return Files.readAllLines(new File(resource.toURI()).toPath());
-        }
-        catch (Exception e) {
-            throw new RuntimeException(e);
-        }
+        return dependenciesFromFile();
+    }
+
+    static List<String> dependenciesFromFile() {
+        return textFromFile("/gradle/dependencies_output.txt");
     }
 
 }

src/test/java/io/micrometer/release/single/MilestoneUpdaterTests.java

@@ -15,15 +15,14 @@
  */
 package io.micrometer.release.single;
 
-import static org.mockito.BDDMockito.given;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.verify;
-
 import io.micrometer.release.common.ProcessRunner;
+import org.junit.jupiter.api.Test;
 
 import java.util.List;
 
-import org.junit.jupiter.api.Test;
+import static org.mockito.BDDMockito.given;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
 
 class MilestoneUpdaterTests {
 
@@ -43,4 +42,14 @@ void should_call_gh_api_to_close_a_milestone() {
                 "-f", "state=closed");
     }
 
+    @Test
+    void should_update_milestones() {
+        MilestoneMigrator migrator = mock();
+        MilestoneUpdater milestoneUpdater = new MilestoneUpdater(null, null, migrator);
+
+        milestoneUpdater.updateMilestones("v1.2.3");
+
+        verify(migrator).migrateMilestones("v1.2.3");
+    }
+
 }