Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for Swift package manager #7525

Merged
merged 7 commits into from
Jul 25, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .github/labeler.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,3 +45,6 @@

"L: terraform":
- terraform/**/*

"L: swift":
- swift/**/*
9 changes: 9 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,8 @@ jobs:
- { path: python, name: python, ci_node_total: 2, ci_node_index: 1, ecosystem: pip }
- { path: python, name: python_slow, ci_node_total: 2, ci_node_index: 0, ecosystem: pip }
- { path: python, name: python_slow, ci_node_total: 2, ci_node_index: 1, ecosystem: pip }
- { path: swift, name: swift, ci_node_total: 2, ci_node_index: 0, ecosystem: swift }
- { path: swift, name: swift, ci_node_total: 2, ci_node_index: 1, ecosystem: swift }
- { path: terraform, name: terraform, ecosystem: terraform }

steps:
Expand Down Expand Up @@ -164,6 +166,13 @@ jobs:
- 'omnibus/**'
- 'python/**'
- '.github/workflows/ci.yml'
swift:
- Dockerfile.updater-core
- 'common/**'
- 'updater/Gemfil*'
- 'omnibus/**'
- 'swift/**'
- '.github/workflows/ci.yml'
terraform:
- Dockerfile.updater-core
- 'common/**'
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/images-branch.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ jobs:
- { name: nuget, ecosystem: nuget }
- { name: pub, ecosystem: pub }
- { name: python, ecosystem: pip }
- { name: swift, ecosystem: swift }
- { name: terraform, ecosystem: terraform }
permissions:
contents: read
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/images-latest.yml
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ jobs:
- { name: nuget, ecosystem: nuget }
- { name: pub, ecosystem: pub }
- { name: python, ecosystem: pip }
- { name: swift, ecosystem: swift }
- { name: terraform, ecosystem: terraform }
env:
COMMIT_SHA: ${{ github.sha }}
Expand Down
7 changes: 7 additions & 0 deletions .github/workflows/smoke.yml
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ jobs:
- { path: python, name: pipenv, ecosystem: pip}
- { path: python, name: pip-compile, ecosystem: pip }
- { path: python, name: poetry, ecosystem: pip }
- { path: swift, name: swift, ecosystem: swift }
- { path: terraform, name: terraform, ecosystem: terraform }
steps:
- uses: actions/checkout@v3
Expand Down Expand Up @@ -212,6 +213,12 @@ jobs:
- 'common/**'
- 'updater/**'
- 'git_submodules/**'
swift:
- .github/workflows/smoke.yml
- Dockerfile.updater-core
- 'common/**'
- 'updater/**'
- 'swift/**'
terraform:
- .github/workflows/smoke.yml
- Dockerfile.updater-core
Expand Down
1 change: 1 addition & 0 deletions Dockerfile.development
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@ COPY --chown=dependabot:dependabot npm_and_yarn/Gemfile npm_and_yarn/dependabot-
COPY --chown=dependabot:dependabot nuget/Gemfile nuget/dependabot-nuget.gemspec ${CODE_DIR}/nuget/
COPY --chown=dependabot:dependabot python/Gemfile python/dependabot-python.gemspec ${CODE_DIR}/python/
COPY --chown=dependabot:dependabot pub/Gemfile pub/dependabot-pub.gemspec ${CODE_DIR}/pub/
COPY --chown=dependabot:dependabot swift/Gemfile swift/dependabot-swift.gemspec ${CODE_DIR}/swift/
COPY --chown=dependabot:dependabot terraform/Gemfile terraform/dependabot-terraform.gemspec ${CODE_DIR}/terraform/

# Prepare the updater project
Expand Down
3 changes: 2 additions & 1 deletion Dockerfile.updater-core
Original file line number Diff line number Diff line change
Expand Up @@ -79,10 +79,11 @@ COPY --chown=dependabot:dependabot npm_and_yarn/Gemfile npm_and_yarn/dependabot-
COPY --chown=dependabot:dependabot nuget/Gemfile nuget/dependabot-nuget.gemspec nuget/
COPY --chown=dependabot:dependabot pub/Gemfile pub/dependabot-pub.gemspec pub/
COPY --chown=dependabot:dependabot python/Gemfile python/dependabot-python.gemspec python/
COPY --chown=dependabot:dependabot swift/Gemfile swift/dependabot-swift.gemspec swift/
COPY --chown=dependabot:dependabot terraform/Gemfile terraform/dependabot-terraform.gemspec terraform/

# prevent having all the source in every ecosystem image
RUN for ecosystem in git_submodules terraform github_actions hex elm docker nuget maven gradle cargo composer go_modules python pub npm_and_yarn bundler; do \
RUN for ecosystem in git_submodules terraform github_actions hex elm docker nuget maven gradle cargo composer go_modules python pub npm_and_yarn bundler swift; do \
mkdir -p $ecosystem/lib/dependabot; \
touch $ecosystem/lib/dependabot/$ecosystem.rb; \
done
Expand Down
1 change: 1 addition & 0 deletions Rakefile
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ GEMSPECS = %w(
python/dependabot-python.gemspec
pub/dependabot-pub.gemspec
omnibus/dependabot-omnibus.gemspec
swift/dependabot-swift.gemspec
).freeze

def run_command(command)
Expand Down
6 changes: 6 additions & 0 deletions bin/docker-dev-shell
Original file line number Diff line number Diff line change
Expand Up @@ -226,6 +226,12 @@ docker run --rm -ti \
-v "$(pwd)/python/lib:$CODE_DIR/python/lib" \
-v "$(pwd)/python/script:$CODE_DIR/python/script" \
-v "$(pwd)/python/spec:$CODE_DIR/python/spec" \
-v "$(pwd)/swift/.rubocop.yml:$CODE_DIR/swift/.rubocop.yml" \
-v "$(pwd)/swift/Gemfile:$CODE_DIR/swift/Gemfile" \
-v "$(pwd)/swift/dependabot-swift.gemspec:$CODE_DIR/swift/dependabot-swift.gemspec" \
-v "$(pwd)/swift/lib:$CODE_DIR/swift/lib" \
-v "$(pwd)/swift/script:$CODE_DIR/swift/script" \
-v "$(pwd)/swift/spec:$CODE_DIR/swift/spec" \
-v "$(pwd)/terraform/.rubocop.yml:$CODE_DIR/terraform/.rubocop.yml" \
-v "$(pwd)/terraform/Gemfile:$CODE_DIR/terraform/Gemfile" \
-v "$(pwd)/terraform/dependabot-terraform.gemspec:$CODE_DIR/terraform/dependabot-terraform.gemspec" \
Expand Down
3 changes: 3 additions & 0 deletions bin/dry-run.rb
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
# - docker
# - terraform
# - pub
# - swift

# rubocop:disable Style/GlobalVars

Expand Down Expand Up @@ -62,6 +63,7 @@
$LOAD_PATH << "./nuget/lib"
$LOAD_PATH << "./python/lib"
$LOAD_PATH << "./pub/lib"
$LOAD_PATH << "./swift/lib"
$LOAD_PATH << "./terraform/lib"

require "bundler"
Expand Down Expand Up @@ -100,6 +102,7 @@
require "dependabot/nuget"
require "dependabot/python"
require "dependabot/pub"
require "dependabot/swift"
require "dependabot/terraform"

# GitHub credentials with write permission to the repo you want to update
Expand Down
1 change: 1 addition & 0 deletions common/lib/dependabot/config/file.rb
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@ def self.parse(config)
"npm" => "npm_and_yarn",
"pip" => "pip",
"pub" => "pub",
"swift" => "swift",
"terraform" => "terraform"
}.freeze

Expand Down
1 change: 1 addition & 0 deletions omnibus/Gemfile
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ gemspec path: "../npm_and_yarn"
gemspec path: "../nuget"
gemspec path: "../pub"
gemspec path: "../python"
gemspec path: "../swift"
gemspec path: "../terraform"

# Visual Studio Code integration
Expand Down
1 change: 1 addition & 0 deletions omnibus/dependabot-omnibus.gemspec
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ Gem::Specification.new do |spec|
spec.add_dependency "dependabot-nuget", Dependabot::VERSION
spec.add_dependency "dependabot-pub", Dependabot::VERSION
spec.add_dependency "dependabot-python", Dependabot::VERSION
spec.add_dependency "dependabot-swift", Dependabot::VERSION
spec.add_dependency "dependabot-terraform", Dependabot::VERSION

common_gemspec.development_dependencies.each do |dep|
Expand Down
1 change: 1 addition & 0 deletions omnibus/lib/dependabot/omnibus.rb
Original file line number Diff line number Diff line change
Expand Up @@ -16,3 +16,4 @@
require "dependabot/npm_and_yarn"
require "dependabot/bundler"
require "dependabot/pub"
require "dependabot/swift"
1 change: 1 addition & 0 deletions script/dependabot
Original file line number Diff line number Diff line change
Expand Up @@ -21,5 +21,6 @@ dependabot \
-v "$(pwd)"/nuget:/home/dependabot/nuget \
-v "$(pwd)"/pub:/home/dependabot/pub \
-v "$(pwd)"/python:/home/dependabot/python \
-v "$(pwd)"/swift:/home/dependabot/swift \
-v "$(pwd)"/terraform:/home/dependabot/terraform \
"$@"
5 changes: 5 additions & 0 deletions swift/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
/.bundle/
/.env
/tmp
/dependabot-*.gem
Gemfile.lock
1 change: 1 addition & 0 deletions swift/.rubocop.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
inherit_from: ../omnibus/.rubocop.yml
44 changes: 44 additions & 0 deletions swift/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
FROM ghcr.io/dependabot/dependabot-updater-core
ARG TARGETARCH

ENV PATH="${PATH}:/opt/swift/usr/bin"

# OS dependencies
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
binutils \
libc6-dev \
libcurl4 \
libedit2 \
libgcc-9-dev \
libpython2.7 \
libsqlite3-0 \
libstdc++-9-dev \
libxml2 \
libz3-dev \
pkg-config \
tzdata \
uuid-dev \
jakecoffman marked this conversation as resolved.
Show resolved Hide resolved
&& rm -rf /var/lib/apt/lists/*

USER dependabot

# https://www.swift.org/download/
ARG SWIFT_VERSION=5.8.1
ARG SWIFT_UBUNTU_VERSION=ubuntu20.04

RUN if [ "$TARGETARCH" = "arm64" ]; then SWIFT_UBUNTU_VERSION="${SWIFT_UBUNTU_VERSION}-aarch64"; fi \
&& SWIFT_SHORT_UBUNTU_VERSION=$(echo $SWIFT_UBUNTU_VERSION | tr -d .) \
&& SWIFT_TARBALL="swift-${SWIFT_VERSION}-RELEASE-${SWIFT_UBUNTU_VERSION}.tar.gz" \
&& DOWNLOAD_URL=https://download.swift.org/swift-${SWIFT_VERSION}-release/${SWIFT_SHORT_UBUNTU_VERSION}/swift-${SWIFT_VERSION}-RELEASE/${SWIFT_TARBALL} \
&& curl --connect-timeout 15 --retry 5 "${DOWNLOAD_URL}" > "/tmp/${SWIFT_TARBALL}" \
&& curl --connect-timeout 15 --retry 5 "${DOWNLOAD_URL}.sig" > "/tmp/${SWIFT_TARBALL}.sig" \
&& sh -c 'curl --connect-timeout 15 --retry 5 https://www.swift.org/keys/all-keys.asc | gpg --import -' \
&& gpg --keyserver hkp://keyserver.ubuntu.com --refresh-keys Swift \
&& gpg --verify /tmp/${SWIFT_TARBALL}.sig \
&& mkdir /opt/swift \
&& tar -C /opt/swift -xzf /tmp/${SWIFT_TARBALL} --strip-components 1

COPY --chown=dependabot:dependabot swift $DEPENDABOT_HOME/swift
COPY --chown=dependabot:dependabot common $DEPENDABOT_HOME/common
COPY --chown=dependabot:dependabot updater $DEPENDABOT_HOME/dependabot-updater
7 changes: 7 additions & 0 deletions swift/Gemfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
# frozen_string_literal: true

source "https://rubygems.org"

gem "dependabot-common", path: "../common"

gemspec
18 changes: 18 additions & 0 deletions swift/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
## `dependabot-swift`

Swift Package Manager support for [`dependabot-core`][core-repo].

### Running locally

1. Start a development shell

```
$ bin/docker-dev-shell swift
```

2. Run tests
```
[dependabot-core-dev] ~/dependabot-core $ cd swift && rspec
```

[core-repo]: https://github.com/dependabot/dependabot-core
35 changes: 35 additions & 0 deletions swift/dependabot-swift.gemspec
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
# frozen_string_literal: true

Gem::Specification.new do |spec|
common_gemspec =
Bundler.load_gemspec_uncached("../common/dependabot-common.gemspec")

spec.name = "dependabot-swift"
spec.summary = "Provides Dependabot support for Swift"
spec.description = "Dependabot-Swift provides support for bumping Swift packages via Dependabot. " \
"If you want support for multiple package managers, you probably want the meta-gem " \
"dependabot-omnibus."

spec.author = common_gemspec.author
spec.email = common_gemspec.email
spec.homepage = common_gemspec.homepage
spec.license = common_gemspec.license

spec.metadata = {
"bug_tracker_uri" => common_gemspec.metadata["bug_tracker_uri"],
"changelog_uri" => common_gemspec.metadata["changelog_uri"]
}

spec.version = common_gemspec.version
spec.required_ruby_version = common_gemspec.required_ruby_version
spec.required_rubygems_version = common_gemspec.required_ruby_version

spec.require_path = "lib"
spec.files = Dir["lib/**/*"]

spec.add_dependency "dependabot-common", Dependabot::VERSION

common_gemspec.development_dependencies.each do |dep|
spec.add_development_dependency dep.name, *dep.requirement.as_list
end
end
22 changes: 22 additions & 0 deletions swift/lib/dependabot/swift.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# frozen_string_literal: true

# These all need to be required so the various classes can be registered in a
# lookup table of package manager names to concrete classes.
require "dependabot/swift/file_fetcher"
require "dependabot/swift/file_parser"
require "dependabot/swift/update_checker"
require "dependabot/swift/file_updater"
require "dependabot/swift/metadata_finder"
require "dependabot/swift/requirement"
require "dependabot/swift/version"

require "dependabot/pull_request_creator/labeler"
Dependabot::PullRequestCreator::Labeler.
register_label_details("swift", name: "swift_package_manager", colour: "F05138")

require "dependabot/dependency"
Dependabot::Dependency.
register_production_check("swift", ->(_) { true })

require "dependabot/utils"
Dependabot::Utils.register_always_clone("swift")
50 changes: 50 additions & 0 deletions swift/lib/dependabot/swift/file_fetcher.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
# frozen_string_literal: true

require "dependabot/file_fetchers"
require "dependabot/file_fetchers/base"

module Dependabot
module Swift
class FileFetcher < Dependabot::FileFetchers::Base
def self.required_files_in?(filenames)
filenames.include?("Package.swift")
end

def self.required_files_message
"Repo must contain a Package.swift configuration file."
end

private

def fetch_files
check_required_files_present

fetched_files = []
fetched_files << package_manifest
fetched_files << package_resolved if package_resolved
fetched_files
end

def package_manifest
@package_manifest ||= fetch_file_from_host("Package.swift")
end

def package_resolved
return @package_resolved if defined?(@package_resolved)

@package_resolved = fetch_file_if_present("Package.resolved")
end

def check_required_files_present
return if package_manifest

path = Pathname.new(File.join(directory, "Package.swift")).
cleanpath.to_path
raise Dependabot::DependencyFileNotFound, path
end
end
end
end

Dependabot::FileFetchers.
register("swift", Dependabot::Swift::FileFetcher)
Loading
Loading