package main import ( "bytes" "context" "encoding/json" "errors" "flag" "fmt" "io" "net/http" "os" "os/exec" "os/user" "path/filepath" "strings" "text/template" "time" "git.unistack.org/unistack-org/pkgdash/internal/configcli" "git.unistack.org/unistack-org/pkgdash/internal/modules" "git.unistack.org/unistack-org/pkgdash/internal/source" "github.com/go-git/go-git/v5" gitconfig "github.com/go-git/go-git/v5/config" "github.com/go-git/go-git/v5/plumbing" "github.com/go-git/go-git/v5/plumbing/object" httpauth "github.com/go-git/go-git/v5/plumbing/transport/http" "github.com/jdx/go-netrc" yamlcodec "go.unistack.org/micro-codec-yaml/v4" envconfig "go.unistack.org/micro-config-env/v4" fileconfig "go.unistack.org/micro-config-file/v4" microflag "go.unistack.org/micro-config-flag/v4" "go.unistack.org/micro/v4/config" "go.unistack.org/micro/v4/logger" "go.unistack.org/micro/v4/logger/slog" "go.unistack.org/micro/v4/options" "golang.org/x/mod/modfile" "golang.org/x/mod/semver" ) // https://docs.github.com/ru/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file var initMsg = ` Pkgdashcli allows you to define a version update for a dependency and start merge requests in version control systems. Usage: pkgdashcli --command {{command}} --path {{name of dep}} Commands: checkupdate | CheckUpdate collects a list of dependencies with the latest updates. list | Returns a list of PR for this repository with update dependencies. update --path {{name of one dep or empty for update all dep}} | Creates a PR with the specified dependency update in path or creates a PR with dependency updates for all modules if path is empty. close --path {{name of one dep or empty for close all pr}} | Closes the PR for the specified dependency or closes all PRs with dependency updates if path is empty . Flags: --command | The command to execute --path | The name of the module to create/close the PR, if empty, the command is executed for all modules. ` var ( DefaultPullRequestTitle = `Bump {{.Name}} from {{.VersionOld}} to {{.VersionNew}}` DefaultPullRequestBody = `Bumps {{.Name}} from {{.VersionOld}} to {{.VersionNew}}` ) var ( configFiles = []string{ "dependabot.yml", "pkgdashcli.yml", "pkgdashcli.yaml", } configDirs = []string{ ".gitea", ".github", ".gitlab", } repoMgmt = map[string]string{ ".gitea": "gitea", ".gogs": "gogs", ".github": "github", ".gitlab": "gitlab", } repoAPI = map[string]string{ ".gitea": "git.unistack.org", ".gogs": "gogs", ".github": "github.com/unistack-org", ".gitlab": "gitlab.mtsbank.ru", } ) type Data struct { Modules map[string]modules.Update } func main() { var err error ctx, cancel := context.WithCancel(context.Background()) defer cancel() logger.DefaultLogger = slog.NewLogger() if err = logger.DefaultLogger.Init(logger.WithCallerSkipCount(3), logger.WithLevel(logger.DebugLevel)); err != nil { logger.Error(ctx, fmt.Sprintf("logger init error: %v", err)) } cfg := configcli.NewConfig() if err = config.Load(ctx, []config.Config{ config.NewConfig( config.Struct(cfg), ), envconfig.NewConfig( config.Struct(cfg), ), }, config.LoadOverride(true), ); err != nil { logger.Fatal(ctx, fmt.Sprintf("failed to load config: %v", err)) } for _, configDir := range configDirs { for _, configFile := range configFiles { path := filepath.Join(configDir, configFile) if _, err = os.Stat(path); os.IsNotExist(err) { continue } c := fileconfig.NewConfig( config.AllowFail(false), config.Struct(cfg), options.Codec(yamlcodec.NewCodec()), fileconfig.Path(path), ) err = c.Init() if err != nil { logger.Error(ctx, fmt.Sprintf("failed to init config: %v", err)) } if err = c.Load(ctx, config.LoadOverride(true)); err != nil { logger.Error(ctx, fmt.Sprintf("failed to load config: %v", err)) } } } if cfg.PullRequestBody == "" { cfg.PullRequestBody = DefaultPullRequestBody } if cfg.PullRequestTitle == "" { cfg.PullRequestTitle = DefaultPullRequestTitle } cliCfg := &configcli.Cli{} c := microflag.NewConfig(config.Struct(cliCfg), microflag.FlagErrorHandling(flag.ContinueOnError)) if err = c.Init(); err != nil { logger.Fatal(ctx, fmt.Sprintf("init cli cfg failed: %v", err)) } if err = c.Load(ctx); err != nil { logger.Fatal(ctx, fmt.Sprintf("load cli cfg failed: %v", err)) } if cliCfg.Path == "" && cliCfg.Command == "" { fmt.Print(initMsg) return } path := "." if len(os.Args) > 1 { path = os.Args[1] } name, err := modules.FindModFile(path) if err != nil { panic(err) } buf, err := os.ReadFile(name) if err != nil { panic(err) } mfile, err := modfile.Parse(name, buf, nil) if err != nil { panic(err) } mvs := make(map[string]modules.Update) updateOptions := modules.UpdateOptions{ Pre: cfg.UpdateOpt.Pre, Major: cfg.UpdateOpt.Major, UpMajor: cfg.UpdateOpt.UpMajor, Cached: cfg.UpdateOpt.Cached, OnUpdate: func(u modules.Update) { var modpath string // new mod path with major if u.Err != nil { logger.Error(ctx, fmt.Sprintf("%s: failed: %v", u.Module.Path, u.Err)) return } modpath = u.Module.Path v := semver.Major(u.Version) p := modules.ModPrefix(modpath) if !strings.HasPrefix(u.Module.Version, v) && v != "v1" && v != "v0" { switch strings.HasPrefix(u.Module.Path, "gopkg.in") { case true: modpath = p + "." + v case false: modpath = p + "/" + v } } mvs[modpath] = u }, } for _, req := range mfile.Require { updateOptions.Modules = append(updateOptions.Modules, req.Mod) } modules.Updates(updateOptions) if err = getRepoMgmt(ctx, cfg); err != nil { // Filling in empty config fields. logger.Error(ctx, err.Error()) } gitSource := source.NewSourceControl(*cfg) Execute(ctx, gitSource, mvs, *cliCfg, *cfg) logger.Info(ctx, "Pkgdash successfully updated dependencies") } func Execute(ctx context.Context, gitSource source.SourceControl, mvs map[string]modules.Update, cliCfg configcli.Cli, cfg configcli.Config) { var mod modules.Update var ok bool var path string prList := make(map[string]map[string]string) switch cliCfg.Command { case "checkupdate": js, err := json.Marshal(mvs) fmt.Println(fmt.Sprintf(`Modules get update: %s, %s`, js, err)) case "update": if cliCfg.Path != "" { // update one dep path = cliCfg.Path if mod, ok = mvs[path]; !ok { logger.Fatal(ctx, fmt.Sprintf("For %s update not exist", path)) } logger.Debugf(ctx, fmt.Sprintf("Start update %s from %s to %s", path, mod.Module.Version, mod.Version)) for _, branch := range cfg.Branches { if err := gitSource.RequestOpen(ctx, branch, path, mod); err != nil { logger.Fatal(ctx, fmt.Sprintf("failed to create pr: %v", err)) } } logger.Debugf(ctx, fmt.Sprintf("Update successful for %s", path)) } for _, branch := range cfg.Branches { // update all dep for path, mod = range mvs { logger.Debugf(ctx, fmt.Sprintf("Start update %s from %s to %s", path, mod.Module.Version, mod.Version)) err := gitSource.RequestOpen(ctx, branch, path, mod) if err != nil { logger.Fatal(ctx, fmt.Sprintf("failed to create pr: %v", err)) } logger.Debugf(ctx, fmt.Sprintf("Update successful for %s", path)) } } case "close": if cliCfg.Path != "" { // close one dep path = cliCfg.Path logger.Debugf(ctx, fmt.Sprintf("Start close for %s", path)) for _, branch := range cfg.Branches { if err := gitSource.RequestClose(ctx, branch, path); err != nil { logger.Fatal(ctx, fmt.Sprintf("failed to close pr: %v", err)) } } logger.Debugf(ctx, fmt.Sprintf("Close successful for %s", path)) return } for _, branch := range cfg.Branches { logger.Info(ctx, fmt.Sprintf("Start getting pr for %s", branch)) rMap, err := gitSource.RequestList(ctx, branch) if err != nil { logger.Fatal(ctx, fmt.Sprintf("Error with getting pr list for branch: %s", branch)) } logger.Info(ctx, fmt.Sprintf("for %s:\n%s", branch, rMap)) logger.Info(ctx, fmt.Sprintf("Start close pr for base branch %s", branch)) for path, _ = range rMap { logger.Debugf(ctx, fmt.Sprintf("Start close for %s", path)) if err = gitSource.RequestClose(ctx, branch, path); err != nil { logger.Fatal(ctx, fmt.Sprintf("failed to close pr: %v", err)) } logger.Debugf(ctx, fmt.Sprintf("Close successful for %s", path)) } } case "list": for _, branch := range cfg.Branches { rMap, err := gitSource.RequestList(ctx, branch) if err != nil { logger.Fatal(ctx, fmt.Sprintf("RequestList: error %s", err)) } prList[branch] = rMap } js, err := json.Marshal(prList) if err != nil { logger.Error(ctx, fmt.Sprintf("error: %s", err)) } fmt.Println(fmt.Sprintf("for %s:\n%s", cfg.Source.Repository, js)) default: fmt.Print(initMsg) } } func getRepoMgmt(ctx context.Context, cfg *configcli.Config) error { wd, err := os.Getwd() if err != nil { return err } p := filepath.Clean(wd) for _, configDir := range configDirs { _, err := os.Stat(filepath.Join(p, configDir)) if name, ok := repoMgmt[configDir]; ok && cfg.Source.TypeGit == "" && err == nil { cfg.Source.TypeGit = name } if api, ok := repoAPI[configDir]; ok && cfg.Source.APIURL == "" && err == nil { cfg.Source.APIURL = api } } if p == "/" && cfg.Source.TypeGit == "" && cfg.Source.APIURL == "" { return fmt.Errorf("unknown") } p = filepath.Clean(filepath.Join(p, "..")) usr, err := user.Current() if err != nil { logger.Fatal(ctx, fmt.Sprintf("pkgdash/main can t get info about user: %s", err)) } n, err := netrc.Parse(filepath.Join(usr.HomeDir, ".netrc")) if err != nil { logger.Error(ctx, "pkgdash/main can t parse .netrc: %s", err) } if cfg.Source.Owner == "" { cfg.Source.Owner = n.Machine(cfg.Source.APIURL).Get("login") } if cfg.Source.Token == "" { cfg.Source.Token = n.Machine(cfg.Source.APIURL).Get("password") } return nil } func giteaPullRequest(ctx context.Context, cfg *configcli.Config, branch string, mods map[string]modules.Update) error { envAPIURL := os.Getenv("GITHUB_API_URL") envREPOSITORY := os.Getenv("GITHUB_REPOSITORY") envTOKEN := os.Getenv("GITHUB_TOKEN") var buf []byte var err error tplTitle, err := template.New("pull_request_title").Parse(cfg.PullRequestTitle) if err != nil { logger.Fatal(ctx, "failed to parse template: %v", err) } wTitle := bytes.NewBuffer(nil) tplBody, err := template.New("pull_request_body").Parse(cfg.PullRequestBody) if err != nil { logger.Fatal(ctx, "failed to parse template: %v", err) } wBody := bytes.NewBuffer(nil) repo, err := git.PlainOpenWithOptions(".", &git.PlainOpenOptions{DetectDotGit: true}) if err != nil { logger.Fatal(ctx, "failed to open repo: %v", err) } if err = repo.FetchContext(ctx, &git.FetchOptions{ Auth: &httpauth.BasicAuth{Username: envTOKEN, Password: envTOKEN}, Force: true, }); err != nil && err != git.NoErrAlreadyUpToDate { logger.Fatal(ctx, "failed to fetch repo: %v", err) } var headRef *plumbing.Reference refIter, err := repo.Branches() if err != nil { logger.Fatal(ctx, "failed to get branches: %v", err) } for { ref, err := refIter.Next() if err != nil { break } if ref.Name().String() == branch { headRef = ref break } } refIter.Close() if headRef == nil { logger.Fatal(ctx, "failed to get repo branch head") } logger.Info(ctx, "repo head %s", headRef) wtree, err := repo.Worktree() if err != nil { logger.Fatal(ctx, "failed to get worktree: %v", err) } type giteaPull struct { URL string `json:"url"` Title string `json:"title"` Base struct { Ref string `json:"ref"` } `json:"base"` ID int64 `json:"id"` } var pulls []*giteaPull req, err := http.NewRequestWithContext(ctx, http.MethodGet, envAPIURL+"/repos/"+envREPOSITORY+"/pulls?state=open&token="+envTOKEN, nil) if err != nil { return err } req.Header.Add("Accept", "application/json") req.Header.Add("Content-Type", "application/json") rsp, err := http.DefaultClient.Do(req) if err != nil { return err } buf, _ = io.ReadAll(rsp.Body) if rsp.StatusCode != http.StatusOK { return fmt.Errorf("unknown error: %s", buf) } if err = json.Unmarshal(buf, &pulls); err != nil { logger.Fatal(ctx, "failed to decode response %s err: %v", buf, err) } for path := range mods { for _, pull := range pulls { if strings.Contains(pull.Title, path) && pull.Base.Ref == branch { logger.Info(ctx, "skip %s as pr already exists %s", path, pull.URL) delete(mods, path) } } } for path, mod := range mods { wTitle.Reset() wBody.Reset() logger.Info(ctx, "update %s from %s to %s", path, mod.Module.Version, mod.Version) logger.Info(ctx, "reset worktree") if err = wtree.Reset(&git.ResetOptions{Mode: git.HardReset}); err != nil { logger.Fatal(ctx, "failed to reset repo branch: %v", err) } if err = wtree.PullContext(ctx, &git.PullOptions{ Auth: &httpauth.BasicAuth{Username: envTOKEN, Password: envTOKEN}, Depth: 1, // RemoteURL : Force: true, RemoteName: "origin", }); err != nil && err != git.NoErrAlreadyUpToDate { logger.Fatal(ctx, "failed to pull repo: %v", err) } logger.Info(ctx, "checkout ref %s", headRef) if err = wtree.Checkout(&git.CheckoutOptions{ Hash: headRef.Hash(), Branch: plumbing.NewBranchReferenceName(fmt.Sprintf("pkgdash/go_modules/%s-%s", path, mod.Version)), Create: true, Force: true, }); err != nil { logger.Fatal(ctx, "failed to checkout tree: %v", err) } epath, err := exec.LookPath("go") if errors.Is(err, exec.ErrDot) { err = nil } if err != nil { logger.Fatal(ctx, "failed to find go command: %v", err) } var cmd *exec.Cmd var out []byte cmd = exec.CommandContext(ctx, epath, "mod", "edit", fmt.Sprintf("-require=%s@%s", path, mod.Version)) if out, err = cmd.CombinedOutput(); err != nil { logger.Fatal(ctx, "failed to run go mod edit: %s err: %v", out, err) } cmd = exec.CommandContext(ctx, epath, "mod", "tidy") if out, err = cmd.CombinedOutput(); err != nil { logger.Fatal(ctx, "failed to run go mod tidy: %s err: %v", out, err) } logger.Info(ctx, "worktree add go.mod") if _, err = wtree.Add("go.mod"); err != nil { logger.Fatal(ctx, "failed to add file: %v", err) } logger.Info(ctx, "worktree add go.sum") if _, err = wtree.Add("go.sum"); err != nil { logger.Fatal(ctx, "failed to add file: %v", err) } logger.Info(ctx, "worktree commit") _, err = wtree.Commit(wTitle.String(), &git.CommitOptions{ Parents: []plumbing.Hash{headRef.Hash()}, Author: &object.Signature{ Name: "gitea-actions", Email: "info@unistack.org", When: time.Now(), }, }) if err != nil { logger.Fatal(ctx, "failed to commit: %v", err) } // newref := plumbing.NewHashReference(plumbing.ReferenceName(fmt.Sprintf("refs/heads/pkgdash/go_modules/%s-%s", path, mod.Version)), headRef.Hash()) /* if err = repo.Storer.SetReference(newref); err != nil { logger.Fatal(ctx, "failed to create repo branch: %v", err) } */ refspec := gitconfig.RefSpec(fmt.Sprintf("+refs/heads/pkgdash/go_modules/%s-%s:refs/heads/pkgdash/go_modules/%s-%s", path, mod.Version, path, mod.Version)) logger.Info(ctx, "try to push refspec %s", refspec) if err = repo.PushContext(ctx, &git.PushOptions{ RefSpecs: []gitconfig.RefSpec{refspec}, Auth: &httpauth.BasicAuth{Username: envTOKEN, Password: envTOKEN}, Force: true, }); err != nil { logger.Fatal(ctx, "failed to push repo branch: %v", err) } data := map[string]string{ "Name": path, "VersionOld": mod.Module.Version, "VersionNew": mod.Version, } if err = tplTitle.Execute(wTitle, data); err != nil { logger.Fatal(ctx, "failed to execute template: %v", err) } if err = tplBody.Execute(wBody, data); err != nil { logger.Fatal(ctx, "failed to execute template: %v", err) } body := map[string]string{ "base": branch, "body": wBody.String(), "head": fmt.Sprintf("pkgdash/go_modules/%s-%s", path, mod.Version), "title": wTitle.String(), } logger.Info(ctx, "raw body: %#+v", body) buf, err = json.Marshal(body) if err != nil { return err } logger.Info(ctx, "marshal body: %s", buf) req, err := http.NewRequestWithContext(ctx, http.MethodPost, envAPIURL+"/repos/"+envREPOSITORY+"/pulls?token="+envTOKEN, bytes.NewReader(buf)) if err != nil { return err } req.Header.Add("Accept", "application/json") req.Header.Add("Content-Type", "application/json") rsp, err := http.DefaultClient.Do(req) if err != nil { return err } if rsp.StatusCode != http.StatusCreated { buf, _ = io.ReadAll(rsp.Body) return fmt.Errorf("unknown error: %s", buf) } } return nil }