1.25.2 breaks devops PR creation
lucasfijen opened this issue ยท 2 comments
Describe the bug
Hi, It seems like our pipeline broke as of the time of the last release of 1.25.2.
When adding the tag: dockerImageTag: 1.25.1
everything still works.
The pipeline seems to fail on the creation of a PR. which is also not created. This happens with the following error:
2024-01-22T15:06:13.1946711Z Status: Downloaded newer image for ghcr.io/tinglesoftware/dependabot-updater-pip:1.25
2024-01-22T15:06:15.4832710Z Using 'https://dev.azure.com:443/' as API endpoint
2024-01-22T15:06:15.4833325Z Working in REPONAMEHERE, 'default' branch under '/' directory
2024-01-22T15:06:15.4833739Z Cloning repository into /home/dependabot/dependabot-updater/tmp/REPOPATH
2024-01-22T15:06:16.9698034Z Found 1 dependency file(s) at commit COMMITID
2024-01-22T15:06:16.9703238Z - /requirements.txt
2024-01-22T15:06:16.9706907Z Parsing dependencies information
2024-01-22T15:06:20.2375933Z Found 2 dependencies
2024-01-22T15:06:20.2376493Z - detect-secrets (1.3.0)
2024-01-22T15:06:20.2376780Z - pre-commit (3.6.0)
2024-01-22T15:06:20.2390597Z ๐ --> GET https://dev.azure.com/DEVOPSNAME/_apis/connectionData
2024-01-22T15:06:20.3902878Z ๐ <-- 200 https://dev.azure.com/DEVOPSNAME/_apis/connectionData
2024-01-22T15:06:20.3910970Z ๐ --> GET https://dev.azure.com/DEVOPSNAME/TEAMNAME/_apis/git/repositories/ut_cicd_pipelines
2024-01-22T15:06:20.5110740Z ๐ <-- 200 https://dev.azure.com/DEVOPSNAME/TEAMNAME/_apis/git/repositories/REPONAME
2024-01-22T15:06:20.5117061Z ๐ --> GET https://dev.azure.com/DEVOPSNAME/TEAMNAME/_apis/git/repositories/REPONAME/pullrequests?api-version=6.0&searchCriteria.status=active&searchCriteria.creatorId=CREATORID&searchCriteria.targetRefName=refs/heads/main
2024-01-22T15:06:20.6709867Z ๐ <-- 200 https://dev.azure.com/DEVOPSNAME/TEAMNAME/_apis/git/repositories/REPONAME/pullrequests?api-version=6.0&searchCriteria.status=active&searchCriteria.creatorId=CREATORID&searchCriteria.targetRefName=refs/heads/main
2024-01-22T15:06:20.6710455Z Checking if detect-secrets 1.3.0 needs updating
2024-01-22T15:06:20.6718855Z ๐ --> GET https://pypi.org/simple/detect-secrets/
2024-01-22T15:06:20.7900546Z ๐ <-- 200 https://pypi.org/simple/detect-secrets/
2024-01-22T15:06:20.8088613Z ๐ --> GET https://pypi.org/simple/detect-secrets/
2024-01-22T15:06:20.9378454Z ๐ <-- 200 https://pypi.org/simple/detect-secrets/
2024-01-22T15:06:20.9512852Z Requirements to unlock own
2024-01-22T15:06:20.9513096Z Requirements update strategy bump_versions
2024-01-22T15:06:20.9513498Z Updating detect-secrets from 1.3.0 to 1.4.0
2024-01-22T15:06:20.9529388Z Submitting detect-secrets pull request for creation.
2024-01-22T15:06:20.9529875Z /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11214/lib/types/_types.rb:222:in `must': Passed `nil` into T.must (TypeError)
2024-01-22T15:06:20.9530388Z from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.241.0/lib/dependabot/pull_request_creator.rb:392:in `branch_namer'
2024-01-22T15:06:20.9530903Z from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11214/lib/types/private/methods/call_validation.rb:270:in `bind_call'
2024-01-22T15:06:20.9531985Z from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11214/lib/types/private/methods/call_validation.rb:270:in `validate_call'
2024-01-22T15:06:20.9532519Z from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11214/lib/types/private/methods/_methods.rb:272:in `block in _on_method_added'
2024-01-22T15:06:20.9533031Z from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.241.0/lib/dependabot/pull_request_creator.rb:305:in `azure_creator'
2024-01-22T15:06:20.9533538Z from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11214/lib/types/private/methods/call_validation.rb:270:in `bind_call'
2024-01-22T15:06:20.9534038Z from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11214/lib/types/private/methods/call_validation.rb:270:in `validate_call'
2024-01-22T15:06:20.9534566Z from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11214/lib/types/private/methods/_methods.rb:272:in `block in _on_method_added'
2024-01-22T15:06:20.9535084Z from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.241.0/lib/dependabot/pull_request_creator.rb:235:in `create'
2024-01-22T15:06:20.9535571Z from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11214/lib/types/private/methods/call_validation.rb:270:in `bind_call'
2024-01-22T15:06:20.9536085Z from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11214/lib/types/private/methods/call_validation.rb:270:in `validate_call'
2024-01-22T15:06:20.9536605Z from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11214/lib/types/private/methods/_methods.rb:272:in `block in _on_method_added'
2024-01-22T15:06:20.9536878Z from bin/update_script.rb:823:in `block in <main>'
2024-01-22T15:06:20.9537075Z from bin/update_script.rb:539:in `each'
2024-01-22T15:06:20.9537344Z from bin/update_script.rb:539:in `<main>'
2024-01-22T15:06:21.1507026Z ##[error]The process '/usr/bin/docker' failed with exit code 1
2024-01-22T15:06:21.1524854Z ##[section]Finishing: dependabot
To Reproduce
We have the following .azuredevops/dependabot.yml
:
version: 2
updates:
- package-ecosystem: "pip"
directory: "/"
schedule:
interval: daily
time: "06:00"
open-pull-requests-limit: 10
and the following cicd_dependabot,yml
trigger: none # Disable CI trigger
schedules:
- cron: '0 2 * * *' # daily at 2am UTC
always: true # run even when there are no code changes
branches:
include:
- main
batch: true
displayName: Daily
pool:
vmImage: 'ubuntu-latest' # requires macos or ubuntu (windows is not supported)
steps:
- task: AzureKeyVault@2
inputs: (REMOVED SECRET ETC PART)
- task: dependabot@1
inputs:
azureDevOpsAccessToken: $(SECRETNAME)
dockerImageTag: 1.25.1 # This line fixes it for now, without it, it fails with version 1.25.2
Expected behavior
A clear and concise description of what you expected to happen.
Screenshots
If applicable, add screenshots to help explain your problem.
Extension (please complete the following information):
- Host: Azure DevOps
- Version 1.25.2.621
Server (please complete the following information):
- Region: westeurope
Additional context
Add any other context about the problem here.
This is likely a regression brought by updating dependabot-[core|pip]
from 0.239.0
to 0.241.0
in #931 and #938.
Can you check through the changes in dependabot-core
at dependabot/dependabot-core@v0.239.0...v0.241.0
Maybe then you can find a fix?
I just realized that this is affecting all ecosystems. Thanks @lucasfijen for reporting it.
Rolled back in 552ebd9 and released in 1.25.3.