feat(bundler): Use centralized docker execution (#5058)

Co-authored-by: Rhys Arkins <rhys@arkins.net>

feat(bundler): Use centralized docker execution (#5058)
8c62f436 · Sergio Zharinov · GitHub · 6bf18be2 · 8c62f436 · 8c62f436
Unverified Commit 8c62f436 authored Jan 29, 2020 by Sergio Zharinov Committed by GitHub Jan 29, 2020
--- a/lib/manager/bundler/artifacts.ts
+++ b/lib/manager/bundler/artifacts.ts
-import { outputFile, readFile } from 'fs-extra';
+import {
-import { join, dirname } from 'upath';
+  getSiblingFileName,
-import { exec } from '../../util/exec';
+  readLocalFile,
-import { getChildProcessEnv } from '../../util/exec/env';
+  writeLocalFile,
+} from '../../util/fs';
+import { exec, ExecOptions } from '../../util/exec';
 import { logger } from '../../logger';
 import { getPkgReleases } from '../../datasource/docker';
 import {
@@ -16,43 +18,23 @@ import {
  BUNDLER_INVALID_CREDENTIALS,
  BUNDLER_UNKNOWN_ERROR,
 } from '../../constants/error-messages';
-import { BinarySource } from '../../util/exec/common';
-export async function updateArtifacts({
+async function getRubyConstraint(
-  packageFileName,
+  updateArtifact: UpdateArtifact
-  updatedDeps,
+): Promise<string> {
-  newPackageFileContent,
+  const { packageFileName, config } = updateArtifact;
-  config,
+  const { compatibility = {} } = config;
-}: UpdateArtifact): Promise<UpdateArtifactsResult[] | null> {
+  const { ruby } = compatibility;
-  logger.debug(`bundler.updateArtifacts(${packageFileName})`);
-  // istanbul ignore if
-  if (global.repoCache.bundlerArtifactsError) {
-    logger.info('Aborting Bundler artifacts due to previous failed attempt');
-    throw new Error(global.repoCache.bundlerArtifactsError);
-  }
-  const lockFileName = packageFileName + '.lock';
-  const existingLockFileContent = await platform.getFile(lockFileName);
-  if (!existingLockFileContent) {
-    logger.debug('No Gemfile.lock found');
-    return null;
-  }
-  const cwd = join(config.localDir, dirname(packageFileName));
-  try {
-    const localPackageFileName = join(config.localDir, packageFileName);
-    await outputFile(localPackageFileName, newPackageFileContent);
-    const localLockFileName = join(config.localDir, lockFileName);
-    const env = getChildProcessEnv();
-    let cmd;
-    if (config.binarySource === BinarySource.Docker) {
-      logger.info('Running bundler via docker');
-      let tag = 'latest';
  let rubyConstraint: string;
-      if (config && config.compatibility && config.compatibility.ruby) {
+  if (ruby) {
    logger.debug('Using rubyConstraint from config');
-        rubyConstraint = config.compatibility.ruby;
+    rubyConstraint = ruby;
  } else {
-        const rubyVersionFile = join(dirname(packageFileName), '.ruby-version');
+    const rubyVersionFile = getSiblingFileName(
-        logger.debug('Checking ' + rubyVersionFile);
+      packageFileName,
+      '.ruby-version'
+    );
    const rubyVersionFileContent = await platform.getFile(rubyVersionFile);
    if (rubyVersionFileContent) {
      logger.debug('Using ruby version specified in .ruby-version');
@@ -62,76 +44,106 @@ export async function updateArtifacts({
        .trim();
    }
  }
-      if (rubyConstraint && isValid(rubyConstraint)) {
+  return rubyConstraint;
-        logger.debug({ rubyConstraint }, 'Found ruby compatibility');
+}
+async function getDockerTag(updateArtifact: UpdateArtifact): Promise<string> {
+  const constraint = await getRubyConstraint(updateArtifact);
+  if (!constraint) {
+    logger.debug('No ruby version constraint found, so using latest');
+    return 'latest';
+  }
+  if (!isValid(constraint)) {
+    logger.warn({ constraint }, 'Invalid ruby version constraint');
+    return 'latest';
+  }
+  logger.debug(
+    { constraint },
+    'Found ruby version constraint - checking for a compatible renovate/ruby image to use'
+  );
  const rubyReleases = await getPkgReleases({
    lookupName: 'renovate/ruby',
  });
+  // istanbul ignore else
  if (rubyReleases && rubyReleases.releases) {
    let versions = rubyReleases.releases.map(release => release.version);
-          versions = versions.filter(version => isVersion(version));
+    versions = versions.filter(
-          versions = versions.filter(version =>
+      version => isVersion(version) && matches(version, constraint)
-            matches(version, rubyConstraint)
    );
    versions = versions.sort(sortVersions);
    if (versions.length) {
-            tag = versions.pop();
+      const rubyVersion = versions.pop();
+      logger.debug(
+        { constraint, rubyVersion },
+        'Found compatible ruby version'
+      );
+      return rubyVersion;
    }
+  } else {
+    logger.error('No renovate/ruby releases found');
+    return 'latest';
  }
-        if (tag === 'latest') {
  logger.warn(
-            { rubyConstraint },
+    { constraint },
    'Failed to find a tag satisfying ruby constraint, using latest ruby image instead'
  );
+  return 'latest';
 }
+export async function updateArtifacts(
+  updateArtifact: UpdateArtifact
+): Promise<UpdateArtifactsResult[] | null> {
+  const {
+    packageFileName,
+    updatedDeps,
+    newPackageFileContent,
+    config,
+  } = updateArtifact;
+  const { compatibility = {} } = config;
+  logger.debug(`bundler.updateArtifacts(${packageFileName})`);
+  // istanbul ignore if
+  if (global.repoCache.bundlerArtifactsError) {
+    logger.info('Aborting Bundler artifacts due to previous failed attempt');
+    throw new Error(global.repoCache.bundlerArtifactsError);
  }
-      const bundlerConstraint =
+  const lockFileName = `${packageFileName}.lock`;
-        config && config.compatibility && config.compatibility.bundler
+  const existingLockFileContent = await platform.getFile(lockFileName);
-          ? config.compatibility.bundler
+  if (!existingLockFileContent) {
-          : undefined;
+    logger.debug('No Gemfile.lock found');
-      let bundlerVersion = '';
+    return null;
-      if (bundlerConstraint && isVersion(bundlerConstraint)) {
-        bundlerVersion = ' -v ' + bundlerConstraint;
-      }
-      cmd = `docker run --rm `;
-      if (config.dockerUser) {
-        cmd += `--user=${config.dockerUser} `;
-      }
-      const volumes = [config.localDir];
-      cmd += volumes.map(v => `-v "${v}":"${v}" `).join('');
-      cmd += `-w "${cwd}" `;
-      cmd += `renovate/ruby:${tag} bash -l -c "ruby --version && `;
-      cmd += 'gem install bundler' + bundlerVersion + ' --no-document';
-      cmd += ' && bundle';
-    } else if (
-      config.binarySource === BinarySource.Auto ||
-      config.binarySource === BinarySource.Global
-    ) {
-      logger.info('Running bundler via global bundler');
-      cmd = 'bundle';
-    } else {
-      logger.warn({ config }, 'Unsupported binarySource');
-      cmd = 'bundle';
-    }
-    cmd += ` lock --update ${updatedDeps.join(' ')}`;
-    if (cmd.includes('bash -l -c "')) {
-      cmd += '"';
  }
-    logger.debug({ cmd }, 'bundler command');
+  try {
-    await exec(cmd, {
+    await writeLocalFile(packageFileName, newPackageFileContent);
-      cwd,
-      env,
+    const cmd = `bundle lock --update ${updatedDeps.join(' ')}`;
-    });
+    const { bundler } = compatibility;
+    const bundlerVersion = bundler && isValid(bundler) ? ` -v ${bundler}` : '';
+    const preCommands = [
+      'ruby --version',
+      `gem install bundler${bundlerVersion} --no-document`,
+    ];
+    const execOptions: ExecOptions = {
+      docker: {
+        image: 'renovate/ruby',
+        tag: await getDockerTag(updateArtifact),
+        preCommands,
+      },
+    };
+    await exec(cmd, execOptions);
    const status = await platform.getRepoStatus();
    if (!status.modified.includes(lockFileName)) {
      return null;
    }
    logger.debug('Returning updated Gemfile.lock');
+    const lockFileContent = await readLocalFile(lockFileName);
    return [
      {
        file: {
          name: lockFileName,
-          contents: await readFile(localLockFileName, 'utf8'),
+          contents: lockFileContent,
        },
      },
    ];

--- a/test/manager/bundler/__snapshots__/artifacts.spec.ts.snap
+++ b/test/manager/bundler/__snapshots__/artifacts.spec.ts.snap
@@ -14,7 +14,13 @@ Array [
 exports[`bundler.updateArtifacts() Docker .ruby-version 2`] = `
 Array [
  Object {
-    "cmd": "docker run --rm -v \\"/tmp/github/some/repo\\":\\"/tmp/github/some/repo\\" -w \\"/tmp/github/some/repo\\" renovate/ruby:1.2.0 bash -l -c \\"ruby --version && gem install bundler --no-document && bundle lock --update \\"",
+    "cmd": "docker pull renovate/ruby:1.2.0",
+    "options": Object {
+      "encoding": "utf-8",
+    },
+  },
+  Object {
+    "cmd": "docker run --rm --user=foobar -v \\"/tmp/github/some/repo\\":\\"/tmp/github/some/repo\\" -w \\"/tmp/github/some/repo\\" renovate/ruby:1.2.0 bash -l -c \\"ruby --version && gem install bundler --no-document && bundle lock --update foo bar\\"",
    "options": Object {
      "cwd": "/tmp/github/some/repo",
      "encoding": "utf-8",
@@ -46,7 +52,51 @@ Array [
 exports[`bundler.updateArtifacts() Docker compatibility options 2`] = `
 Array [
  Object {
-    "cmd": "docker run --rm --user=foobar -v \\"/tmp/github/some/repo\\":\\"/tmp/github/some/repo\\" -w \\"/tmp/github/some/repo\\" renovate/ruby:latest bash -l -c \\"ruby --version && gem install bundler -v 3.2.1 --no-document && bundle lock --update \\"",
+    "cmd": "docker pull renovate/ruby:latest",
+    "options": Object {
+      "encoding": "utf-8",
+    },
+  },
+  Object {
+    "cmd": "docker run --rm --user=foobar -v \\"/tmp/github/some/repo\\":\\"/tmp/github/some/repo\\" -w \\"/tmp/github/some/repo\\" renovate/ruby:latest bash -l -c \\"ruby --version && gem install bundler -v 3.2.1 --no-document && bundle lock --update foo bar\\"",
+    "options": Object {
+      "cwd": "/tmp/github/some/repo",
+      "encoding": "utf-8",
+      "env": Object {
+        "HOME": "/home/user",
+        "HTTPS_PROXY": "https://example.com",
+        "HTTP_PROXY": "http://example.com",
+        "LANG": "en_US.UTF-8",
+        "LC_ALL": "en_US",
+        "NO_PROXY": "localhost",
+        "PATH": "/tmp/path",
+      },
+    },
+  },
+]
+`;
+exports[`bundler.updateArtifacts() Docker invalid compatibility options 1`] = `
+Array [
+  Object {
+    "file": Object {
+      "contents": "Updated Gemfile.lock",
+      "name": "Gemfile.lock",
+    },
+  },
+]
+`;
+exports[`bundler.updateArtifacts() Docker invalid compatibility options 2`] = `
+Array [
+  Object {
+    "cmd": "docker pull renovate/ruby:latest",
+    "options": Object {
+      "encoding": "utf-8",
+    },
+  },
+  Object {
+    "cmd": "docker run --rm --user=foobar -v \\"/tmp/github/some/repo\\":\\"/tmp/github/some/repo\\" -w \\"/tmp/github/some/repo\\" renovate/ruby:latest bash -l -c \\"ruby --version && gem install bundler --no-document && bundle lock --update foo bar\\"",
    "options": Object {
      "cwd": "/tmp/github/some/repo",
      "encoding": "utf-8",
@@ -69,7 +119,7 @@ exports[`bundler.updateArtifacts() returns null if Gemfile.lock was not changed
 exports[`bundler.updateArtifacts() returns null if Gemfile.lock was not changed 2`] = `
 Array [
  Object {
-    "cmd": "bundle lock --update ",
+    "cmd": "bundle lock --update foo bar",
    "options": Object {
      "cwd": "/tmp/github/some/repo",
      "encoding": "utf-8",
@@ -101,7 +151,7 @@ Array [
 exports[`bundler.updateArtifacts() works explicit global binarySource 2`] = `
 Array [
  Object {
-    "cmd": "bundle lock --update ",
+    "cmd": "bundle lock --update foo bar",
    "options": Object {
      "cwd": "/tmp/github/some/repo",
      "encoding": "utf-8",
@@ -133,7 +183,7 @@ Array [
 exports[`bundler.updateArtifacts() works for default binarySource 2`] = `
 Array [
  Object {
-    "cmd": "bundle lock --update ",
+    "cmd": "bundle lock --update foo bar",
    "options": Object {
      "cwd": "/tmp/github/some/repo",
      "encoding": "utf-8",

--- a/test/manager/bundler/artifacts.spec.ts
+++ b/test/manager/bundler/artifacts.spec.ts
+import { join } from 'upath';
 import _fs from 'fs-extra';
 import { exec as _exec } from 'child_process';
 import Git from 'simple-git/promise';
@@ -8,6 +9,8 @@ import { mocked } from '../../util';
 import { envMock, mockExecAll } from '../../execUtil';
 import * as _env from '../../../lib/util/exec/env';
 import { BinarySource } from '../../../lib/util/exec/common';
+import { setUtilConfig } from '../../../lib/util';
+import { resetPrefetchedImages } from '../../../lib/util/exec/docker';
 const fs: jest.Mocked<typeof _fs> = _fs as any;
 const exec: jest.Mock<typeof _exec> = _exec as any;
@@ -29,16 +32,20 @@ describe('bundler.updateArtifacts()', () => {
    jest.resetModules();
    config = {
-      localDir: '/tmp/github/some/repo',
+      // `join` fixes Windows CI
+      localDir: join('/tmp/github/some/repo'),
+      dockerUser: 'foobar',
    };
    env.getChildProcessEnv.mockReturnValue(envMock.basic);
+    resetPrefetchedImages();
+    setUtilConfig(config);
  });
  it('returns null by default', async () => {
    expect(
      await updateArtifacts({
        packageFileName: '',
-        updatedDeps: [],
+        updatedDeps: ['foo', 'bar'],
        newPackageFileContent: '',
        config,
      })
@@ -55,7 +62,7 @@ describe('bundler.updateArtifacts()', () => {
    expect(
      await updateArtifacts({
        packageFileName: 'Gemfile',
-        updatedDeps: [],
+        updatedDeps: ['foo', 'bar'],
        newPackageFileContent: 'Updated Gemfile content',
        config,
      })
@@ -73,7 +80,7 @@ describe('bundler.updateArtifacts()', () => {
    expect(
      await updateArtifacts({
        packageFileName: 'Gemfile',
-        updatedDeps: [],
+        updatedDeps: ['foo', 'bar'],
        newPackageFileContent: 'Updated Gemfile content',
        config,
      })
@@ -91,7 +98,7 @@ describe('bundler.updateArtifacts()', () => {
    expect(
      await updateArtifacts({
        packageFileName: 'Gemfile',
-        updatedDeps: [],
+        updatedDeps: ['foo', 'bar'],
        newPackageFileContent: 'Updated Gemfile content',
        config: {
          ...config,
@@ -102,6 +109,9 @@ describe('bundler.updateArtifacts()', () => {
    expect(execSnapshots).toMatchSnapshot();
  });
  describe('Docker', () => {
+    beforeEach(() => {
+      setUtilConfig({ ...config, binarySource: BinarySource.Docker });
+    });
    it('.ruby-version', async () => {
      platform.getFile.mockResolvedValueOnce('Current Gemfile.lock');
      fs.outputFile.mockResolvedValueOnce(null as never);
@@ -121,7 +131,7 @@ describe('bundler.updateArtifacts()', () => {
      expect(
        await updateArtifacts({
          packageFileName: 'Gemfile',
-          updatedDeps: [],
+          updatedDeps: ['foo', 'bar'],
          newPackageFileContent: 'Updated Gemfile content',
          config: {
            ...config,
@@ -149,7 +159,7 @@ describe('bundler.updateArtifacts()', () => {
      expect(
        await updateArtifacts({
          packageFileName: 'Gemfile',
-          updatedDeps: [],
+          updatedDeps: ['foo', 'bar'],
          newPackageFileContent: 'Updated Gemfile content',
          config: {
            ...config,
@@ -164,5 +174,38 @@ describe('bundler.updateArtifacts()', () => {
      ).toMatchSnapshot();
      expect(execSnapshots).toMatchSnapshot();
    });
+    it('invalid compatibility options', async () => {
+      platform.getFile.mockResolvedValueOnce('Current Gemfile.lock');
+      fs.outputFile.mockResolvedValueOnce(null as never);
+      datasource.getPkgReleases.mockResolvedValueOnce({
+        releases: [
+          { version: '1.0.0' },
+          { version: '1.2.0' },
+          { version: '1.3.0' },
+        ],
+      });
+      const execSnapshots = mockExecAll(exec);
+      platform.getRepoStatus.mockResolvedValueOnce({
+        modified: ['Gemfile.lock'],
+      } as Git.StatusResult);
+      fs.readFile.mockResolvedValueOnce('Updated Gemfile.lock' as any);
+      expect(
+        await updateArtifacts({
+          packageFileName: 'Gemfile',
+          updatedDeps: ['foo', 'bar'],
+          newPackageFileContent: 'Updated Gemfile content',
+          config: {
+            ...config,
+            binarySource: BinarySource.Docker,
+            dockerUser: 'foobar',
+            compatibility: {
+              ruby: 'foo',
+              bundler: 'bar',
+            },
+          },
+        })
+      ).toMatchSnapshot();
+      expect(execSnapshots).toMatchSnapshot();
+    });
  });
 });