Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GitBucket API Insufficient for Dependabot Script #3409

Open
3 tasks done
iamjpotts opened this issue Oct 29, 2023 · 2 comments
Open
3 tasks done

GitBucket API Insufficient for Dependabot Script #3409

iamjpotts opened this issue Oct 29, 2023 · 2 comments
Labels
APIv3 GitHub compatible API

Comments

@iamjpotts
Copy link

iamjpotts commented Oct 29, 2023
edited

Before submitting an issue to GitBucket I have first:

Issue

Impacted version: 4.40 and earlier

Deployment mode: Docker container, with an Nginx reverse proxy for TLS termination (TLS required by Dependabot client)

Issue: GitBucket API support is insufficient to use Dependabot to automatically create PRs for dependency upgrades

  1. Using Docker Compose or individual containers, start GitBucket, and start Nginx (or any other TLS terminating reverse proxy) to accept an https connection and proxy it to GitBucket.
  2. In GitBucket, in the Profile of root, under Applications, create a new token
  3. In GitBucket, create a new repository
  4. Clone that repository, and add a project to it with a stale dependency
  5. Run dependabot-script with GITHUB_ENTERPRISE_HOSTNAME set to the DNS name of the TLS terminating reverse proxy, and with GITHUB_ENTERPRISE_ACCESS_TOKEN set to the value from the previous step, and with PROJECT_PATH and PACKAGE_MANAGER set
  6. Observe in the log for the GitBucket the entry WARN g.c.c.a.ApiGitReferenceControllerBase - git/refs/ endpoint may not be compatible with GitHub API v3. Consider using git/ref/ endpoint instead
  7. Observe in the log for dependabot-script the entry dependabot-script/.bundle/gems/octokit-5.2.0/lib/octokit/response/raise_error.rb:14:in on_complete: POST https://somedomain.local/api/v3/repos/root/testing/git/trees: 404 - Not Found (Octokit::NotFound)

The dependabot script has failed due to a missing API in GitBucket.
@takezoe takezoe added the APIv3 GitHub compatible API label Nov 12, 2023
@takezoe
Copy link
Member

takezoe commented Nov 12, 2023
edited

In short, Create a tree API (POST /api/v3/repos/<user>/<repo>/git/trees) needs to be implemented to support dependabot?

@iamjpotts
Copy link
Author

In short, Create a tree API (POST /api/v3/repos/<user>/<repo>/git/trees) needs to be implemented to support dependabot?

Yes, at a minimum (I'm inferring that from the error). I don't know what other APIs would be required, if any. I suspect there would be more.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
APIv3 GitHub compatible API
Milestone
No milestone
Development

No branches or pull requests
2 participants
@takezoe @iamjpotts