feat: extract class to publish pull requests

author: mo khan <mo@mokhan.ca> 2021-12-20 16:24:42 -0700
committer: mo khan <mo@mokhan.ca> 2021-12-20 16:24:42 -0700
commit: 045124ca82b01b4ef1e82f5f936ba922c8b18f4d (patch)
tree: 0f14aad15186db2cfc7ad16ebd73c9e4b32400bd
parent: 174c410913658c65123edfd691c756a707d6a31b (diff)
5 files changed, 100 insertions, 74 deletions
diff --git a/lib/dependabot.rb b/lib/dependabot.rb
index 3ab5c03..528a997 100644
--- a/lib/dependabot.rb
+++ b/lib/dependabot.rb
@@ -9,6 +9,7 @@ require "spandx"
 
 require_relative "dependabot/bundler/update"
 require_relative "dependabot/git"
+require_relative "dependabot/publish"
 require_relative "dependabot/tracer"
 require_relative "dependabot/version"
 
diff --git a/lib/dependabot/cli.rb b/lib/dependabot/cli.rb
index acafa01..80d01ad 100644
--- a/lib/dependabot/cli.rb
+++ b/lib/dependabot/cli.rb
@@ -7,7 +7,9 @@ require "dependabot/cli/scan"
 module Dependabot
   module CLI
     class Application < Thor
-      desc "scan [DIRECTORY]", "Scan a directory"
+      desc "scan [DIRECTORY | FILE]", "Scan a directory or file for dependencies to update"
+      method_option :push, aliases: "-p", type: :boolean, desc: "Push the update as a pull request. Default: --no-push", default: false
+      method_option :recursive, aliases: "-r", type: :boolean, desc: "Perform a recursive. Default: --no-recursive", default: false
       def scan(path = Pathname.pwd)
         ::Dependabot::CLI::Scan.new(path, options).run
       end
diff --git a/lib/dependabot/cli/scan.rb b/lib/dependabot/cli/scan.rb
index 7892482..4c29623 100644
--- a/lib/dependabot/cli/scan.rb
+++ b/lib/dependabot/cli/scan.rb
@@ -12,8 +12,7 @@ module Dependabot
 
       def run
         each_dependency do |dependency|
-          Dependabot.logger.debug("Updating #{dependency.name}…")
-          update!(dependency)
+          publish_update_for(dependency)
         end
       end
 
@@ -21,7 +20,7 @@ module Dependabot
 
       def each_file(&block)
         ::Spandx::Core::PathTraversal
-          .new(path, recursive: false)
+          .new(path, recursive: options[:recursive])
           .each(&block)
       end
 
@@ -31,74 +30,9 @@ module Dependabot
         end
       end
 
-      def update!(dependency)
-        git_for(dependency) do |git|
-          ::Spandx::Core::Plugin.enhance(dependency)
-          Dependabot.logger.debug(git.patch) unless git.patch.empty?
-        end
-      end
-
-      def branch_name_for(dependency)
-        "dependanot/#{dependency.package_manager}/#{dependency.name}"
-      end
-
-      def git_for(dependency, branch_name: branch_name_for(dependency))
-        git = ::Dependabot::Git.new(dependency.path.parent)
-        default_branch = git.repo.head.name
-        git.checkout(branch: branch_name)
-        yield git
-        git.commit(all: true, message: "chore: Update #{dependency.name}")
-        publish_pull_request_for(dependency, default_branch, branch_name, git) if options[:push]
-      ensure
-        git.repo.checkout_head(strategy: :force)
-        git.repo.checkout(default_branch)
-      end
-
-      def description_for(dependency)
-        <<~MARKDOWN
-          Bumps [#{dependency.name}](#)
-
-          <details>
-          <summary>Changelog</summary>
-          </details>
-
-          <details>
-          <summary>Commits</summary>
-          </details>
-
-          <br />
-
-          Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
-          ---
-
-          <details>
-          <summary>Dependabot commands and options</summary>
-          <br />
-
-          You can trigger Dependabot actions by commenting on this PR:
-          - `@dependabot rebase` will rebase this PR
-          - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
-          - `@dependabot merge` will merge this PR after your CI passes on it
-          - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
-          - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
-          - `@dependabot reopen` will reopen this PR if it is closed
-          - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
-          - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
-          - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
-          - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
-          </details>
-        MARKDOWN
-      end
-
-      def publish_pull_request_for(dependency, default_branch, branch_name, git)
-        git.push(remote: "origin", branch: branch_name)
-        Dependabot.octokit.create_pull_request(
-          GitHub.name_with_owner_from(git.repo.remotes["origin"].url),
-          default_branch,
-          branch_name,
-          "chore(deps): bump #{dependency}",
-          description_for(dependency)
-        )
+      def publish_update_for(dependency)
+        ::Dependabot.logger.debug("Updating #{dependency.name}…")
+        ::Dependabot::Publish.new(dependency).update!(push: options[:push])
       end
     end
   end
diff --git a/lib/dependabot/publish.rb b/lib/dependabot/publish.rb
new file mode 100644
index 0000000..a546402
--- /dev/null
+++ b/lib/dependabot/publish.rb
@@ -0,0 +1,85 @@
+# frozen_string_literal: true
+
+module Dependabot
+  class Publish
+    attr_reader :dependency
+
+    def initialize(dependency)
+      @dependency = dependency
+    end
+
+    def update!(push: false)
+      git_for(dependency, push: push) do |git|
+        ::Spandx::Core::Plugin.enhance(dependency)
+        Dependabot.logger.debug(git.patch) unless git.patch.empty?
+      end
+    end
+
+    private
+
+    def branch_name_for(dependency)
+      "dependanot/#{dependency.package_manager}/#{dependency.name}"
+    end
+
+    def git_for(dependency, branch_name: branch_name_for(dependency), push: false)
+      git = ::Dependabot::Git.new(dependency.path.parent)
+      default_branch = git.repo.head.name
+      git.checkout(branch: branch_name)
+      yield git
+      publish_pull_request_for(dependency, default_branch, branch_name, git, push) unless git.patch.empty?
+    ensure
+      git.repo.checkout_head(strategy: :force)
+      git.repo.checkout(default_branch)
+    end
+
+    def description_for(dependency)
+      <<~MARKDOWN
+        Bumps [#{dependency.name}](#)
+
+        <details>
+        <summary>Changelog</summary>
+        </details>
+
+        <details>
+        <summary>Commits</summary>
+        </details>
+
+        <br />
+
+        Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
+        ---
+
+        <details>
+        <summary>Dependabot commands and options</summary>
+        <br />
+
+        You can trigger Dependabot actions by commenting on this PR:
+        - `@dependabot rebase` will rebase this PR
+        - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
+        - `@dependabot merge` will merge this PR after your CI passes on it
+        - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
+        - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
+        - `@dependabot reopen` will reopen this PR if it is closed
+        - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
+        - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
+        - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
+        - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
+        </details>
+      MARKDOWN
+    end
+
+    def publish_pull_request_for(dependency, default_branch, branch_name, git, push)
+      git.commit(all: true, message: "chore: Update #{dependency.name}")
+      return unless push
+
+      git.push(remote: "origin", branch: branch_name)
+      Dependabot.octokit.create_pull_request(
+        GitHub.name_with_owner_from(git.repo.remotes["origin"].url),
+        default_branch,
+        branch_name,
+        "chore(deps): bump #{dependency}",
+        description_for(dependency)
+      )
+    end
+  end
+end
diff --git a/spec/fixtures/help-scan.expected b/spec/fixtures/help-scan.expected
index a6cabaf..5851ba6 100644
--- a/spec/fixtures/help-scan.expected
+++ b/spec/fixtures/help-scan.expected
@@ -1,4 +1,8 @@
 Usage:
-  dependabot scan [DIRECTORY]
+  dependabot scan [DIRECTORY | FILE]
 
-Scan a directory
+Options:
+  -p, [--push], [--no-push]            # Push the update as a pull request. Default: --no-push
+  -r, [--recursive], [--no-recursive]  # Perform a recursive. Default: --no-recursive
+
+Scan a directory or file for dependencies to update
author	mo khan <mo@mokhan.ca>	2021-12-20 16:24:42 -0700
committer	mo khan <mo@mokhan.ca>	2021-12-20 16:24:42 -0700
commit	045124ca82b01b4ef1e82f5f936ba922c8b18f4d (patch)
tree	0f14aad15186db2cfc7ad16ebd73c9e4b32400bd
parent	174c410913658c65123edfd691c756a707d6a31b (diff)