Skip to content

Commit

Permalink
Address PR comments
Browse files Browse the repository at this point in the history
  • Loading branch information
be0x74a committed Apr 28, 2024
1 parent fdb2be1 commit ef18b6c
Show file tree
Hide file tree
Showing 4 changed files with 105 additions and 37 deletions.
74 changes: 44 additions & 30 deletions github/dependency_graph_snapshots.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,57 +10,61 @@ import (
"fmt"
)

// DependencyGraphSnapshotResolvedDependencyRelationship represents whether the dependency is requested directly by the manifest or is a dependency of another dependency.
// DependencyGraphSnapshotResolvedDependency represents a resolved dependency in a dependency graph snapshot.
//
// Can have the following values:
// - "direct": indicates that the dependency is requested directly by the manifest.
// - "indirect": indicates that the dependency is a dependency of another dependency.
type DependencyGraphSnapshotResolvedDependencyRelationship string

// DependencyGraphSnapshotResolvedDependencyScope represents whether the dependency is required for the primary build artifact or is only used for development.
//
// Can have the following values:
// - "runtime": indicates that the dependency is required for the primary build artifact.
// - "development": indicates that the dependency is only used for development.
type DependencyGraphSnapshotResolvedDependencyScope string

// DependencyGraphSnapshotCreationResult represents the snapshot creation result.
//
// Can have the following values:
// - "SUCCESS": indicates that the snapshot was successfully created and the repository's dependencies were updated.
// - "ACCEPTED": indicates that the snapshot was successfully created, but the repository's dependencies were not updated.
// - "INVALID": indicates that the snapshot was malformed.
type DependencyGraphSnapshotCreationResult string

// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
type DependencyGraphSnapshotResolvedDependency struct {
PackageURL *string `json:"package_url,omitempty"`
Relationship DependencyGraphSnapshotResolvedDependencyRelationship `json:"relationship,omitempty"`
Scope DependencyGraphSnapshotResolvedDependencyScope `json:"scope,omitempty"`
Dependencies []string `json:"dependencies,omitempty"`
PackageURL *string `json:"package_url,omitempty"`
// Represents whether the dependency is requested directly by the manifest or is a dependency of another dependency.
// Can have the following values:
// - "direct": indicates that the dependency is requested directly by the manifest.
// - "indirect": indicates that the dependency is a dependency of another dependency.
Relationship *string `json:"relationship,omitempty"`
// Represents whether the dependency is required for the primary build artifact or is only used for development.
// Can have the following values:
// - "runtime": indicates that the dependency is required for the primary build artifact.
// - "development": indicates that the dependency is only used for development.
Scope *string `json:"scope,omitempty"`
Dependencies []string `json:"dependencies,omitempty"`
}

// DependencyGraphSnapshotJob represents the job that created the snapshot.
//
// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
type DependencyGraphSnapshotJob struct {
Correlator *string `json:"correlator,omitempty"`
ID *string `json:"id,omitempty"`
HTMLURL *string `json:"html_url,omitempty"`
}

// DependencyGraphSnapshotDetector represents a description of the detector used.
//
// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
type DependencyGraphSnapshotDetector struct {
Name *string `json:"name,omitempty"`
Version *string `json:"version,omitempty"`
URL *string `json:"url,omitempty"`
}

// DependencyGraphSnapshotManifestFile represents the file declaring the repository's dependencies.
//
// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
type DependencyGraphSnapshotManifestFile struct {
SourceLocation *string `json:"source_location,omitempty"`
}

// DependencyGraphSnapshotManifest represents a collection of related dependencies declared in a file or representing a logical group of dependencies.
//
// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
type DependencyGraphSnapshotManifest struct {
Name *string `json:"name,omitempty"`
File *DependencyGraphSnapshotManifestFile `json:"file,omitempty"`
Resolved map[string]*DependencyGraphSnapshotResolvedDependency `json:"resolved,omitempty"`
}

// DependencyGraphSnapshot represent a snapshot of a repository's dependencies.
//
// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
type DependencyGraphSnapshot struct {
Version int `json:"version"`
Sha *string `json:"sha,omitempty"`
Expand All @@ -71,16 +75,26 @@ type DependencyGraphSnapshot struct {
Manifests map[string]*DependencyGraphSnapshotManifest `json:"manifests,omitempty"`
}

// DependencyGraphSnapshotCreationData represents the dependency snapshot's creation result.
//
// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
type DependencyGraphSnapshotCreationData struct {
ID int `json:"id"`
CreatedAt *Timestamp `json:"created_at"`
Message *string `json:"message"`
Result DependencyGraphSnapshotCreationResult `json:"result"`
ID int `json:"id"`
CreatedAt *Timestamp `json:"created_at"`
Message *string `json:"message"`
// Represents the snapshot creation result.
// Can have the following values:
// - "SUCCESS": indicates that the snapshot was successfully created and the repository's dependencies were updated.
// - "ACCEPTED": indicates that the snapshot was successfully created, but the repository's dependencies were not updated.
// - "INVALID": indicates that the snapshot was malformed.
Result *string `json:"result"`
}

// CreateSnapshot creates a new snapshot of a repository's dependencies.
//
// GitHub API docs: https://docs.github.com/en/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
// GitHub API docs: https://docs.github.com/rest/dependency-graph/dependency-submission#create-a-snapshot-of-dependencies-for-a-repository
//
//meta:operation POST /repos/{owner}/{repo}/dependency-graph/snapshots
func (s *DependencyGraphService) CreateSnapshot(ctx context.Context, owner, repo string, dependencyGraphSnapshot *DependencyGraphSnapshot) (*DependencyGraphSnapshotCreationData, *Response, error) {
url := fmt.Sprintf("repos/%v/%v/dependency-graph/snapshots", owner, repo)

Expand Down
14 changes: 7 additions & 7 deletions github/dependency_graph_snapshots_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,20 +48,20 @@ func TestDependencyGraphService_CreateSnapshot(t *testing.T) {
Resolved: map[string]*DependencyGraphSnapshotResolvedDependency{
"@actions/core": {
PackageURL: String("pkg:/npm/%40actions/core@1.1.9"),
Relationship: "direct",
Scope: "runtime",
Relationship: String("direct"),
Scope: String("runtime"),
Dependencies: []string{"@actions/http-client"},
},
"@actions/http-client": {
PackageURL: String("pkg:/npm/%40actions/http-client@1.0.7"),
Relationship: "indirect",
Scope: "runtime",
Relationship: String("indirect"),
Scope: String("runtime"),
Dependencies: []string{"tunnel"},
},
"tunnel": {
PackageURL: String("pkg:/npm/tunnel@0.0.6"),
Relationship: "indirect",
Scope: "runtime",
Relationship: String("indirect"),
Scope: String("runtime"),
},
},
},
Expand All @@ -77,7 +77,7 @@ func TestDependencyGraphService_CreateSnapshot(t *testing.T) {
ID: 12345,
CreatedAt: &Timestamp{time.Date(2022, time.June, 14, 20, 25, 01, 0, time.UTC)},
Message: String("Dependency results for the repo have been successfully updated."),
Result: "SUCCESS",
Result: String("SUCCESS"),
}
if !cmp.Equal(snapshotCreationData, want) {
t.Errorf("DependencyGraph.CreateSnapshot returned %+v, want %+v", snapshotCreationData, want)
Expand Down
24 changes: 24 additions & 0 deletions github/github-accessors.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

30 changes: 30 additions & 0 deletions github/github-accessors_test.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit ef18b6c

Please sign in to comment.