Dependabot seems not to be working properly with SETTINGS__CONFIG_BRANCH
Issue
Hello, I've been trying to test Dependabot, before I integrate it fully with my project. So, created test branch before and downloaded docker-compose.yml locally, changed the value of SETTINGS__CONFIG_BRANCH and followed the rest of the instructions.
I want to note that I have dependabot.yml (.gitlab/dependabot.yml) configuration file in my test branch, but not on my default branch (master).
When project registration job is executed I receive no errors, but my project is being registered with no config. (So in the end, no update jobs are scheduled.)
# GET /api/projects
{
"id": 54,
"name": "my/project",
"forked_from_id": null,
"forked_from_name": null,
"webhook_id": null,
"web_url": "my_project_url",
"config": null
}How to reproduce
- Create new project or delete existing one from dependabot
- Remove
.gitlab/dependabot.ymlfrom default branch (eg. master) - Create new branch and add
.gitlab/dependabot.ymlconfiguration - Set
SETTINGS__CONFIG_BRANCH = MY_NEW_TEST_BRANCH - Register project in dependabot
Investigation
Tried to investigate a little bit, and the issue seems to be coming from Dependabot::Projects::Creator.config
def config
@config ||= begin
return unless Gitlab::ConfigFile::Checker.call(project_name, default_branch) // We check if dependabot.yml file exists only in project.default_branch.
Config::Fetcher.call(project_name, update_cache: true) // This works as intended and takes configuration from configured branch
end
endI saw that adjustments were made in Correctly pass configuration when updating out of sync jobs MR, but I think you've forgotten to make adjustments in Dependabot::Projects::Creator.config.
For the people who are having this issue, if you add .gitlab/dependabot.yml in your master branch, even if empty, the issue will be resolved and Dependabot will fetch correct configuration.